Search Results

Search found 28603 results on 1145 pages for 'active users'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 5/1145 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Windows Share authentication from Active Directory Linux login

    - by Kenny
    I'm using Active Directory to log into RHEL. To do this, I followed the steps outlined here: http://www.markwilson.co.uk/blog/2007/05/using-active-directory-to-authenticate-users-on-a-linux-computer.htm I'd like to be able to read data from Windows Servers shared folders without being prompted for a password. On Windows I log into an AD domain, and when I access windows file shares on a server on the LAN (also part of the AD domain) my I can just access them with no authentication step. I've used SMBclient on Linux to access these shares, but it asks for my password. I would like to be able to script access to the data on the shares, but I can't if there's a password prompt in the way. Well, I could, but it's not how I want to do it. Now, since I'm logged in using my active directory username & password, can't I just access the shares without jumping that extra hoop? I know I can mount the share using something like: //192.168.0.5/share /mnt/windows cifs auto,username=steve,password=secret,rw 0 0 but access will depend who is logged in... each user logging in should have their own unique AD access privelages. Thanks for reading!

    Read the article

  • Windows Share authentication from Active Directory Linux login

    - by Kenny
    Hi, I'm using Active Directory to log into RHEL. To do this, I followed the steps outlined here: http://www.markwilson.co.uk/blog/2007/05/using-active-directory-to-authenticate-users-on-a-linux-computer.htm I'd like to be able to read data from Windows Servers shared folders without being prompted for a password. On Windows I log into an AD domain, and when I access windows file shares on a server on the LAN (also part of the AD domain) my I can just access them with no authentication step. I've used SMBclient on Linux to access these shares, but it asks for my password. I would like to be able to script access to the data on the shares, but I can't if there's a password prompt in the way. Well, I could, but it's not how I want to do it. Now, since I'm logged in using my active directory username & password, can't I just access the shares without jumping that extra hoop? I know I can mount the share using something like: //192.168.0.5/share /mnt/windows cifs auto,username=steve,password=secret,rw 0 0 but access will depend who is logged in... each user logging in should have their own unique AD access privelages. Thanks for reading!

    Read the article

  • Allowing XP Home Clients To Access Active Directory Printers

    - by Sean M
    My school's network is based on Active Directory on Windows Server 2003 servers. Most of the computers in the school are members of the domain. However, we also acquired a passel of netbooks that are running Windows XP Home (as netbooks tend to), and we're trying to make those useful. The netbooks are made available to students by check-out, so none of them are dedicated to a specific user. I only want to allow the netbooks to do two significant network activities: to access the Internet (this is working acceptably well so far), and to print to one or more printers on the network. That second one is where trouble starts. I'm trying to find a way to allow the XP Home clients to access those Active Directory printers. All the solutions that I can come up with right now are expensive, ugly, or both - for example, changing the OS on the netbooks (even with imaging, that would take a lot of my time) or making sure that the user account on each netbook has a matching account in Active Directory with permissions for printing (invites security/maintainability disaster). Are there any elegant solutions? Failing that, what's the best ugly solution for allowing my students to print from the netbooks?

    Read the article

  • Sudoers file allow sudo on specific file for active directory group

    - by tubaguy50035
    I have active directory sign in working on an Ubuntu 12.04 box. When the user signs in, I have a script that runs that needs sudo permission (since it modifies the samba config file). How would I specify this in my sudoer's file? I've tried: %DOMAIN\\AD+Programmers ALL=NOPASSWD: /usr/local/bin/createSambaShare.php I've found various resources on the internet stating that this is how it would be done, but I'm not sure that I have the first part right. What are they using as the DOMAIN? The workgroup or the realm? I use Samba + winbind for active directory integration. Here's my smb.conf: [global] security = ads netbios name = hostname realm = COMPANYNAME.COM password server = passwordserver workgroup = COMPANYNAME idmap uid = 1000-10000 idmap gid = 1000-10000 winbind separator = + winbind enum users = no winbind enum groups = no winbind use default domain = yes template homedir = /home/%D/%U template shell = /bin/bash client use spnego = yes domain master = no EDIT: The users that should have access to run that script are all part of the Programmers group which has an Active Directory Domain Services Folder of Company.com/Staff/Security Groups (not sure if that matters or not).

    Read the article

  • Extracting information from active directory

    - by Nop at NaDa
    I work in the IT support department of a branch of a huge company. I have to take care of a database with all the users, computers, etc. I'm trying to find a way to automatically update the database as much as possible, but the IT infrastructure guys doesn't give me enough privileges to use Active Directory in order to dump the users, nor they have the time to give me the information that I need. Some days ago I found Active Directory explorer from Sysinternals that allows me to browse through Active Directory, and I found all the information that I need there (username, real name, date when it was created, privileges, company, etc.). Unfortunately I'm unable to export the data to a human readable format. I'm just able to take a snapshot of the whole database in a machine-readable format. Doing the snapshot takes hours and I'm afraid that the infrastructure guys won't like me doing entire snapshots on a regular basis. Do you know of any tool (command-line is preferable) that would allow me to retrieve the values of the keys or export it to XML, CSV, etc?

    Read the article

  • Dumping active directory

    - by Nop at NaDa
    I work in the IT support department of a branch of a huge company. I have to take care of a database with all the users, computers, etc. I'm trying to find a way to automatically update the database as much as possible, but the IT infrastructure guys doesn't give me enough privileges to use Active Directory in order to dump the users, nor they have the time to give me the information that I need. Some days ago I found Active Directory explorer from Sysinternals that allows me to browse through Active Directory, and I found all the information that I need there (username, real name, date when it was created, privileges, company, etc.). Unfortunately I'm unable to export the data to a human readable format. I'm just able to take a snapshot of the whole database in a machine-readable format. Doing the snapshot takes hours and I'm afraid that the infrastructure guys won't like me doing entire snapshots on a regular basis. Do you know of any tool (command-line is preferable) that would allow me to retrieve the values of the keys or export it to XML, CSV, etc?

    Read the article

  • Profiles and using the local profile for a domain user

    - by Harry
    I’m having some trouble with profiles and would like to reach out for some help. I’ve tried to do some research to help myself along, but I’m not making much progress on my own. I’ve pretty much taken over the sys admin duties for my small lab, I don’t have much experience to justify it besides I’m the only with the time and dedication to go at it (The environment was in a state of disrepair). My network and domain I look over are extremely small by most standards, about 10 users at a time. They are pretty intensive activity on the network, and we do work with fairly large files. None of the network is online, which is nice at the moment because it allows me not to have another headache. On to my profile problem, I have set up roaming profiles for the users in the network. Now after a little research, I think I will be switching this to a hybrid of folder redirection and roaming profiles as this seems to best practice. I also don’t want the users having to wait for a long time if they have a bloated profile. Now I’ve finally got a build working using MDT. We have Mac Pros, and it wasn’t fun getting everything to play nice. The way I did this was by setting up a reference computer and installing all the software and tools that each user would need and editing the settings preferences to how we would need them. I think used MDT to do a sys prep and capture to create the image of my reference computer. Using the reference image I can push out my images to the rest of the desktops in my environment. The issue I’m having is when we join the computer to domain. The user can login and operate fine on the computer, but I’d like a more. When the user is logged on with their domain user name they lose a lot of the icons I had on my reference image, as well as the desktop background and some other miscellaneous settings. I would love to have the user log on using their domain user name and see the icons and desktop environment as I had it setup on the reference computer. I’m not sure if it is possible, or something simple that I’m missing, but any help would be greatly appreciated!

    Read the article

  • SVN Authentication with LDAP and Active Directory

    - by Alex Holsgrove
    I am having a few problems getting SVN authentication to work with LDAP / Active Directory. My SVN installation works fine, but after enabling LDAP in my apache vhost, I just can't get my users to authenticate. I can use a selection of LDAP browsers to successfully connect to Active Directory, but just can't seem to get this to work. SVN is setup in /var/local/svn Server is svn.domain.local For testing, my repository is /var/local/svn/test My vhost file is as follows: <VirtualHost *:80> ServerAdmin [email protected] ServerAlias svn.domain.local ServerName svn.domain.local DocumentRoot /var/www/svn/ <Location /test> DAV svn #SVNListParentPath On SVNPath /var/local/svn/test AuthzSVNAccessFile /var/local/svn/svnaccess AuthzLDAPAuthoritative off AuthType Basic AuthName "SVN Server" AuthBasicProvider ldap AuthLDAPBindDN "CN=adminuser,OU=SBSAdmin Users,OU=Users,OU=MyBusiness,DC=domain,DC=local" AuthLDAPBindPassword "admin password" AuthLDAPURL "ldap://192.168.1.6:389/OU=SBSUsers,OU=Users,OU=MyBusiness,DC=domain,DC=local?sAMAccountName?sub?(objectClass=*)" Require valid-user </Location> CustomLog /var/log/apache2/svn/access.log combined ErrorLog /var/log/apache2/svn/error.log </VirtualHost> In my error.log, I don't seem to get any bind errors (should I be looking elsewhere?), but just the following: [Thu Jun 21 09:51:38 2012] [error] [client 192.168.1.142] user alex: authentication failure for "/test/": Password Mismatch, referer: http://svn.domain.local/test/ At the end of "AuthLDAPURL", I have seen people using TLS and NONE but neither seem to help in my case. I have the ldap modules loaded and have checked as much as I know, so any help would be most welcome. Thanks

    Read the article

  • What are problems and pitfalls with a public facing Active Directory

    - by Ralph Shillington
    The situation that i'm faced with is this: We plan on using a number of server applications hosted on Amazon EC2 machines, mainly Microsoft Team Foundation Server. These services rely heavily on Active Directory. Since our servers are in the Amazon cloud it should go without saying (but I will) that all our users are remote. It seems that we can't setup VPN on our EC2 instance -- so the users will have to join the domain, directly over the internet then they'll be able to authenticate and once authenticated, use that token for accessing resources such as TFS. on the DC instance, I can shut down all ports, except those needed for joining/authenicating to the domain. I can also filter the IP on that machine to just those address that we are expecting our users to be at (it's a small group) On the web based application servers, I imagine all we need to open is port 80 (or 8080 in the case of TFS) One of the problems that I'm faced with is what domain name to use for this Active directory. Should I go with "ourDomainName.com" or "OurDomainName.local" If I choose the latter, does that not mean that I'll have to get all our users to change their DNS address to point to our server, so it can resolve the domain name (I guess I could also distribute a host file) Perhaps there is another alternative that I'm completely missing.

    Read the article

  • Capture the active window to jpg using C# ?

    - by user29004
    Hello, I am creating a Windows Application that capture the all users session details. I want to track that how many users are connected with my machine using RDP session. Want to log all their activity with screen shot. So I would like to know how can I capture the active screen. I tried 'RUNAS' but its show me current screen shot where I run. I am able to use user's application data but not get Actual screen. I also tried LogonUser, CreateProcessAsUser but not getting actual point. So please let me know how can I do it ? I used 'cassia' google library to list all the current logged user. Thanks Laxmilal

    Read the article

  • Active Directory - Lightweight Directory Services and Domain Password Policy

    - by Craig Beuker
    Greetings all, We have an active directory domain which enforces a strict password policy. Hooray! Now, for the project we are working on, we are going to be storing users of our website Microsoft's AD-LDS service as well as using that for authentication of our web users. By default, it is my understanding that AD-LDS inherits its password policy from the domain of the machine it's installed on. Is there any way to break that link such that we can define a lighter password policy (or none if we so choose) for users in AD-LDS without affecting our domain? Note: AD-LDS is going to be hosted on a machine which is part of the domain. Thanks in advance.

    Read the article

  • Plone Active Directory group filter

    - by Jason Weber
    I am currently trying to configure the Plone LDAP plugin for Active directory. Thus far all is good and I’m getting users and groups through. The usage is for Cyn.In However the problem I’m facing is thus: The users search has the ability to filter, which is great. I can use the memberOf or department filter to just grab the users I want. However all our groups simply live in one OU, which means I’m getting over 30 pages of groups of which 99% are just not necessary. Sadly I don’t have control over our AD, so can’t just shift the ones I want into their own OU. Is there any way you can think of to also filter groups based on some kind of LDAP criteria?

    Read the article

  • Share folder with active directory group permissions

    - by Hihui
    I have a Debian as a member of our AD (which is a 2k3). I want to share 2 folders from our Debian. 1 with full access for everyone, the second only readable by group "ADM", and "PROD". Part of smb.conf: [global] workgroup = MYDOMAIN realm = MYDOMAIN.LOCAL netbios name = SERV-FTP wins server = "IP serv 2k3" security = domain [JUKEBOX] // full access path = /media/JUKEBOX/JUKEBOX comment = sharing writable = yes browsable = yes public = yes read only = no valid users = @ASYLUM\prod_std admin users = @ASYLUM\ADM [SOFTWARE] comment = Software path = /media/JUKEBOX/SOFTWARE valid users = @ASYLUM\prod_adv, @ASYLUM\ADM writable = yes read only = no My log : [2013/10/25 09:24:37.316643, 0] smbd/service.c:1055(make_connection_snum) canonicalize_connect_path failed for service SOFTWARE, path /media/JUKEBOX/SOFTWARE And, from my Windows's client, if i want to access on that folder : Windows can't access to \serv-ftp\software Where is the problem ... ? Thx !

    Read the article

  • SquidGuard and Active Directory groups

    - by Massimo
    I'm configuring a Linux proxy with Squid and SquidGuard to filter Internet traffic. I know how to authenticate users against Active Directory in Squid, and then how to filter access for users using SquidGuard. The question: how to use Active Directory groups in SquidGuard instead of plain user names? My goal is to be able to configure rules like "members of this group can go anywhere" or "members of this group can only visit certain sites". I know SquidGuard can't manage group membership directly, but it can do LDAP searches on its own; but the syntax to look up wheter a user is member of a given group seems to be quite cryptic, and I couldn't find any good documentation around.

    Read the article

  • Determine which active directory object is referred to by GUID in a Directory Synchronization Error Report

    - by Michael Shimmins
    We have active directory syncronization setup between our on-premises AD server and Microsoft hosted Exchange (business productivity online services). I've started getting a daily error report, which details an error for a specific AD user, however it references it by GUID. I can't find any info on how to translate that object guid into something meaningful so I can find and fix the problem. The error is reported as: Error 005: Unable to set the alias for this object in Microsoft Online Services because either the primary SMTP address, the e-mail nickname, or the SAM account name in the local Active Directory contains an invalid character. in reference to the Object GUID: CN={8443cbb4-5199-49f0-9529-ce965430dca6} How can I translate that object guid into a friendly object name?

    Read the article

  • Dynamic group membership to work around no nested security group support for Active Directory

    - by Bernie White
    My problem is that I have a number of network administration applications like SAN switches that do not support nested groups from Active Directory Domain Services (AD DS). These legacy administration applications use either LDAP or LDAPS. I am fairly sure I can use Active Directory Lightweight Directory Services (AD LDS) and possibly Windows Authorization Manager to work around this issue; however I am not really sure where to start. I want to end up with: A single group that can be queried over LDAP/LDAPS for all it’s direct members LDAP proxy for user name and password credentials to AD DS Easy way to admin the group, ideally the group would aggregate the nested membership in AD DS. a native solution using freely available components from the Windows stack. If you have any suggestions or solutions that you have previously used to solve this issue please let me know.

    Read the article

  • Active Desktop cannot be restored on Win XP

    - by Phil.Wheeler
    This is more of a major annoyance than anything that's stopping me from doing my work, but I somehow seem to have had Active Desktop on my work XP machine get corrupted and now can't get it back working again. I've tried browsing to C:\Documents and Settings\%my-user-name%\Application Data\Microsoft\Internet Explorer and changing, deleting or replacing the Desktop.htt file, but it's not achieving anything. The error I was previously getting when trying to click the "Restore my active desktop" button was: Internet Explorer Script Error An error has occurred in the script on this page. Line: 65 Char: 1 Error: Object doesn't support this action Code: 0 URL: file://C:/Documents%20and%20Settings//Application %20Data/Microsoft/Internet%20Explorer/Desktop.htt Any ideas?

    Read the article

  • Can DPM 2007 back up Active Directory?

    - by rbeier
    We're installing Microsoft Data Protection Manager 2007 - we'll be using it to back up Exchange and SQL Server among other things. Does anyone know if DPM can also back up Active Directory? It sounds like the answer is "not really". You can install the DPM agent on a domain controller and make system state backups. But if your Active Directory is out of commission, there will be no way to restore the backups, since DPM depends on AD. Currently we're just using Windows Backup (ntbackup) to take system state backups on one of the DCs. Should we just continue with that? Thanks, Richard

    Read the article

  • Windows Server 2008 R2 Software Deployment on Active Directory - Schema Issue

    - by weedave
    We have two servers, one running Windows Server 2003 SP2 and one running Windows Server 2008 R2. Both servers have their own versions of Group Policy Management (1.0.2 on 2003 and 6.0.0.1 on 2008). We are wanting to migrate everything over to the newer 2008 server, including software deployment. However, when I try to add a new software package using a .msi file, I get the following error: "The schema for the software installation data in the Active Directory does not match the required schema." I have tried two separate software packages and get the same error on the 2008 server. However, when I do the same on the 2003 server, it adds the software package without any problems. The .msi files I am using are up-to-date - one is the most recent version of Google Chrome. Is this problem caused by the different versions of the OS, or the Group Policy Management program? How do we "upgrade" our Active Directory to allow software deployment on the 2008 server? Thanks.

    Read the article

  • Active Directory Partition Error

    - by BLAKE
    Right now my active directory is failing a dcdiag test. I can find no info online about this error. When I run dcdiag /test:crossrefvalidation, I get the output: .... Doing primary tests Testing server: Default-First-Site-Name\ad01 Running partition tests on : ForestDnsZones Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Running partition tests on : DomainDnsZones Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Running partition tests on : Schema Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Running partition tests on : Configuration Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Running partition tests on : mydomain Starting test: CrossRefValidation ......................... mydomain passed test CrossRefValidation Running partition tests on : t Starting test: CrossRefValidation This cross-ref has a non-standard dNSRoot attribute. Cross-ref DN: CN=a3a24d3a-4782-460b-9148-86ac2d86b9ae,CN=Partitions,CN=Configuration, DC=mydomain,DC=com nCName attribute (Partition name): DC=t Bad dNSRoot attribute: dc01.mydomain.com Check with your network administrator to make sure this dNSRoot attribute is correct, and if not please change the attribute to the value below. dNSRoot should be: t It appears this partition (DC=t) failed to get completely created. This cross-ref (CN=a3a24d3a-4782-460b-9148-86ac2d86b9ae,CN=Partitions,CN=Configurat ion,DC=mydomain,DC=com) is dead and should be removed from the Active Directory. ......................... t failed test CrossRefValidation .... I used LDP from the windows support tools. I searched for the dnsRoot attribute in "cn=partitions,cn=configuration,dc=mydomain,dc=com", with the filter "(&(objectcategory=crossref)(systemFlags:1.2.840.113556.1.4.803:=5))" I got the result: ***Searching... ldap_search_s(ld, "cn=partitions,CN=Configuration,DC=mydomain,DC=com", 1, "(& (objectcategory=crossref)(systemFlags:1.2.840.113556.1.4.803:=5))", attrList, 0, &msg) Result <0>: (null) Matched DNs: Getting 3 entries: >> Dn: CN=65502be3-fc90-442a-83d8-4b3b91e82439,CN=Partitions,CN=Configuration,DC=mydomain,DC=com 1> dnsRoot: ForestDnsZones.mydomain.com; >> Dn: CN=a3a24d3a-4782-460b-9148-86ac2d86b9ae,CN=Partitions,CN=Configuration,DC=mydomain,DC=com 1> dnsRoot: ad01.mydomain.com; >> Dn: CN=f0ef5771-6225-4984-acd9-c08f582eb4e2,CN=Partitions,CN=Configuration,DC=mydomain,DC=com 1> dnsRoot: DomainDnsZones.mydomain.com; It looks like the bad partition has the name of my first domain controller 'ad01.mydomain.com'. I have googled for a while and have not been able to find any help or documentation about application partitions in Active Directory. Does anyone have any advice on how to cleanup this partition (or what the partition is for)? Does anyone know the repercussions for deleting this partition?

    Read the article

  • RPC Server Unavailable When Trying to Join W2003 Server to W2003 Active Directory Domain

    - by Roel Vlemmings
    I have an Active Directory Domain with a Windows 2003 Standard SP2 Server as the DC. When trying to join an additional Windows 2003 Standard SP2 server to the domain I get message "The following error occurred attempting to join the domain 'My Domain'. The RPC Server is unavailable. The computer is actually added to the Active Directory Computers. I can even right-click and Manage it. I can access file shares from the DC on the other server and vice versa. I can ping the DC from this server and ping the server from the DC using the computer name. The time on both server is the same more or less to the second. RPC service is running on both servers. I can join other computers to the domain and there are no other issues with the domain. Windows Firewall disabled on both computers. NetSetup.LOG shows: NetpSetNetloginDomainCache: DSEnumerateDomainTrustsW failed 0x6ba I looked up this WIN32 Error Code: It is RPC_S_SERVER_UNAVAILABLE.

    Read the article

  • Password expiration notice for Active Directory

    - by keithosu
    Are there any tools/apps/scripts out there that will do password expiry notification for Windows 2008 Active Directory credentials? This is needed for our web apps that use Active Directory for LDAP authentication. The problem is those apps do not notify you that your password is going to expire when you login. We have many offsite users who do not have machines bound to the AD. So there is no way to let them know to reset their password. I'd like the user to be notified 30,7 and 1 day before it expires. I'd also like our help desk to get an email for the expiring passwords for the week and recently expired passwords. I've looked at oldcmp.exe from link text and that gets me my reports but it does not do the automation that I'm looking for on the individual users.

    Read the article

  • Active Directory Problem

    - by Ankur Dholakiya
    Hello All, I have one server 2008 installed with AD, SQL and IIS. Now I am trying to attach different HDD on this server only. I am able to install windows server 2008 r2 64bit on the server, but when I try to install the ActiveDirectory on the server the setup doesn't get completed and keep processing at following level. "Configuring Active directory and local host domains ......." If I attach same HDD on any other PC Active directory setups completes successfully. My server is Xeon quad core with 8GB of RAM. Can any one help the appropriate solution for this?

    Read the article

  • Solution to time shifting requirement in Active Directory

    - by MikeR
    Hi, I currently have an active directory that has several child domains (consisting of nothing other than a DC and bespoke application servers) set-up for testing our CRM software, as some of it is date/time sensitive these have been set to dates in the future at some point in the past, which is causing replication errors. I'm working on getting rid of these child domains, but still have a requirement for our testers to be able to time shift. Does anyone know of any solutions that would allow our test environments to have their time changed (always forward), without affecting the production active directory? Is it as simple as creating a separate Forest on the same LAN or would that interfere with my production Forest? Thanks for any advice.

    Read the article

  • Network Path not found while joining Active Directory

    - by Chiggins
    So I have an Amazon EC2 box running Windows Server 2008 with Active Directory installed on it. I also have a Windows 7 virtual machine, which is set to use the Active Directory box as its DNS and WINS server. I'm trying to join the virtual machine to the domain, and I'm asked for authentication. I give authentication, wait a minute, and I get an error saying: The following error occurred attempting to join the domain "ad.chigs.me": The network path was not found. How can I fix this so that I'll be able to join the domain?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >