Search Results

Search found 14099 results on 564 pages for 'group policy preferences'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 51/564 | < Previous Page | 47 48 49 50 51 52 53 54 55 56 57 58  | Next Page >

  • How to secure a group of Amazon EC2 instances

    - by ks78
    I have several Amazon EC2 instances running Ubuntu 10.04 and I've recently started using Amazon's Route 53 as my DNS. The purpose of doing that was to allow the instances to refer to each other by name rather than private IP (which can change). I've pointed my domain name (via GoDaddy) to Amazon's name servers, allowing me to access my EC2 webservers. However, I noticed I can now access the EC2 instances which I don't want to be public, such as the dedicated MySQL Server. I was thinking Amazon's Security Groups would still be in effect when using Route 53, but that doesn't seem to be the case. Before I started using Route 53, I was thinking of having one instance run a reverse proxy, which would help protect the web servers behind it. Then IP-restrict all the other instances. I know IP restricting can be done using the firewall within each instance, but should I ever need to access them from another IP address, I'd need a way in. Amazon's control panel made it a breeze to open a port when necessary. Does anyone have any suggestions for keeping EC2 instances secure, but also accessible to their administrator? Also, what's the best topology for a group of EC2 instances, consisting of web servers and a dedicated database server, from a security perspective? Does having a reverse proxy server even make sense?

    Read the article

  • Limit access on Apache 2.4 to ldap group

    - by jakobbg
    I've upgraded from Ubuntu 12.04 LTS to 14.04 LTS, and suddenly, my Apache 2.4 (previous: Apache 2.2) now lets everybody in to my virtual host, which is unfortunate :-). What am I doing wrong? Anything with the Order/Allow lines? Any help is greatly appreciated! Here's my current config; <VirtualHost *:443> DavLockDB /etc/apache2/var/DavLock ServerAdmin [email protected] ServerName foo.mydomain.com DocumentRoot /srv/www/foo Include ssl-vhosts.conf <Directory /srv/www/foo> Order allow,deny Allow from all Dav On Options FollowSymLinks Indexes AllowOverride None AuthBasicProvider ldap AuthType Basic AuthName "Domain foo" AuthLDAPURL "ldap://localhost:389/dc=mydomain,dc=com?uid" NONE AuthLDAPBindDN "cn=searchUser, dc=mydomain, dc=com" AuthLDAPBindPassword "ThisIsThePwd" require ldap-group cn=users,dc=mydomain,dc=com <FilesMatch '^\.[Dd][Ss]_[Ss]'> Order allow,deny Deny from all </FilesMatch> <FilesMatch '\.[Dd][Bb]'> Order allow,deny Deny from all </FilesMatch> </Directory> ErrorLog /var/log/apache2/error-foo.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /var/log/apache2/access-foo.log combined </VirtualHost>

    Read the article

  • On Windows how can I prevent login until a software package has been installed?

    - by Phil Hannent
    I have an MSI which is configured for machine level installation because it is a device driver. I can deploy it via Active Directory and Group Policy just fine. However on a newly booted machine a user can login before the installation has a chance to complete and I get an warning in the event log saying it couldn't complete and will be tried at next reboot. How can I make the login screen wait for the installation to be completed?

    Read the article

  • Wireless Password

    - by Campo
    I have a security policy question: I want to know how other admins handle the WIFI password in the office. Does everyone know it? Do you enter it in for the user or guest every time and keep it a secret. I am in camp 2. Just want to know what others do and their reasoning behind it.

    Read the article

  • What are the side-effects of disabling the old Lan Manager hash?

    - by Bigbio2002
    All of the computers in our domain are running Windows XP/Server 2003 and above (with one exception, a Win2Ksp4 server, which is not a domain controller). I intend to disable the LM hashes via group policy as indicated in KB299656, and want to ensure that there won't be any unforseen problems or side-effects. Does anyone have experience with performing this change? Are there any caveats that I should keep in mind?

    Read the article

  • GPO Software Uninstall Not Taking Place

    - by burmat
    I am having some trouble with my software GPO's and can't seem to find any answers using Google. I successfully deployed software using my policy but when I delete another, the uninstallation of the software does not take place. What I did: Deployed software using a GPO, used gpupdate /force on the workstation to update, reboot, and install the software Deleted another software installation by: Right-Click All Tasks Remove 'Immediately uninstall the software from users and computers' From there, I did another gpupdate /force to try and get the GPO to refresh and uninstall the software on the workstation. This did not work. I then forced replication between my domain controllers and ran another gpupdate /force on the workstation and this did not uninstall the software. There are not error logs or indications that the uninstall is being triggered when I go into the event viewer, and I know for a fact that the policy is working in other aspects. So my questions is: Where do I look next to find the answer as to why GPO software deployments are working but un-installations are not, based off of what I have already tried? Thank you in advance. UPDATE: After using gpresult /z, there is no indication of a pending un-installation or removal of software. Under the section entitled "Software Installations", the software I am trying to uninstall is not listed. There is no other indication that the software I am trying to uninstall even exists. I also turned on RSoP logging and did (yet another) gpupdate /force to yield no blatant results. There is no indication that an uninstall event was even triggered, let alone incapability or failure. Although I am sure I marked it to uninstall in case of two events (the falling out of the scope of management, as well as the removal of the entry), I am beginning to think the entry just never triggered something that should have been triggered. UPDATE #2: After troubleshooting this (frustrating) application assignment, I have chalked it up as a fluke. I have tested with other software to make sure that the uninstall of other application assignments is actually working, so I am assuming it is something related to the package directly. There is the possibility that my problem resides in something related to what @joeqwerty linked in a comment below but because I can't go back in time, I don't think I will be able to prove it. I will probably be running a script via another GPO to guarantee the un-installation of left over package installs. For now, Evan Anderson is getting the answer because of the debugging information I was able to put to good use. Thank you to everyone that helped contribute so far!

    Read the article

  • What Are Some Good Open Source Alternatives to Active Directory?

    - by Laz
    I'm looking for a good open-source alternative to active directory that can handle: Authorization/Authentication Group Policy Replication and Trust Monitoring In addition, are there any consolidated systems out there that handle these responsibilities? Edit: Since a lot have asked for more details, I am trying to offer a service setting up an infrastructure for organizations, hardware/software setups, right now I am looking at a Linux stack, both desktops and servers, however a hybrid stack is possible, and I am investigating alternatives.

    Read the article

  • Show Mail Control Panel item from Outlook 2010 (32-bit)on Windows 2008R2 Terminal Server

    - by Mischa
    Hi I try to show the Mail Control Panel item in Windows 2008 R2. I only type the Name "Mail" in to the "Show only specified Contol Panel items Properties" in the Group Policy. In Windows 2008 R2 that doesn't work and theres no item in the Control Panel to configure Outlook 2010 Profiles. I already tried with: Mail and Mail(32-bit). I didn't find the suitable entry on on the side: http://msdn.microsoft.com/en-us/library/ee330741%28VS.85%29.aspx# Kind regards Mischa

    Read the article

  • Security Restrictions Downloading From the Internet

    - by Cyper
    Hi, For some reason since we rolled out IE7 to the estate users are unable to download from the Internet, they get an error message "the operation could not be completed due to restrictions on the computer" I have checked the GPO and it allows downloads in the Default domain policy. I am I missing something in GPO or is this problem with IE7. Any help would be much appreciated. Cheers

    Read the article

  • How to map network shares at login on server 2003

    - by brennanag
    I am trying to map a couple network shares for anyone who logs in to the domain under their AD credentials. I had this setup before, and now I can't get it to work at all... so frustrating. I'm trying putting the logon script under the user's profile, putting the logon script under the Group Policy Object logon script section. Please help, none of the network shares are being mounted.

    Read the article

  • GPO result test

    - by George
    Running gpresult,from computer policy we are getting computer components access denied. We try : nslookup %USERDNSDOMAIN% net view %USERDNSDOMAIN% cd \%USERDNSDOMAIN%\SYSVOL\%USERDNSDOMAIN%\ and check file permissions in folders: Policies and scripts delete registry key: reg delete HKLM\SOFTWARE\Policies /f reg delete HKCU\Software\Policies /f delete folder: RD /S /Q %windir%\System32\GroupPolicy

    Read the article

  • MSI Arguments for installation

    - by Alex Zmaczynski
    Does anyone know where to find various arguments for msi's, such as installing/running as administrator, or restart after installation. I am trying to push out an msi update through group policy, but after testing the msi I found out that it needs to be run as administrator to install, and that for it to begin working fully the computer needs to be rebooted. Any help would be greatly appreciated. Thank you.

    Read the article

  • Published software not displayed in Add/Remove Programs

    - by vikramsjn
    I just followed How to use Group Policy to remotely install software in Windows Server 2003 to try publishing a software (MSI file). I could follow all the steps, but the supposedly successfully published software does not appear on client/user machine's Add/Remove Programs. Could some help figure why this may not be working. Update: On reading this question on Experts-Exchange, tried gpresults. Output extract follows: COMPUTER SETTINGS The following GPOs were not applied because they were filtered out XADistribution Filtering: Denied (Security) Default Domain Policy Filtering: Denied (Security)

    Read the article

  • admin right to IIS7 for user using group policy or script?

    - by Mit Naik
    I want to provide administrator rights to user account under windows 7 just for IIS7 and user shouldn't be able to manage any other application. I have create group policy rules using applocker for windows7 where user can manage all the installed application, but it doesn't works for IIS7 as it need admin rights. Can we do this using group policy or by adding scripts under group policy for users. Also any vbscript which can provide admin rights to IIS7 for a particular user will do.

    Read the article

  • Volume group disappeared, LVs still available

    - by Ben
    I've run into an issue with my KVM host which runs VMs on a LVM volume. As of last night the logical volumes are no longer seen as such (I can't create snapshots of them even though I have been for months now). Running any scans all result in nothing being found: [root@apollo ~]# pvscan No matching physical volumes found [root@apollo ~]# vgscan Reading all physical volumes. This may take a while... No volume groups found root@apollo ~]# lvscan No volume groups found If I try restoring the VG conf backup from /etc/lvm/backups/vg0 I get the following error: [root@apollo ~]# vgcfgrestore -f /etc/lvm/backup/vg0 vg0 Couldn't find device with uuid 20zG25-H8MU-UQPf-u0hD-NftW-ngsC-mG63dt. Cannot restore Volume Group vg0 with 1 PVs marked as missing. Restore failed. /etc/lvm/backups/vg0 has the following for the physical volume: physical_volumes { pv0 { id = "20zG25-H8MU-UQPf-u0hD-NftW-ngsC-mG63dt" device = "/dev/sda5" # Hint only status = ["ALLOCATABLE"] flags = [] dev_size = 4292870143 # 1.99902 Terabytes pe_start = 384 pe_count = 524031 # 1.99902 Terabytes } } fdisk -l /dev/sda shows the following: [root@apollo ~]# fdisk -l /dev/sda Disk /dev/sda: 6000.1 GB, 6000069312512 bytes 64 heads, 32 sectors/track, 5722112 cylinders Units = cylinders of 2048 * 512 = 1048576 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x000188b7 Device Boot Start End Blocks Id System /dev/sda1 2 32768 33553408 82 Linux swap / Solaris /dev/sda2 32769 33280 524288 83 Linux /dev/sda3 33281 1081856 1073741824 83 Linux /dev/sda4 1081857 3177984 2146435072 85 Linux extended /dev/sda5 1081857 3177984 2146435071+ 8e Linux LVM The server is running a 4 disk HW RAID10 which seems perfectly healthy according to megacli and smartd. The only odd message in /var/log/messages is the following which shows up every couple of hours: Jun 10 09:41:57 apollo udevd[527]: failed to create queue file: No space left on device Output of df -h [root@apollo ~]# df -h Filesystem Size Used Avail Use% Mounted on /dev/sda3 1016G 119G 847G 13% / /dev/sda2 508M 67M 416M 14% /boot Does anyone have any ideas what to do next? The VMs are all running fine at the moment apart from not being able to snapshot them. Updated with extra info It's not a lack of inodes: [root@apollo ~]# df -i Filesystem Inodes IUsed IFree IUse% Mounted on /dev/sda3 67108864 48066 67060798 1% / /dev/sda2 32768 47 32721 1% /boot pvs, vgs & lvs either output nothing or "No volume groups found".

    Read the article

  • Cisco - Zone Policy Actions (pass, inspect, drop, log) - What is the difference?

    - by Jonathan Rioux
    Have these commands for instance: policy-map type inspect IN-OUT_PlcyMAP class type inspect IN-OUT_ClassMAP inspect <------ policy-map type inspect IN-OUT_PlcyMap class type inspect IN-OUT_ClassMAP pass <------ zone security INSIDE zone security OUTSIDE zone-pair security IN->OUT source INSIDE destination OUTSIDE service-policy type inspect IN-OUT_PlcyMAP What is the difference between "inspect", "pass", "drop", "log", and "reset ? I could not found any information on this on Google.

    Read the article

  • Group Policy dealing with IE zone assignment not sticking!

    - by Brandon
    I have a group policy (which ONLY deals with the zone assignment) -that is continually switching on and off with reboots. I thought it was a conflicting group policy but when I run group policy modeling report it doesn't show any descrepancies that I can see. I thought it may be an issue with one domain controller wasn't replicating my policy change to the other one, but this isn't the case. I checked both domain controllers and they show the same information. The assignment is on a user basis and is in: user configuration > administrative templates > windows components > internet explorer > internet control panel > security and is site to zone assignment.

    Read the article

  • Some doubts about the use of usermod and groupmod command

    - by AndreaNobili
    I am not yet a true "Linux guy" and I have the following doubts about how exactly do the following shell procedure (a list of commands steps) founded in a tutorial that I am following (I want deeply understand what I am doing before do it): sudo passwd root then login again as root usermod -l miner pi usermod -m -d /home/miner miner groupmod -n miner pi exit So at the beginning it enable the root account and I have to login again in the system as root...this is perfectly clear for me. And now I have the followings doubts: 1) The usermod command: usermod -l miner pi usermod -m -d /home/miner miner Reading the official documentation of the usermod command I understand that this command modify the informations related to an existing account Reading the documentation it seems to me that the -l parmether modify the name of the user pi in miner and then the -m -d paramether move the contents of the old home directory to the new one (named miner) and use this new directory as home directory My doubt is: what exactly do the executions of these operation? I think that: Rename the existing pi user in miner Then move the content of the old home directory (the pi home directory? or what?) into a new directory (/home/miner) that now is the home directory for the miner user. Is it right? The the second doubt is related to this command groupmod -n miner pi It seems to me that change the group name from pi in miner But what exactly is a group in Linux and why is it used? Tnx

    Read the article

  • How to script GPO in Windows computers without Active Directory?

    - by Peteris Krumins
    Does anyone know how to script GPO for users in a Windows computer that is not on any Active Directory network? I can't use GPMC because it doesn't work without a domain. I have been searching the net for the last couple of hours and all the solutions that I find are related to GPMC. I'd imagine there are some objects in the GPO that are accessible via WMI? Does anyone know anything about that? I was unable to find any information about that. Here is the situation I am trying to script: I have 10 users on the machine, and I want to restrict what they are able to do on the machine. So I created 10 GPOs for each one of them. Now I want to apply a common policy to all of them. The only way to do it is to go through each of the GPO and do it manually. This is too time consuming, therefore I am seeking for a simpler solution. I was unable to find a way to copy GPO from a user to a user. That would make it much easier, I would create a GPO for 1st user, then copy it over to all the other users, but no luck, couldn't find a way to copy GPOs. The other method I tried was creating a GPO for the whole user group but it turns out you can't apply GPO to a group unless you use GPMC, which I can't cause the computer is not on any domain. So I am thinking about scripting this whole process, but again I can't find any examples of how to access particular GPO objects for particular users and modify properties through WMI. Any suggestions on the issue I am having? Thanks!

    Read the article

  • How to scrape a _private_ google group?

    - by John
    Hi there, I'd like to scrape the discussion list of a private google group. It's a multi-page list and I might have to this later again so scripting sounds like the way to go. Since this is a private group, I need to login in my google account first. Unfortunately I can't manage to login using wget or ruby Net::HTTP. Surprisingly google groups is not accessible with the Client Login interface, so all the code samples are useless. My ruby script is embedded at the end of the post. The response to the authentication query is a 200-OK but no cookies in the response headers and the body contains the message "Your browser's cookie functionality is turned off. Please turn it on." I got the same output with wget. See the bash script at the end of this message. I don't know how to workaround this. am I missing something? Any idea? Thanks in advance. John Here is the ruby script: # a ruby script require 'net/https' http = Net::HTTP.new('www.google.com', 443) http.use_ssl = true path = '/accounts/ServiceLoginAuth' email='[email protected]' password='topsecret' # form inputs from the login page data = "Email=#{email}&Passwd=#{password}&dsh=7379491738180116079&GALX=irvvmW0Z-zI" headers = { 'Content-Type' => 'application/x-www-form-urlencoded', 'user-agent' => "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.2 (KHTML, like Gecko) Chrome/6.0"} # Post the request and print out the response to retrieve our authentication token resp, data = http.post(path, data, headers) puts resp resp.each {|h, v| puts h+'='+v} #warning: peer certificate won't be verified in this SSL session Here is the bash script: # A bash script for wget CMD="" CMD="$CMD --keep-session-cookies --save-cookies cookies.tmp" CMD="$CMD --no-check-certificate" CMD="$CMD --post-data='[email protected]&Passwd=topsecret&dsh=-8408553335275857936&GALX=irvvmW0Z-zI'" CMD="$CMD --user-agent='Mozilla'" CMD="$CMD https://www.google.com/accounts/ServiceLoginAuth" echo $CMD wget $CMD wget --load-cookies="cookies.tmp" http://groups.google.com/group/mygroup/topics?tsc=2

    Read the article

  • How can I access the group of a linq group-by query from a nested repeater control?

    - by Duke
    I'm using a linq group by query (with two grouping parameters) and would like to use the resulting data in a nested repeater. var dateGroups = from row in data.AsEnumerable() group row by new { StartDate = row["StartDate"], EndDate = row["EndDate"] }; "data" is a DataTable from an SqlDataAdapter-filled DataSet. "dateGroups" is used in the parent repeater, and I can access the group keys using Eval("key.StartDate") and Eval("key.EndDate"). Since dateGroups actually contains all the data rows grouped neatly by Start/End date, I'd like to access those rows to display the data in a child repeater. To what would I set the child repeater's DataSource? I have tried every expression in markup I could think of; I think the problem is that I'm trying to access an anonymous member (and I don't know how.) In case it doesn't turn out to be obvious, what would be the expression to access the elements in each iteration of the child repeater? Is there an expression that would let me set the DataSource in the markup, or will it have to be in the codebehind on some event in the parent repeater?

    Read the article

  • How to parse the "<media:group>" using feedparser?

    - by Wayle.C
    The rss file is shown as below, i want to get the content in section media:group . I check the document of feedparser, but it seems not mention this. How to do it? Any help is appreciated. XYZ InfoX: Special hello http://www1.XYZInfoX.com/learninghello/home hello en Wed, 17 Mar 2010 08:50:06 GMT 2010-03-17T08:50:06Z en Voice of America http://www1.XYZInfoX.com/learninghello http://media.XYZInfoX.com/designimages/XYZRSSIcon.gif <item> <title>Who Were the Deadliest Gunmen of the Wild West?</title> <link>http://www1.XYZInfoX.com/learninghello/home/Deadliest-Gunmen-of-the-Wild-West-87826807.html</link> <description> The story of two of them: "Killin'" Jim Miller was an outlaw, "Texas" John Slaughter was a lawman | EXPLORATIONS </description> <pubDate>Wed, 17 Mar 2010 00:38:48 GMT</pubDate> <guid isPermaLink="false">87826807</guid> <dc:creator></dc:creator> <dc:date>2010-03-17T00:38:48Z</dc:date> *<media:group> <media:content url="http://media.XYZInfoX.com/images/archives_peace_comm_480_16mar_se.jpg" medium="image" isDefault="true" height="300" width="480" /> <media:content url="http://media.XYZInfoX.com/images/archives_peace_comm_230_16mar_se_edited-1.jpg" medium="image" isDefault="false" height="230" width="230" /> <media:content url="http://media.XYZInfoX.com/images/tex_trans_lawmans_230_16mar10_se.jpg" medium="image" isDefault="false" height="230" width="230" /> <media:content url="http://www.XYZInfoX.com/MediaAssets2/learninghello/dalet/se-exp-outlaws-part2-17mar2010.Mp3" type="audio/mpeg" medium="audio" isDefault="false" /> </media:group>* </item>

    Read the article

  • Fast way to get a list of group members in Active Directory with C#

    - by Jeremy
    In a web app, we're looking to display a list of sam accounts for users that are a member of a certain group. Groups could have 500 or more members in many cases and we need the page to be responsive. With a group of about 500 members it takes 7-8 seconds to get a list of sam accounts for all members of the group. Are there faster ways? I know the Active Directory Management Console does it in under a second. I've tried a few methods: 1) PrincipalContext pcRoot = new PrincipalContext(ContextType.Domain) GroupPrincipal grp = GroupPrincipal.FindByIdentity(pcRoot, "MyGroup"); List<string> lst = grp.Members.Select(g => g.SamAccountName).ToList(); 2) PrincipalContext pcRoot = new PrincipalContext(ContextType.Domain) GroupPrincipal grp = GroupPrincipal.FindByIdentity(pcRoot, "MyGroup"); PrincipalSearchResult<Principal> lstMembers = grp.GetMembers(true); List<string> lst = new List<string>(); foreach (Principal member in lstMembers ) { if (member.StructuralObjectClass.Equals("user")) { lst.Add(member .SamAccountName); } } 3) PrincipalContext pcRoot = new PrincipalContext(ContextType.Domain) GroupPrincipal grp = GroupPrincipal.FindByIdentity(pcRoot, "MyGroup"); System.DirectoryServices.DirectoryEntry de = (System.DirectoryServices.DirectoryEntry)grp.GetUnderlyingObject(); List<string> lst = new List<string>(); foreach (string sDN in de.Properties["member"]) { System.DirectoryServices.DirectoryEntry deMember = new System.DirectoryServices.DirectoryEntry("LDAP://" + sDN); lst.Add(deMember.Properties["samAccountName"].Value.ToString()); }

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 47 48 49 50 51 52 53 54 55 56 57 58  | Next Page >