Search Results

Search found 47324 results on 1893 pages for 'end users'.

Page 531/1893 | < Previous Page | 527 528 529 530 531 532 533 534 535 536 537 538  | Next Page >

• How to disable "safely remove hardware"

  - by Matt

  I have some windows 7 virtual machines in xen that have devices showing up in "safely remove hardware". I don't want users to ever be able to remove/eject any hardware at all. I'm told vmware has a hotplug option. xen doesn't seem to provide this for pci passthrough devices, therefore I'm looking for a reliable solution to prevent users from ejecting devices. This issue is not necessarily related just to virtual machines but seems to be a common problem with devices that get wrongly reported as removable. I'm ideally looking for a way to prevent all devices from appearing or just prevent the safely remove hardware option from ever coming up. I've tried setting device capabilities for specific devices on boot with a script but this for some reason doesn't always seem to work reliably. Is there a way to prevent this icon from appearing in the notification area completely, either by registry key or group policy? I should point out that setting this in group policy to "Administrators" did not seem to work. [Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity Optionsevices:Allowed to format and eject removable media]

  Read the article

• 2 servers on 2 networks in same office

  - by irot

  Hello Gents, My office doesn't have a "server guy" in employ, so I'm stuck with having to fix server issues for now. There are 2 servers in our office, both are file/web servers only accessible via LAN. They are currently on the same network, so no issue there. Problem is, we recently got a static IP to use, but it's with a different ISP, so now we have 2 routers in our office. I would like to open one of the servers to the public as a web/FTP server. But if I hook a server up to the new router, users will no longer be able to access the files shared on that server (because they're on different networks). How can I go about making one server accessible to the public using the static IP line, but still able to share the files on it to the users connected to the other network? The server I want to make public is running Windows Server 2008, the other server Windows Server 2003. And as far as I know, IP addresses are assigned by the router. I'm just a developer, don't know much about networking. Thank you in advance.

  Read the article

• Managing per-user rc.d init scripts

  - by Steve Schnepp

  I want to delegate SysV init scripts to each user. Like the SysV init, each item in ${HOME}/rc.d starting with S will be launched on server start-up with the start argument. The same for the server shut-down with the one starting with K and with the stop argument. I thought about scripting it myself, but maybe there is already some kind of implementation out there1. In summary it would be a script in /etc/init.d/ that iterates through all the users and launches runparts as the user on the relevant scripts. The platform here is a Linux (Debian flavour), but I think the solution would be quite portable among various Unix-like platforms. Update: The point here is for users to be able to create their own init scripts that should be launch on their behalf when the system boots up. As Dan Carley pointed out, the services won't be able to access any system asset (priviledged ports, system logs, ...). 1. This way I don't have to think that much about all the subtle security implications such as script timeouts for example...

  Read the article

• Modifying a gedit syntax highlighting file

  - by Oscar Saleta Reig

  I am trying to change a highlighting file from Gedit. I have modified the file /usr/share/gtksourceview-3.0/language-specs/fortran.lang because I want to change the cases in which the editor takes a statement as a comment. The problem I have is that when I choose the new highlighting scheme nothing highlights, it just remains as plain text. The file fortran.lang was opened with su permissions and I just copy-pasted everything into a new Gedit file and later saved it as fortran_enhanced.lang in the same folder. The changes I've done to the original file are these: Original fortran.lang file: <language id="fortran" _name="Fortran 95" version="2.0" _section="Sources"> <metadata> <property name="mimetypes">text/x-fortran</property> <property name="globs">*.f;*.f90;*.f95;*.for</property> <property name="line-comment-start">!</property> </metadata> <styles> <style id="comment" _name="Comment" map-to="def:comment"/> <style id="floating-point" _name="Floating Point" map-to="def:floating-point"/> <style id="keyword" _name="Keyword" map-to="def:keyword"/> <style id="intrinsic" _name="Intrinsic function" map-to="def:builtin"/> <style id="boz-literal" _name="BOZ Literal" map-to="def:base-n-integer"/> <style id="decimal" _name="Decimal" map-to="def:decimal"/> <style id="type" _name="Data Type" map-to="def:type"/> </styles> <default-regex-options case-sensitive="false"/> <definitions> <!-- Note: contains an hack to avoid considering ^COMMON a comment --> <context id="line-comment" style-ref="comment" end-at-line-end="true" class="comment" class-disabled="no-spell-check"> <start>!|(^[Cc](\b|[^OoAaYy]))</start> <include> <context ref="def:escape"/> <context ref="def:in-line-comment"/> </include> </context> (...) Modified fortran_enhanced.lang file: <!-- Note: changed language id and name --> <language id="fortran_enhanced" _name="Fortran 95 2.0" version="2.0" _section="Sources"> <metadata> <property name="mimetypes">text/x-fortran</property> <!-- Note: removed *.f and *.for from file extensions --> <property name="globs">*.f90;*.f95;</property> <property name="line-comment-start">!</property> </metadata> <styles> <style id="comment" _name="Comment" map-to="def:comment"/> <style id="floating-point" _name="Floating Point" map-to="def:floating-point"/> <style id="keyword" _name="Keyword" map-to="def:keyword"/> <style id="intrinsic" _name="Intrinsic function" map-to="def:builtin"/> <style id="boz-literal" _name="BOZ Literal" map-to="def:base-n-integer"/> <style id="decimal" _name="Decimal" map-to="def:decimal"/> <style id="type" _name="Data Type" map-to="def:type"/> </styles> <default-regex-options case-sensitive="false"/> <definitions> <!-- Note: I want comments only beginning with !, not C --> <context id="line-comment" style-ref="comment" end-at-line-end="true" class="comment" class-disabled="no-spell-check"> <start>!</start> <include> <context ref="def:escape"/> <context ref="def:in-line-comment"/> </include> </context> (...) I have read this question [ Custom gedit Syntax Highlighting for Dummies? ] and I tried to make the new fortran_enhanced.lang file readable with $ cd /usr/share/gtksourceview-3.0/language-specs $ sudo chmod 0644 fortran_enhanced.lang but it doesn't seem that made some difference. I have to say that I have never done a thing like this before and I don't even understand most of the language file, so I am open to every criticism, as I have been guided purely by intuition. Thank you in advanced!

  Read the article

• In what way does non-"full n-key rollover" hinder fast typists?

  - by Michael Kjörling

  Wikipedia claims (although the latter claim does not cite a source) that: High-end keyboards that provide full n-key rollover typically do so via a PS/2 interface as the USB mode most often used by operating systems has a maximum of only six keys plus modifiers that can be pressed at the same time.[4] This hinders fast typists, ... In what way would the system being able to recognize only six non-modifier keys at once hinder a fast typist? I consider myself a relatively fast typist and I usually press one key, plus modifiers, at once; I can't imagine any real-life situation in which the system only recognizing six non-modifier keys being pressed at once has been a limiting factor in my keyboard usage. (Multi-stroke keyboard shortcuts as used by high-end software like Visual Studio, Emacs and the like are a different matter.) Note that I am not really interested in answers centered around multiplayer computer games; I'm looking for answers that give reasons that would be relevant to typists, somehow supporting the statement made on Wikipedia.

  Read the article

• Postfix: Modify sender address based on recipient

  - by PJ P

  We have a Postfix server that receives mail from our application servers. Senders are in the form [email protected] (where host.fqdn can vary, depending on source server) and recipients can be internal or external users. Messages going to external users should have the sender changed to [email protected]. I have tried using canonical maps, but since that is handled by the cleanup daemon, before any transport decisions are made, it would affect all sender addresses. I have also tried creating a custom smtp transport with generic mappings and configuring transport_maps to use that custom smtp transport for external domains. However, generic mappings affect both sender and recipient addresses. Lastly, I've tried the following: Create a custom smtpd daemon that specifies sender canonical maps and a unique transport table. Send all externally addressed mail to that custom daemon. Ideally, sender canonical maps would transform the sender address and the unique transport table would relay messages to the internet. However, evidently, only one transport table can be used per Postfix instance. I want to avoid creating an entirely new Postfix instance to accommodate this rewriting. Any suggestions? (and thanks in advance)

  Read the article

• How can I cornify a SharePoint site?

  - by Chris Farmer

  Inspired by the April 1 gravatar changes and the memory of last year's cornification of Stack Overflow, I wanted to add a cornify button to my company's SharePoint app. I just added their html snippet to a Content Editor Web Part. <a href="http://www.cornify.com" onclick="cornify_add();return false;"> <img src="http://www.cornify.com/assets/cornifycorn.gif" width="52" height="51" border="0" alt="Cornify" /> </a><script type="text/javascript" src="http://www.cornify.com/js/cornify.js"></script> The button renders all glittery and beautiful, and the magical functionality works fine in Chrome and Firefox (I'm on Windows 7) for me. But, in IE8, all the gorgeous unicorn images get added at the bottom of the page such that you can't see them unless you scroll down. Since most of our users are IE users, I fear that this just isn't going to be all that much fun. So, is there some known way to force this to work better in IE8, or is there another similarly fun site adornment utility that I could use that might behave better in a SharePoint 2007 app running in IE7/8?

  Read the article

• apache using mod_auth_kerb always asks for the password twice

  - by DrStalker

  (Debian Squeeze) I'm trying to set apache up to use Kerberos authentication to allow AD users to log in. It is working, but prompts the user twice for a username and password, with the first time being ignored (no matter what is put it in.) Only the second prompt includes the AuthName string from the config (i.e.: the first windows is a generic username/password one, the second includes the title "Kerberos Login") I'm not worried about integrated windows authentication working at this stage, I just want users to be able to login with their AD account so we don't need to set up a second repository of user accounts. How do I fix this to eliminate that first useless prompt? The directives in the apache2.conf file: <Directory /var/www/kerberos> AuthType Kerberos AuthName "Kerberos Login" KrbMethodNegotiate On KrbMethodK5Passwd On KrbAuthRealms ONEVUE.COM.AU.LOCAL Krb5KeyTab /etc/krb5.keytab KrbServiceName HTTP/[email protected] require valid-user </Directory> krb5.conf: [libdefaults] default_realm = ONEVUE.COM.AU.LOCAL [realms] ONEVUE.COM.AU.LOCAL = { kdc = SYD01PWDC01.ONEVUE.COM.AU.LOCAL master_kdc = SYD01PWDC01.ONEVUE.COM.AU.LOCAL admin_server = SYD01PWDC01.ONEVUE.COM.AU.LOCAL default_domain = ONEVUE.COM.AU.LOCAL } [login] krb4_convert = true krb4_get_tickets = false The access log when accessing the secured directory (note the two seperate 401's) 192.168.10.115 - - [24/Aug/2012:15:52:01 +1000] "GET /kerberos/ HTTP/1.1" 401 710 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.83 Safari/537.1" 192.168.10.115 - - [24/Aug/2012:15:52:06 +1000] "GET /kerberos/ HTTP/1.1" 401 680 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.83 Safari/537.1" 192.168.10.115 - [email protected] [24/Aug/2012:15:52:10 +1000] "GET /kerberos/ HTTP/1.1" 200 375 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.83 Safari/537.1" And one line in error.log [Fri Aug 24 15:52:06 2012] [error] [client 192.168.0.115] gss_accept_sec_context(2) failed: An unsupported mechanism was requested (, Unknown error)

  Read the article

• Building a Web proxy to get around same-origin restrictions for collaborative Webapp based on a MEAN stack

  - by Lew Cohen

  Can anyone point to books, articles, blogs, or even applications - open-source or proprietary - that detail building a Web proxy? This specific proxy will exist to get around the same-origin restrictions that prevent, for instance, loading a given Website into an <iframe> in a Webapp. This Webapp is a collaborative application in which a group of users log in to the app's Website and can then load different Websites into this app's <iframe> and do various collaborative things (e.g., several users simultaneously browsing a Website, in synch). The Webapp itself is built on a MEAN stack (MongoDB, Express, AngularJS, and Node.js). The purpose of this proxy is not to do anonymous browsing or to bypass censorship. Information on how to build such a vehicle seems not to be readily available from my research. I've come across Glype but am not sure whether this is a feasible solution. I don't want to reinvent the wheel, so if a product is available for purchase, great. Else, we'd need to build one. The one that seems to be close is http://www.corsproxy.com. In effect, we'd like to re-create this since it evidently does what's needed. I don't care what server-side technology is used. Our app is MEAN-based, if that has any bearing. Also, the proxy has to obviously honor basic security considerations (user cookies, etc.) and eventually be scalable. So, anyone know of any sources that would detail how to build one of these? Is it even worth building if something already exists? If so, what would be a good candidate? Any other issues that should be considered with this proxy/application? Thanks a lot!

  Read the article

• Restricting Access to Application(s) on Point of Sale system

  - by BSchlinker

  I have a customer with two point of sale systems, a few workstations and a Windows 2003 SBS Server. The point of sale systems are typically running QuickBooks Point of Sale and are logged in with a user who has restricted permissions / access (via Group Policy). Occasionally, one of the managers needs to be able to run a few additional applications -- including some accounting software. I have created an additional user for this manager, allowing them to login and access the accounting software. The problem is, it can be problematic to switch users on the system, as QuickBooks takes a few minutes to close (on POSUser) and then reopen (on ManagerUser). If customers are waiting, this slows things down drastically. Since the accounting software is stored on a network drive, it would be easiest if the manager could simply double click something, authenticate against the network drive / domain controller and then the program would launch. When they close the program, the session to the network drive would be lost and the program would no longer be accessible. Is there any easy way to do this? Both users are on a domain and the system is Windows 7. I just don't want to require the user to switch back and forth. In a worst case scenario, they forget to switch back and leave the accounting software wide open.

  Read the article

• Personal wiki on usb / the cloud?

  - by drby

  I'm looking for a personal wiki that can be installed on an usb stick and (more importantly) somewhere on the cloud (dropbox). I've looked at the Wiki Matrix, but I really don't care that much about any of the options, so I end up with a choice between ~50 wikis at the end. Tried out TiddlyWiki but there are some things that really annoy me like the fact that all pages get opened on the same page. It really looks like it'd turn into a giant mess pretty quickly. I'd like to have something that's pretty close in terms of appearance and usability to wikipedia. Hierarchical categories for organization would be really nice. And accessible storage (in case I ever want to convert it to something else).

  Read the article

• Using OSX home directories from linux

  - by Steffen

  I'm running an OSX (Snow Leopard) Server with OpenDirectory, which is nothing else than a modified OpenLDAP with some Apple-specific schemas. However, I want to reuse this directory on some of my Linux (Debian Squeeze) boxes. It's no problem to authenticate against OSXs LDAP Server, this works fine already. What I struggle with is the way the home folders are specified in OSX. If I query the passwd config on one of my linux machines, the OSX imported entries are looking like this myaccount:x:1034:1026:Firstname Lastname:/Network/Servers/hostname.example.com/Volumes/MyShare/Users/myaccount:/bin/bash While those network home folders might be fine for OSX-Clients, I don't want those server based paths on my linux machines. I saw that there is an NFSHomeDirectory Attribute in the OSX User inspector, but if I change this the whole user home path gets changed. Since my users should be able to login on both systems, OSX and Linux, this is not what I want. Does anyone have an idea how I must configure OSX to make my linux machines use home folders like /net/myaccount and leave the configuration for OSX clients untouched?

  Read the article

• Unexpected network traffic?

  - by robwalker

  My internet connection is via a fixed wireless connection using a 900MHz Motorola Canopy module. The router reports a fairly consistent 32-64Kbps of incoming traffic on the WAN port. When I attached a PC directly to the port and run Wireshark, I get a dump showing a lot of chatter from other machines that I presume are connected to the same tower. This didn't include end-to-end traffic, but was there were a lot of ARP requests, SSDP traffic, ICMP and other network discovery type stuff. Is this 'normal' or does it suggest a misconfiguration somewhere? As far as I can tell there is no need for my modem to be receiving any of this traffic (other than wanting to know what the names of my neighbours machines and printers are!) Since the internet connection is slow at the best of time, having this amount of background noise seems very wasteful.

  Read the article

• how to setup .ssh directory inside an encrypted volume on Mac OSX and still have public key logins?

  - by Vitaly Kushner

  I have my .ssh directory inside an encrypted sparse image. i.e. ~/.ssh is a symlink to /Volumes/VolumeName/.ssh The problem is that when I try to ssh into that machine using a public key I see the following error message in /var/log/secure.log: Authentication refused: bad ownership or modes for directory /Volumes Any way to solve this in a clean way? Update: The permissions on ~/.ssh and authorized_keys are right: > ls -ld ~ drwxr-xr-x+ 77 vitaly staff 2618 Mar 16 08:22 /Users/vitaly/ > ls -l ~/.ssh lrwxr-xr-x 1 vitaly staff 22 Mar 15 23:48 /Users/vitaly/.ssh@ -> /Volumes/Astrails/.ssh > ls -ld /Volumes/Astrails/.ssh drwx------ 3 vitaly staff 646 Mar 15 23:46 /Volumes/Astrails/.ssh/ > ls -ld /Volumes/Astrails/ drwx--x--x@ 18 vitaly staff 1360 Jan 12 22:05 /Volumes/Astrails// > ls -ld /Volumes/ drwxrwxrwt@ 5 root admin 170 Mar 15 20:38 /Volumes// error message sats the problem is with /Volumes, but I don't see the problem. Yes it is o+w but it is also +t which should be ok but apparently isn't. The problem is I can't change /Volumes permissions (or rather shouldn't) but I do want public key login to work. First I thought of mounting the image on other place then /Volumes, but it is automaunted on login by standard OSX mounting. I asked about it here: How to change disk image's default mount directory on osx The only answer I got is "you can't" ;) I could hack my way around, by writing some shellscript that will manually mounting volume at a non-standard location but it would be a gross hack, I'm still looking for a cleaner way to do what I need.

  Read the article

• stdout, stderr, and what else? (going insane parsing slapadd output)

  - by user64204

  I am using slapadd to restore a backup. That backup contains 45k entries which takes a while to restore so I need to get some progress update from slapadd. Luckily for me there is the -v switch which gives an output similar to this one: added: "[email protected],ou=People,dc=example,dc=org" (00003d53) added: "[email protected],ou=People,dc=example,dc=org" (00003d54) added: "[email protected],ou=People,dc=example,dc=org" (00003d55) .######## 44.22% eta 05m05s elapsed 04m spd 29.2 k/s added: "[email protected],ou=People,dc=example,dc=org" (00003d56) added: "[email protected],ou=People,dc=example,dc=org" (00003d57) added: "[email protected],ou=People,dc=example,dc=org" (00003d58) added: "[email protected],ou=People,dc=example,dc=org" (00003d59) Every N entries added, slapadd writes a progress update output line (.######## 44.22% eta 05m05s elapsed ...) which I want to keep and an output line for every entry created which I want to hide because it exposes people's email address but still want to count them to know how many users were imported The way I thought about hiding emails and showing the progress update is this: $ slapadd -v ... 2>&1 | tee log.txt | grep '########' # => would give me real-time progress update $ grep "added" log.txt | wc -l # => once backup has been restored I would know how many users were added I tried different variations of the above, and whatever I try I can't grep the progress update output line. I traced slapadd as follows: sudo strace slapadd -v ... And here is what I get: write(2, "added: \"[email protected]"..., 78added: "[email protected],ou=People,dc=example,dc=org" (00000009) ) = 78 gettimeofday({1322645227, 253338}, NULL) = 0 _######## 44.22% eta 05m05s elapsed 04m spd 29.2 k/s ) = 80 write(2, "\n", 1 ) As you can see, the percentage line isn't sent to either stdout or stderr (FYI I have validated with known working and failing commands that 2 is stderr and 1 is stdout) Q1: Where is the progress update output line going? Q2: How can I grep on it while sending stderr to a file? Additional info: I'm running Openldap 2.4.21 on ubuntu server 10.04

  Read the article

• No apparent reason for high load average

  - by Oz.

  We have several web servers running on Amazon (ec2) c1.xlarge, over Amazon AMI. The servers are duplicates of each other, running the exact same hardware and software. Each server spec is: 7 GB of memory 20 EC2 Compute Units (8 virtual cores with 2.5 EC2 Compute Units each) 1690 GB of instance storage 64-bit platform I/O Performance: High API name: c1.xlarge A couple of weeks ago we have run a yum upgrade on one of the servers. Starting on this upgrade the upgraded server started showing a high load average. Needless to say, we did not update the other servers and we can not do so until we understand the reason for this behavior. The strange thing is that when we compare the servers using top or iostat, we can not find the reason for the high load. Note that we have moved traffic from the "problematic" server to the others, which have made the "problematic" server less crowded in terms of requests, and still his load is higher. Do you have any idea what could it be, or where else can we check? Many thanks for the help! Oz. # # proper server # w command # 00:42:26 up 2 days, 19:54, 2 users, load average: 0.41, 0.48, 0.49 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT pts/1 82.80.137.29 00:28 14:05 0.01s 0.01s -bash pts/2 82.80.137.29 00:38 0.00s 0.02s 0.00s w # # proper server # iostat command # Linux 3.2.12-3.2.4.amzn1.x86_64 _x86_64_ (8 CPU) avg-cpu: %user %nice %system %iowait %steal %idle 9.03 0.02 4.26 0.17 0.13 86.39 Device: tps Blk_read/s Blk_wrtn/s Blk_read Blk_wrtn xvdap1 1.63 1.50 55.00 367236 13444008 xvdfp1 4.41 45.93 70.48 11227226 17228552 xvdfp2 2.61 2.01 59.81 491890 14620104 xvdfp3 8.16 14.47 94.23 3536522 23034376 xvdfp4 0.98 0.79 45.86 192818 11209784 # # problematic server # w command # 00:43:26 up 2 days, 21:52, 2 users, load average: 1.35, 1.10, 1.17 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT pts/0 82.80.137.29 00:28 15:04 0.02s 0.02s -bash pts/1 82.80.137.29 00:38 0.00s 0.05s 0.00s w # # problematic server # iostat command # Linux 3.2.20-1.29.6.amzn1.x86_64 _x86_64_ (8 CPU) avg-cpu: %user %nice %system %iowait %steal %idle 7.97 0.04 3.43 0.19 0.07 88.30 Device: tps Blk_read/s Blk_wrtn/s Blk_read Blk_wrtn xvdap1 2.10 1.49 76.54 374660 19253592 xvdfp1 5.64 40.98 85.92 10308946 21612112 xvdfp2 3.97 4.32 93.18 1087090 23439488 xvdfp3 10.87 30.30 115.14 7622474 28961720 xvdfp4 1.12 0.28 65.54 71034 16487112

  Read the article

• Rename Active Directory domain following Windows 2000 -> 2008 migration.

  - by ewwhite

  I'm working with a site that needs an internal DNS domain rename. It currently has a DNS name of domain.abc.com and NT name of ABC. I'm trying to get to a DNS name of abctrading.com and NT name of ABCTRADING. Split DNS would be used. The site originally ran from a single Windows 2000 domain controller hosting AD, file, print, DHCP and DNS services. There was no Exchange system in the environment. The 50 client PCs are all Windows XP with a handful of users using roaming profiles. All users are in a single OU and there are no group policy/GPOs. I'm a Linux engineer, but have been trying to guide another group of consultants to reach a more suitable setup. With the help of this group, we were able to move the single Windows 2000 system to a set of Windows 2008 R2 servers separated into domain controller and file/print systems (virtualized). We are also trying to add an Exchange 2010 system to this mix. The Windows 2000 server was demoted and is no longer in the picture. This is the tricky part, as client wants the domain renamed and the consultants aren't quite sure how to get through it without another 32-40 hours of testing/implementation. THey say that there's considerable risk to do the rename without a completely isolated test environment. However, this rename has to be done before installing Exchange. So we're stuck at this point. I'd like to know what's involved in renaming the domain at this point. We're on Windows Server 2008. The AD is healthy now. Coming from a Linux background, it seems as though there should be a reasonable path to this. Also, since the original domain appears to be a child/subdomain, would that be a problem here. I'd appreciate any guidance.

  Read the article

• Setting Up My Home Network

  - by Skizz

  I currently have five PCs at home, three running WinXP and two running Ubuntu. They are set up like this: ISP ----- Modem ---- Switch ---- Ubuntu1 -- B&W Printer | |--WinXP1 | |--WinXP2 Wireless |--Colour Printer | |---------Ubuntu2 |---------WinXP3 (laptop) The Ubuntu1 machine is set up as a PDC using Samba and runs fetchmail, procmail, dovecot to get my e-mail and allow me to access the e-mail via imap so I can read the e-mail on any PC. I'd like to set up the network like this: ISP ----- Modem ---- Ubuntu1 ---- Switch ------WinXP1 | | |--WinXP2 B&W Printer Wireless |--Colour Printer | |---------Ubuntu2 |---------WinXP3 (laptop) My questions are: How to configure Ubuntu1 to act as a firewall. How to configure Ubuntu1 to provide a consistant user authentication across the network, at the moment Samba provides roaming profiles for the XP machines but the Ubuntu2 machine has it's own user lists. I'd like to have a single authentication for both XP machines and linux machines so that users added to the server list will propagate to all PCs (i.e. new users can log on using any PC without modifying any of the client PCs). How to configure a linux client (Ubuntu2 above) to access files on the server (Ubuntu1), some of which are in user specific folders, effectively sharing /home/{user} per user (read and write access) and stuff like /home/media/photos with read access for everyone and limited write access. How to configure the XP machines (if it is different from a the Samba method). How to set up e-mail filtering. I'd like to have a whitelist/blacklist system for incoming e-mails for some of the e-mail accounts (mainly, my kids' accounts) with filtered e-mails being put into quaranteen until a sysadmin either adds the sender to a blacklist or whitelist. OK, that's a lot of stuff. For now, I don't want config files*, rather, what services / applications to use and how they interact. For example, LDAP could be used for authentication but what else would be useful to make the administration of the LDAP easier. Once I have a general idea for the overall configuration, I can ask other questions about the specifics. Skizz I have looked around for information, but most answers are usually in the form of abstract config files and lists of packages to install.

  Read the article

• How do I collect SNMP readings from intermittently-connected sites?

  - by Luke404

  I am collecting SNMP data on-site for a number of systems, currently using Cacti. These systems are spread on a number of sites that aren't always connected to internet, but I also need to centralize the data on a single system (datacenter housed server) and get graphs out of it. If I directly poll remote systems with a centralized Cacti I'd loose data when a site is not connected to internet. I should record data on-site (I have a server at each site and I can run whatever I want on it) and then 'sync' everything to the central system. One hack could be a cacti or directly an rrdtool on site and then periodically rsync RRD data to the central Cacti system, but that doesn't sound like a 'clean' solution: every RRD would have to be defined at both places and rsync scripts setup with the specific file names. Can you suggest a better solution? Cacti is not a requirement but I'd like to use something like that on the central system. On-site systems need only to collect data I don't need to graph it there or manage users rights to view data and stuff like that, users will only access the centralized system.

  Read the article

• Error with RewriteCond in .htaccess about '-f' option when it is not present.

  - by Tyler Crompton

  Whenever I look at my error logs this is what I see: RewriteCond: NoCase option for non-regex pattern '-f' is not supported and will be ignored. However, I am not using -f. I am still new to Apache stuff. This is what my .htaccess files looks like in the site's root directory: # Use PHP5 Single php.ini as default AddHandler application/x-httpd-php5s .php Options -Indexes SetEnv INCLUDES /home1/tylercro/public_html/includes/ SetEnv TZ America/Chicago ErrorDocument 400 /400/ ErrorDocument 401 /401/ ErrorDocument 403 /403/ ErrorDocument 404 /404/ ErrorDocument 500 /500/ order allow,deny deny from 69.28.58.33 deny from 95.24.184.87 deny from 95.108. deny from 119.63.196. deny from 123.125.71. deny from 216.92.127.133 deny from 204.236.225.207 allow from all RewriteEngine On # Take off a the end script name if it is an index page. RewriteCond %{REQUEST_URI} (.*)(index|default)\.\w{1,4}$ [NC] RewriteRule .* %1 [R=301] # Force "/" at end of URL if directory. RewriteRule (.*)!(\.\w{1,5}$) $1 [R=301]

  Read the article

• Intermittent 5.7.1 email bounce to Exchange 2007

  - by Steve Kennaird

  My knowledge of Exchange isn't particularly great, so excuse me if some of the terminology I use isn't quite right. I'm primarily a web developer who's now responsible for a small business's network. We have a server running SBS 2008 and Exchange 2007. Generally, everything works well, emails are able to be sent to both internal and external domains without issue. We've only got ~20 users, Exchange is sitting on a single server. I use SendGrid to send emails generated by our externally hosted website to users in the office. Primarily, order notifications are sent to [email protected]. Without any pattern and less than once per week on average, an email to [email protected] will bounce back, and the logs on SendGrid detail the following error: 550 5.7.1 Unable to relay for [email protected] Either side of that failed delivery attempt, I'm able to send and receive emails to/from [email protected]. Having done some research, incorrect reverse DNS seems like it could be a cause of intermittent bounces like this. Having used nslookup, I have found that the reverse DNS doesn't map like it should, e.g. Office IP: 135.325.351.123 (made up IP, for example only) Domain: office.somedomain.com (made up, for example only) Reverse DNS: somedomain.gotadsl.co.uk (half made up) Could this be a cause? I'm sure that the IP address and the domain should map to each other. Also, it has been suggested to me that as the Exchange server is on a network with an ADSL connection, that could be a potential cause as the connection "goes up and down all day long". I don't have an opinion on this, as I don't have enough knowledge of Exchange/ADSL to form a reliable opinion. Can anyone offer any insight as to whether one or both are actually potential causes, or if there is another possible cause?

  Read the article

• Access Denied on Some Subfolders/Files Within a Share

  - by Tim

  First thing this morning, I find that users on one of our share drives are all getting "access denied". I tried the same drive and also received "access denied" as a Domain Admin. Previous to this, all specified users and admins could get access. I checked share permissions I checked NTFS permissions I temporarily made both types of permissions read/write to "Everyone" -- This worked for one user It turns out that this is occurring for only some files/folders. When I try to manually alter the share of that single share, it can't be shared, access denied. xcacls also gets access denied rebooted the server (not a big deal - this is a smallish company). Does anybody have any insight, my google-fu is coming up blank. Thanks. EDIT: More info, I just ran AccessEnum. There were a lot of "access denied", but I noticed the pattern that all of the access denied had a parent with an owner of "???". When I look at the properties, the "Unable to display owner" message is in the box and I can only make my user account the owner. I can then share the individual file/folder, but it doesn't seem to propogate down to subfolders/files.

  Read the article

• how to go about scaling a web-application ?

  - by phoenix24

  for someone whoes been primarily a web-application developer, and know not much about scaling/scalability techniques. I'll start by stating my application is written in Python, using Django; a fairly standard setup. I currently use Apache 2.2 for my webserver, and MySql for my database server; both running on the same vps server. Up until now, it was basically a prototype and merely 15-30 concurrent users at any given time; so I had no issues, but now since we'll be adding more users we'll have severe performance issues. So my question is how do i go about scaling my web-application? and my plan is as follows. Now I have just one vps server running, apache + mysql. Next, I plan to add another vps server, to run only MySql; so i'll have one web-server and one db server. Next, I'll add Memcache to the webserver for caching data; and taking some load off mysql. Next, another web-server for serving all the static content; Next, a vps server for load-balancing (nginx/varnish) behind which would be my two web-servers and then db-server. Does that sound like a workable strategy, please guide me around here.

  Read the article

• Use mod_rewrite or RedirectMatch to redirect oldfile.aspx?p=blah to newfile.php, ignoring ?p=blah

  - by Dan

  I've got a site with many incoming links to the old structure (gone for years), with tonnes of URL vars that are no longer relevant, as the database mappings were changed. So, I'd like to redirect: http://www.mysite.com/oldfile.aspx?p=1&c=2 to: http://www.mysite.com/newfile.php without the query string at the end. The actual query string varies - there are hundreds of them, but since they don't match up to a particular case anymore, I want to take people to the new index page for the content they're looking for, so they can find it from there. I currently use: RedirectMatch 301 ^/oldfile\.aspx$ /newfile.php This puts the query back on the end though. Can someone let me know the voodoo recipe I need?

  Read the article

• Security implications of adding www-data to /etc/sudoers to run php-cgi as a different user

  - by BMiner

  What I really want to do is allow the 'www-data' user to have the ability to launch php-cgi as another user. I just want to make sure that I fully understand the security implications. The server should support a shared hosting environment where various (possibly untrusted) users have chroot'ed FTP access to the server to store their HTML and PHP files. Then, since PHP scripts can be malicious and read/write others' files, I'd like to ensure that each users' PHP scripts run with the same user permissions for that user (instead of running as www-data). Long story short, I have added the following line to my /etc/sudoers file, and I wanted to run it past the community as a sanity check: www-data ALL = (%www-data) NOPASSWD: /usr/bin/php-cgi This line should only allow www-data to run a command like this (without a password prompt): sudo -u some_user /usr/bin/php-cgi ...where some_user is a user in the group www-data. What are the security implications of this? This should then allow me to modify my Lighttpd configuration like this: fastcgi.server += ( ".php" => (( "bin-path" => "sudo -u some_user /usr/bin/php-cgi", "socket" => "/tmp/php.socket", "max-procs" => 1, "bin-environment" => ( "PHP_FCGI_CHILDREN" => "4", "PHP_FCGI_MAX_REQUESTS" => "10000" ), "bin-copy-environment" => ( "PATH", "SHELL", "USER" ), "broken-scriptfilename" => "enable" )) ) ...allowing me to spawn new FastCGI server instances for each user.

  Read the article

< Previous Page | 527 528 529 530 531 532 533 534 535 536 537 538  | Next Page >