Search Results

Search found 28603 results on 1145 pages for 'active users'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 55/1145 | < Previous Page | 51 52 53 54 55 56 57 58 59 60 61 62  | Next Page >

  • Windows Server 2008 Migration - Did I miss something?

    - by DevNULL
    I'm running in to a few complications in my migration process. My main role has been a Linux / Sun administrator for 15 yrs so Windows server 2008 environment is a bit new to me, but understandable. Here's our situation and reason for migrating... We have a group of developers that develop VERY low-level software in Visual C with some inline assembler. All the workstations were separate from each other which cased consistency problems with development libraries, versions, etc... Our goal was to throw them all on to a Windows domain were we can control workstation installations, hot fixes (which can cause enormous problems), software versions, etc... All Development Workstations are running Windows XP x32 (sp3) and x64 (sp2) I running in to user permission problems and I was wondering maybe I missed one, tWO or a handful of things during my deployment. Here is what I have currently done: Installed and Activated Windows Server 2008 Added Roles for DNS and Active Directory Configured DNS with WINS for netbios name usage Added developers to AD and mapped their shared folders to their profile Added roles for IIS7 and configured the developers SVN Installed MySQL Enterprise Edition for development usage Not having a firm understanding of Group Policy I haven't delved deeply in to that realm yet. Problems I'm encountering: 1. When I configure any XP workstations to logon our domain, once a user uses their new AD login, everything goes well, except they have very restrictive permissions. (Eg: If a user opens any existing file, they don't have write access, except in their documents folder.) Since these guys are working on low system level events, they need to r/w all files. All I'm looking to restrict in software installations. Am I correct to assume that I can use WSUS to maintain the domains hot fixes and updates pushed to the workstations? I need to map a centralized shared development drive upon the users login. This is open to EVERYONE. Right now I have the users folders mapped upon login through their AD profile. But how do I map a share if I've already defined one within their profile in AD? Any responses would be very grateful. Do I have to configure and define a group policy for the domain users? Can I use Volume Mirroring to mirror / sync two drives on two separate servers or should I just script a rsync or MS Synctool? The drives simply store nightly system images.

    Read the article

  • How to create a password-less service account in AD?

    - by Andrew White
    Is it possible to create domain accounts that can only be accessed via a domain administrator or similar access? The goal is to create domain users that have certain network access based on their task but these users are only meant for automated jobs. As such, they don't need passwords and a domain admin can always do a run-as to drop down to the correct user to run the job. No password means no chance of someone guessing it or it being written down or lost. This may belong on SuperUser ServerFault but I am going to try here first since it's on the fuzzy border to me. I am also open to constructive alternatives.

    Read the article

  • AD, Windows-NT Authentication queries

    - by rockbala
    Need Help on the following questions. When a users login (on a computer in the network) is validated against AD what is/are the authentication method used? When a users login is validated in Windows NT environment (not AD) what is/are the authentication method used? If all user's account is on AD, is it possible to change the authentication mechanism only (or protocols) from AD to NT and vice versa (if possible)? If part/whole of question 3 is valid, where should one look to change these authentication methods ? What is the difference between AD and Windows-NT authentication ? Windows server 2008 Domain controller used. Regards, Balaji

    Read the article

  • Forcing users to change password on first login - Windows Server 2008 R2 Remote Desktop Services

    - by George Durzi
    I'm setting up a demo lab environment in which each demo lab user is assigned 4 accounts to use in the lab. Users access the lab via Remote Desktop to the "client" machine in the lab - exposed at demolab.mydomain.com. The Client machine is a Windows 2008 Server R2 Enterprise Edition server The Remote Desktop Services role is configured on this server Remote Connection settings are configured to allow users to connect with any version of the Remote Desktop Client All accounts are members of the local Administrators and Remote Desktop Users groups All accounts are configured to be forced to change the default password after first login The user is instructed to remote into the lab with an account designated as their main account, and establish 3 more remote desktop sessions within the lab using their 3 other assigned demo lab accounts. When establishing the initial remote desktop connection to the lab using their main account, the user sees the change password dialog as expected. However, after logging in and trying to establish remote desktop connections to the server with their three other accounts, they are prompted that they need to change the password after logging in but can't continue with the login process - they don't see the expected change password experience. After logging in with a primary accounts, it doesn't make a difference if I try establishing a Remote Desktop connection to the environment using the name of the server, e.g. Client, or demolab.mydomain.com. I experimented with changing the settings for Remote Connections to require NLA but that didn't make a different. Appreciate any tips. Thanks

    Read the article

  • Autologin 2 Windows users OR Login another user from the desktop

    - by fpdragon
    I'm using two windows users on my HTPC at the same time. One is just for watching videos and one for administration via remote. This setup is quite ideal for me since windows can handle multiple concurrent logins and the win "rdp concurrent hack" (Google). The problem is, I want both users to be logged in automatically when the pc was started. It shall be possible to watch tv and also the admin user shall be automatically logged in to start my scripts and other tasks, even if I haven't logged in via remote desktop manually. Later, when I want to admin my htpc I can just rdp connect the admin user without interrupting the video playback on the actual HTPC's screen and check my cleanup tasks, downloads, ... witch already executed for this admin user. But right now I found no solution to automatically login user A from a user B desktop and I also found no solution to autologin both users immediately at startup. As a workaround I have to fire up my other notebook machine and login one time with the remote user via rdp. From this time on the remote admin user is running concurrent with the main user in the background of the machine. The other workaround would be... after startup switch user from main user to admin user and then back again. But that also requires manual steps. I'm on a Windows 8 System right now but all infos for Win7 or XP would be also interesting. thanks a lot for all ideas. PS: just to prevent useless posts... don't tell me that only one user can be logged in to windows. ;)

    Read the article

  • How to reject messages to unknown user in sendmail cooperating with MS-Exchange?

    - by user71061
    Hi! I have an MS Exchange 2003 configured as a mail server for an organization. As this server is located in this organization internal network and I don't want to expose it directly over internet, I have second server - linux box with sendmail - configured as intelligent relay (it accept all messages from internet addressed to @my_domain, and forward it to internal Exchange serwer, and accepts all messages from this internal Exchange server and forward it over internet). This configuration work's fine, but I want to eliminate messages addressed to not exiting users as early as possible. Good solution could be Enabling on Exchange server function of filtering recipients together with "tar pitting", but in my case this dosn't solve problem, because before any message reach my Exchange server (which could eventually reject it), it has to be already accepted by sendmail server, sitting in front of this Exchange server. So, I want to configure my sendmail server in such a way, that during initial SMTP conversation it could query somehow my Exchange server checking whether recipient address is valid or not, and based on result of this query, accept or reject (possibly with some delay) incoming message in a very early phase. In fact, I have already solved this issue by writing my own, simple sendmail milter program which checks recipient address against text file with list of valid addresses. But this solution is not satisfying me any longer, because it requires frequent updates of this file, and due to lack of time/motivation/programming skills, I don't want to cope further with my source code, adding to it functionality of querying my Exchange server. Maybe I can achieve desired effect by configuring any component of already available linux software. Any ideas?

    Read the article

  • Preventing applications from performing run once tasks for multiple users

    - by JohnyV
    In our environment we have several applications that are installed that have a need to run a little prompt the first time they run eg Media player, Google earth etc. The problem is we have many users on many different computers. And the computers have deepfreeze running on them which removes the users profile once the computer is restarted. So next time that user logs in they have to go through the whole thing of run once again. I have managed to prevent IE runonce using group policy and office run once from using the office customisation tool. Is there a way to make this happen for other applications. On windows xp we used to copy a user that has run all the apps and place their default profile into the default profile so that new users get that profile template. Now with windows 7 the process of copy profiles is not as easy. Is there an easy way to copy profiles in win 7 or is there a better way (eg modify reg or app data) to prevent apps from performing an initial run. Thanks

    Read the article

  • Map the 'Domain Admins' group into the local Ubuntu 'admin' group

    - by Miquella
    I have configured an Ubuntu 10.04 box to connect to our domain (Windows 2003 R2) using Likewise-Open. All the users can authenticate as expected. However, the domain administrators do not have administrative privileges to the machine. After working at this for a few hours, I've determined what I think may be a solution: if I map the 'Domain Admins' group from the Active Directory into the local 'admin' group, the users should get the appropriate permissions. But I have no idea how to do that. Does this even sound like the correct approach? A similar question was asked on StackOverflow and then migrated here. But it was never answered as it was recommended to be asked here instead. Thanks in advance!

    Read the article

  • Can arbitrary email addresses be stored in AD userPrincipalName?

    - by Rob Potter
    I have a web app that is front-ended by ISA, natively authenticating against AD. All users currently log on with sAMAccountName. I would like to allow users to provide a personal email address and be able to authenticate against this instead. From what I understand the AD userPrincipalName is typically used for an internally generated logon name, which by convention, is often their internally generated email address. The web app that I have is web scale (circa 3 million accounts*) and not an internal, corporate app, so the email addresses will be from diverse domains. Can I just set the AD userPrincipalName attribute to the user's email address, and then will ISA natively authenticate against this attribute instead? I heard rumours of AD having a maximum number of domain suffixes that it allows in AD userPrincipalName...? (presumably it catalogues them). [*I realise that AD is not the ideal authentication directory for a user population of this scale.]

    Read the article

  • Best way to find the computer a user last logged on from?

    - by Garrett
    I am hoping that somewhere in Active Directory the "last logged on from [computer]" is written/stored, or there is a log I can parse out? The purpose of wanting to know the last PC logged on from is for offering remote support over the network - our users move around pretty infrequently, but I'd like to know that whatever I'm consulting was updating that morning (when they logged in, presumably) at minimum. I'm also considering login scripts that write the user and computer names to a known location I can reference, but some of our users don't like to logout for 15 days at a time. If there is an elegant solution that uses login scripts, definitely mention it - but if it happens to work for merely unlocking the station, that would be even better!

    Read the article

  • Users getting 'flooded' with not read notifications (NRNs) for old emails and meeting requests

    - by Exile
    I'm being placed under quite a lot of pressure from senior management over a relatively trivial issue. Basically the vast majority of users are complaining that they receive not read notifications (NRNs) for old emails and meeting requests in large numbers multiple times a day. I know something strange is happening because some are delivered at silly times in the morning (i.e 3AM or 4AM). The problem I have is that these some of these NRNs are from meeting requests and messages that are 120 days old, so some users have deleted the original message so I don’t actually know if the NRN is from an email or meeting request. This is typical of what users receive as a NRN: From: Sender Sent: 23 March 2012 04:16 To: Recepient Subject: Not read: Accepted: Status update Your message To: Sender Subject: Accepted: Status update Sent: Wednesday, November 23, 2011 8:59:00 AM (UTC) Dublin, Edinburgh, Lisbon, London was deleted without being read on Friday, March 23, 2012 4:15:32 AM (UTC) Dublin, Edinburgh, Lisbon, London. ... From: Sender Sent: 18 March 2012 01:13 To: Recepient Subject: Not read: Gold delivery - Sourcing module Your message To: Sender Subject: Gold delivery - Sourcing module Sent: Friday, November 18, 2011 9:37:58 AM (UTC) Dublin, Edinburgh, Lisbon, London was deleted without being read on Sunday, March 18, 2012 1:12:37 AM (UTC) Dublin, Edinburgh, Lisbon, London. I have done a search and found the following: http://support.microsoft.com/kb/2544246 http://support.microsoft.com/kb/2471964 But we already installed 'Update Rollup 6 for Exchange Server 2010 Service Pack 1' back in December, so I am not sure what we can do to fix this?

    Read the article

  • UIDs for service users in Mac OS X

    - by LaC
    Some third-party servers should be run under a special user for security reasons (eg, PostgreSQL is typically run by "postgres"). Of course, these service users should not show up in the Mac OS X login windows. I know how to create hidden users using dscl or dsimport, but I'm wondering what the best policy is for assigning UIDs (and matching GIDs). Apple's documentation states that UIDs from 0 to 100 are reserved (pg. 69), but OS X comes with several special users and groups outside that range. I used to use ids from 401 onwards for services, but I noticed that OS X 10.6 has started using that range for groups created by the Sharing pane in System Preferences. What is the recommended ID range to use for third-party services, then? Perhaps I should just use IDs in the 500 range, since all that is needed to hide a user in Snow Leopard is setting his password to "*"? Also, most of Apple's services have names starting with an underscore, with an alias sans underscore; eg, _sandbox and sandbox. Is there any special significance to this? Should I do the same for my services?

    Read the article

  • Replacement for NIS/YP

    - by mdpc
    The company that I am working for is embarking on replacing the current locally developed NIS/YP structure with LDAP. We already have AD in house for the Windows stuff and would like to consider using an AD system. The AD people are quite restrictive and would not support extensive modifications. We have needs to have the replacement include the support the full capabilities of the NIS/YP suite include netgroups, login restrictions to specific servers for specific users or groups of users, consistent passwords between the *nix and Windows environment,etc. Our environment is a mixture of Linux (suse, RH, Debian), Sun, IBM, HP and MPRAS as well as a NETAPP. So whatever we use must be totally inclusive to all environment. We have looked at Likewise, but our management wants other alternatives to compare with. What other things should I be looking at and what is you assessment of the alternative? Thanks

    Read the article

  • What are the components required to run taskpads on a workstation?

    - by Darktux
    we are planning to implement task pads in our enviroment for delegation for user administration.I have few questions regarding this. 1.) To run a taskpad (with AD users and computers) ; does the workstation contain whole set of Administrative tools oris there a way just to compy dsa.msc to all workstations and get done with? Note: All tak pads will be shared on a file share and users access them via powershell scripts. 2.) We are creating MMC's in Windows 7 and keeeping them in a share; will the work with Windows XP too or do we need to develop 2 versions of them? We are aiming to keep away software from workstations and maintain it as much as possible on centralized file shares. Please shoot me any questions or clarifications pertaining to my query.

    Read the article

  • Cross domain LDAP

    - by Adam
    For a system we are developing we have 2 domains an internal and an external domain with bi directional trust between them. However the servers are only able to connect to their own DC's. We have an application server on the internal domain which needs to use an LDAP query to gather a list of users from a group on the external domain. How do i go about writing an LDAP query that asks one DC to go ask another DC for a list of users. I tried querying the internal DC with the same LDAP query I would use if it could hit the external DC directly but this does not work. When i use Softerra LDAP Administraor I can view the full hierarchy of the interal domain but despite the trust relationship between domains i am unable to see any of the external doamin. Any suggestions or help would be greatly appreciated

    Read the article

  • Data loss with roaming profiles on login on two different computers

    - by Jurriaan Pijpers
    We have a Windows server 2003 system with Active Directory and all of our users have roaming profiles. One of the users let someone login with his username and password on a different computer (2) while he was working on his own computer (1). Now when this user logs in on his own computer (1), the profile that is loaded is one that dates back many months (i think from the last time he logged on to computer 2). My suspicion is that the profile that was cached on computer 2 from many months back when this user last logged on on this computer, on logoff, synced over the newer profile on the server. so that now when he logs in, he gets this old profile. Now my questions: Is it possible to retrieve te newer profile? Is it possible to keep this from happening in the future?

    Read the article

  • How can i use one Domain Controller to manage 3 separate small firms

    - by Plamen Jordanov
    currently we have one Domain Controller that have 15 users and cup off services(hMailServer, IIS, DNS, Active Directory). Now the owners of the firm created two new firms which computers and networks are my responsibility. Now i wonder how exactly to join users in existing domain. Did you think that is a good idea to just include all computers and user from all firms under one domain or there is another solution ? Did some of you run into this kind of situation and what did you do ? ---Edit--- Brent, Dan thank for info guys. For now i will follow Brent advice until we get the new server witch we will virtualize and the old server will be our second DC on different location. Heck we even might think some Pay-as-you-go VPS solution for DC redundancy.

    Read the article

  • Automate new AD user's home folder creation and permission setup

    - by vn.
    I know if we setup a base folder or a profile path in the Profile tab of an AD user, we can copy it and the folder creation and permission setup will be automated. My problem is that not all my users have a roaming profile and the home folder linking is done thru GPO. When I copy from these users, the home folder isn't created automatically and I have to create it manually and change permission and ownership on that folder, located on the fileserver. What should I do? A script may be nice but it'd have to be run everytime a new user is created and I don't think we can link a script to an AD user creation? I'd like to avoid any manual steps and keep my GPO that way. Using a W2008r2 DC on w7 client boxes. Thanks.

    Read the article

  • printer assignments for windows xp workstations within an active directory environment

    - by another_netadmin
    I'm using the following script to handle removing any old networked printers from machines and then assigning the propper ones and making one of them the default. This script is assigned to the OU the workstations reside in and uses group policy loopback so all users that login will get the appropriate printers mapped for them. I tried to use the new Printer Manager as part of W2K3 R2 but when assigning the default this way I get an error that the printer doesn't exist so I'm back to using the script. One flaw that I'm noticing is that it won't remove any printers that happen to be mapped from an RDP session (we don't see this everywhere but there are a few locations). Is there any way to enumerate all RDP printers and remove them similar to how I'm enumerating and removing networked printers? ' ' Printers.vbs - Windows Logon Script. ' RemovePrinters AddPrinters Sub RemovePrinters() On Error Resume Next Dim strPrinter Set objNetwork = WScript.CreateObject("WScript.Network") Set colPrinters = objNetwork.EnumPrinterConnections For i = 0 to colPrinters.Count -1 Step 2 strPrinter=CStr(colPrinters.Item(i+1)) If Not InStr(strPrinter,"\\") = 0 Then objNetwork.RemovePrinterConnection strPrinter, True, True End If Next End Sub Sub AddPrinters() On Error GoTo 0 Set objNetwork = CreateObject("WScript.Network") objNetwork.AddWindowsPrinterConnection "\\printers1\JH120-DELL5310" objNetwork.SetDefaultPrinter "\\printers1\Jh120-DELL5310" End Sub

    Read the article

  • Restoring exchange 2003 from a backup

    - by user64204
    Hi all, I'm restoring an Exchange server from a backup: [1] the backup was created on 19/12/2010 [2] the server kept running until 20/12/2010 [3] we're restoring the server today 21/12/2010 with the backup from [1] My understanding is that when the server comes back: [4] whatever is in users' inbox since [1] will be deleted. [5] whatever is in users' sent box since [2] should be re-sent. [6] As a safety measure we've moved all emails sent/received between [1] and [3] to .PST files. Questions: -are [4] & [5] statements correct? -is there any way to move back emails from the PST file [6] to the current inbox/sent folders so that Exchange takes these emails into account (instead of deleting them)? -what happens to the Calendar items that were added after [1], is there any way to back those up as well if needed? Many thanks

    Read the article

  • Access Control issue

    - by user160605
    Ok this is stumping me mainly because of the lack of experience I have with access control. I have two folders I need to keep away from users. Payroll and Banking. I went into security and took away all the users. I made a new group called access granted and added it to both folders. I then gave full control to the group. I then added a few days to this group. I tested with partial success. I can only get into some folders and subfolders/files. I made sure I clicked on the option for all subfolders. This is my layout C:(folder) -- permissions granted to admin,access (full control) when I look at the problem files/folders no one has any permissions I don't even see the group or admin. what am I doing wrong. Thanks

    Read the article

  • When one DC crashes, TFS 2012 stops working

    - by blizz
    We have two Windows 2008 domain controllers. We installed the second DC only a few months ago. We also have a TFS 2012 server on the network. Today, when the older DC crashed, TFS stopped working completely. Local users received messages such as "You are not authorized to access ServerName\Collection". Remote users received messages such as "The server was used in your last session, but it might be offline or unreachable". So my question is, why did TFS not use the second, newer DC instead of just crashing along with the first DC?

    Read the article

  • Group Policy for Setting Passwords: Server 2003 Domain

    - by user1236435
    In my 2003 domain, I am being requested to set a password policy to require passwords to expire every 4 months, and also require users to change their password on their next login, due to a security issue. In my domain, my OU's are setup by location, then drilled down to city, then the users and computers are in separate sub-domains. My question is, how do I set this up for my domain? Will I need to set the policy up for loop back? Can I configure this for just a specific OU? Any suggestions on how to move forward? Any advise is much appreciated, and thanks in advance!

    Read the article

  • Change domain password from non-domain computer (AD)

    - by Josh
    I have a domain controller on Windows Server 2008. When I set up my users, I gave them all a dummy password with the "must change on next login" checked. Everyone's machine is all on the same network as the domain controller, but we are not forcing them to join their computers to the domain. The DC has a website which requires the use of domain accounts to access it. How do I tell my users to change their domain passwords without connecting their PC to the domain or making them log in to a machine on the domain? I do not want anything I will have to install on each client to allow them to change their passwords (I have a password expiration policy). Most of these workstations are XP.

    Read the article

  • Adding Windows 2008 R2 Standard 64 bit DC to Windows 2008 Standard 32 bit Domain

    - by user137652
    All of our domain controllers (2) are Windows 2008 Standard 32 bit. We are trying to add a Standard 2008 R2 64 bit domain controller to the forest but for some reason during DCPROMO, we receive the following error: "to install a domain controller into this active directory forest,you must first prepare the forest using "adprep/forestprep" etc We went ahead an ran adprep /forestprep on our established domain controller and allowed time to replicate. When attempting to execute dcpromo again, we receive the same error. What gives?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 51 52 53 54 55 56 57 58 59 60 61 62  | Next Page >