Search Results

Search found 28603 results on 1145 pages for 'active users'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 6/1145 | < Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >

  • Lookup Active Directory entry by implicit UPN

    - by Michael-O
    In our company exists a forest-wide UPN suffix company.com and almost all user accounts have the explicit UPN set to [email protected]. This value is also set in the Active Directory userPrincipalName attribute. Now we have an application where users perform authentication through Kerberos. So we are given the Kerberos principal, i.e. implicit UPN. We'd like to look up that user and retrieve several LDAP attributes. Since iUPN and userPrincipalName do not match anymore, the lookup is not possible. Is there any "official" way to retrieve a mapping from the Active Direcory? My workaround is to perform a LDAP bind against the realm component and search for the sAMAccountName attribute which matches the user id component of the iUPN. Searching for the mere sAMAccountName in the forest is not possible because the value is unique in the domain only.

    Read the article

  • Password Self-serve Active Directory via LAMP environment

    - by keithosu
    I would like to be able to change active directory passwords via a Linux/Apache based webpage. This would be a self serve web page for the user. I have SSL-LDAP setup on the Active Directory to make this happen. Is there any project or code out there that will do this? I've looked at this phpadadmin and I cannot get it to work. I think this is for IIS/php/mySQL Another thing to note is I would like the user to authenticate to change their own password. The product/service should not need a privileged account to run. Thanks Keith

    Read the article

  • Convert SQL Query results to Active Directory Groups

    - by antgiant
    Are there any quality products (ideally open source) that allow me to run an arbitrary SQL query that results in 2 columns (username, group name) and they adds that username in AD to a group of that name in AD? If the username doesn't exist it is ignored. If the group name doesn't exist ideally it gets created. Updated for Clarity: I have a MSSQL based system that is the authoritative source for some of the Active Directory Security groups, and their members. I want to be able to to have those Active Directory Security Groups populated by a one-way sync originating from MSSQL. Sadly the MSSQL based system does not have a good API, so I will have to do this with direct SQL calls. Is there anything that does this well?

    Read the article

  • Security Issue with Active Directory

    - by Will McCloskey
    The retard who was on the built-in Administrator login somehow (and this is what I'm guessing being as he is not here and I was not present when this occurred - Supposedly it was an "ACCIDENT") Denied the built-in Administrator account and every other account except for his personal one access to our domain - ie "Example.net" not just active directory or anything. I've been trying for literally 2 hours to find some sort of way to take control of the domain through the built-in Admin account with no success; I can't even open Active Directory. I'm not aloud to open DSA.MSC and there's no way for me to take ownership. Any ideas?

    Read the article

  • Network Path not found while joining Active Directory

    - by Chiggins
    So I have an Amazon EC2 box running Windows Server 2008 with Active Directory installed on it. I also have a Windows 7 virtual machine, which is set to use the Active Directory box as its DNS and WINS server. I'm trying to join the virtual machine to the domain, and I'm asked for authentication. I give authentication, wait a minute, and I get an error saying: The following error occurred attempting to join the domain "ad.chigs.me": The network path was not found. How can I fix this so that I'll be able to join the domain? Thanks!

    Read the article

  • Centrally manage Windows 7 computers without Active Directory

    - by Sean W.
    I manage three Windows PCs at home using the principle of least privilege. This means that practically every other day when a new version of Java is released, I have to manually install the update using my administrative credentials on each machine. This is starting to become more work than I had expected. I would love to set up an active directory domain at home, but Microsoft has discontinued Windows home server; its replacement, Windows server 2012 essentials is much more expensive (about $500). Are there any free (preferably as in speech) that would allow me to centrally manage the software installed on each machine in a manner similar to that of active directory? I'd also like to find a way to centrally manage security settings, but I doubt there's an equivalent of group policy. Samba 4 would be an ideal solution, but according to its own developers, it is not yet stable enough for production use.

    Read the article

  • Web interface to allow users to change their Active Directory password

    - by csexton
    I have a few web applications that use Active Directory to authenticate. What I would like to be able to do is provide a simple web page that would allow users to update their AD password. This wasn't a problem when the majority of the users had windows machines that connected to this AD server (and could ctrl-alt-del to change the password), but we are moving away from that and the AD server is mostly for web apps. Is there a simple solution for this, or am I looking at the big LDAP managers?

    Read the article

  • Debian and active directory authentication

    - by Tobia
    I'm trying to link a debian server authentication to active directory. I followed this tutorial: http://wiki.debian.org/Authenticating_Linux_With_Active_Directory but I'm stuck on the getent passwd Because this doesn't list all AD users but only locals. This is my nsswitch.conf: passwd: files winbind group: files winbind shadow: files winbind And I'm sure it is well connected to AD becuse this: wbinfo -u Lists all AD users. What have I missed?

    Read the article

  • Active Directory: Viewing "Attribute Editor" after finding an account via ADUC's "Find" option

    - by Beaming Mel-Bin
    When I activate the Advanced features (View - Advanced Features) and open a user's properties by navigating to their OU and right clicking the user object, I see the Attribute Editor tab. However, if I search for a user (right click the domain - Find - search for the user), and double click on the user, I do not see the tab. I cannot normally navigate to users because some OUs have too many users. Can someone suggest an alternative that allows me to view the Attribute Editor tab?

    Read the article

  • Enterprise Wireless Authentication without Active Directory

    - by ank
    We are in the process of redoing our wireless access network and would like to know if there is any method to get Windows clients/users access to the network using 802.1x WITHOUT having an Active Directory server for authentication and WITHOUT installing additional software on each and every client. Note that we already use Radius servers, LDAP servers (all on CentOS). Users employ a variety of clients including Windows, Mac, Linux, Android, iOS.

    Read the article

  • linux ftp server with virtual users

    - by kjertil
    i know there are already similar questions for this matter but the answers doesn't really make much sense to anyone who is not really technically comfortable in Linux. I've already tried articles like these for example: http://howto.gumph.org/content/setup-virtual-users-and-directories-in-vsftpd/ with the result of accidently breaking the whole system. The problem is that, while there are several technical possibilities to set up virtual users with a FTP server, it is not as easy as managing for instance a Filezilla server on Windows. I've seen some Web based GUI's but most of them seems to be out of date. The different flavours of Linux and the large amount of different popular FTP servers also seems to make the matter more complicated. I guess my question is, is there a way, to set up virtual FTP users on Linux without the hastle of having to manually edit PAM, MYSQL and config files?

    Read the article

  • Joining Samba to Active Directory with local user authentication

    - by Ansel Pol
    I apologise that this is somewhat incoherent, but hopefully someone will be able to make enough sense of this to understand what I'm trying to achieve and provide pointers. I have a machine with two network interfaces connected to two different networks (one of which it's providing several other services for, such as DNS), running two separate instances of Samba, one bound to each interface. One of the instances is just a workgroup-style setup using share-level authentication, which is all working fine. The problem is that I'm looking to join the other instance to an MS Active Directory domain (provided by MS Windows Small Business Server 2003) to enable a subset of the domain users to access the shares from Windows machines on the other network. The users who need access from the domain environment have accounts (whose names are all-lowercase versions of their domain usernames) on the machine running Samba, but I'm not sure about how to map the UIDs and everything I've read concerns authenticating accounts on that machine against either AD or another LDAP server. To clarify: I only want the credentials for AD users accessing the non-workgroup Samba instance to be authenticated against AD, not the accounts on the machine running Samba. I hope this is sufficiently clear. EDIT: In addition to being able to access the Samba shares from AD, I do also need to be able to access a share on the domain from the machine running Samba but would still like everything non-Samba-related to authenticate locally.

    Read the article

  • Minimum permissions needed to create a user Home Folder in Windows Active Directory

    - by Jim
    We would like the Help Desk to have the responsibility of creating User Home folders instead of our 2nd level support. The help desk global group is already an Account Operator, so in Active Directory they are able to edit all User Attributes just fine. The problem is figuring out the minimum level of permissions needed on the File Server to create the home share, with out giving them access to everyone home share. So if they open AD Users and Computer, open the properties for a user, and enter \home\users\%username% in the profile tab and then click OK, they get the following error. The \home\users\username home folder was not created because you do not have create access on the server. The user account has been updated with the new home folder value but you must create the directory manually after obtaining the required access right. Right now I have given the Helpdesk group Full Control on the root folder only (no files or subdirectories) The directory is actually created, but the permissions on the newly created folder only show administrators full control, and no permissions for the configured user account. It sure sounds like I'd have to make the helpdesk local admins on the file servers, which is what I'd like to avoid. Especially since the file servers are a large cluster hosting much much more than the entire orgs home share structure.

    Read the article

  • Nautilus file share for multiple users is not working. Only owner gets access.

    - by Niklas
    I have always had trouble setting up samba shares with ubuntu. In the past I've tried getting it to work by configuring /etc/samba/smb.conf but never achieved what I wanted. Last time I managed to get it working by making a share with nautilus built in file sharing (which utilises samba). Now when I try do it again I doesn't work. (running ubuntu 10.10 Desktop x64) What I'm trying to achieve is a share which is available for multiple users (those who are in the same group) and not just the owner (who also is included in the group). As it is now I can connect with only the owner, the others are getting an error when I try to connect with windows 7. All the users are within the same group and the folder permissions are 770. The files and folders have the correct group settings. I think there is no restrictions in the User Settings for the other users blocking them and I marked "make available to other users (or whatever it says)" in the file sharing dialog. What can I do?

    Read the article

  • Mystery "users" email group

    - by dangowans
    This morning, our entire company received a spam message sent to [email protected], where "ourdomain.on.ca" is our actual domain. There is a distinguished name that this could correspond to: CN=Users,DC=ourdomain,DC=on,DC=ca Looking at the attributes though, there is no mail, no proxyAddresses, no signs that there is a mailbox configured there. I did some LDAP queries, searching for: (proxyAddresses=smtp:[email protected]) ([email protected]) But am not seeing any records. (I also search for known email addresses to ensure the tree was being searched properly.) We are running Exchange 2003. Is there another place to look for group email addresses? Is it possible that the distinguished name is being automatically translated to an email address?

    Read the article

  • Joining Samba to Active Directory with local user authentication

    - by Ansel Pol
    I apologise that this is somewhat incoherent, but hopefully someone will be able to make enough sense of this to understand what I'm trying to achieve and provide pointers. I have a machine with two network interfaces connected to two different networks (one of which it's providing several other services for, such as DNS), running two separate instances of Samba, one bound to each interface. One of the instances is just a workgroup-style setup using share-level authentication, which is all working fine. The problem is that I'm looking to join the other instance to an MS Active Directory domain (provided by MS Windows Small Business Server 2003) to enable a subset of the domain users to access the shares from Windows machines on the other network. The users who need access from the domain environment have accounts (whose names are all-lowercase versions of their domain usernames) on the machine running Samba, but I'm not sure about how to map the UIDs and everything I've read concerns authenticating accounts on that machine against either AD or another LDAP server. To clarify: I only want the credentials for AD users accessing the non-workgroup Samba instance to be authenticated against AD, not the accounts on the machine running Samba. I hope this is sufficiently clear. EDIT: In addition to being able to access the Samba shares from AD, I do also need to be able to access a share on the domain from the machine running Samba but would still like everything non-Samba-related to authenticate locally.

    Read the article

  • SharePoint 2010 User Profile Sync - Remove Disabled Users

    - by ScaleOvenStove
    I have SharePoint 2010 set up to sync active directory users and it is working great. I am getting disabled users in the sync though. I have tried what all the blogs say, filter on userAccountControl bit on equals 2 but to no avail, the disabled users are still syncing. I am at a loss on where to look next. My last resort would be to create a ou/folder in AD and move disabled users there and remove that from the sync connector, but I don't really want to go there. Any ideas?

    Read the article

  • Sharepoint AD imported users are becomming sporadically corrupted, causing us to have to create a ne

    - by TrevJen
    Sharepoint 2007 MOSS with AD imported users. All servers are 2008. I have around 50 users, over the past 2 months, I have had a handful of the users suddenly unable to login to Sharepoint. When they login, they either get a blank screen or they are repropmted. These users are using accounts that have been used for many months, sometimes the problem originates with a password change. In all cases, the users account works on every other Active Directory authenticated resource (domain, exchange, LDAP). In the most recent case, last night I was forced deleted a user ("John smith") because of corruption. The orifinal account name was jsmith. I deleted him from active directory, then deleted him from the profile list in Sharepoint Shared Services. I could not find a way to delete him from the Sharepoint user list, but I reran the import after recreating his account (renamed it too just to be sure to "smithj"). At first, this did not wor, the user could still access all other resources but Sharepoint. then, some 30 minutes later it inexplicably started working. This morning, the user changed passwords, which immediatly broke the login on Sharepoint again. I am at a loss on how to troubleshoot this.

    Read the article

  • Users are getting a temporary profile

    - by Serhiy
    A bit about current setup: It is windows 2008 R2 AD servers (all of them are 2008R2) and couple locations which set as Sites. Each location has DFS on AD server. Roaming profiles are not used nor configured. Users have their home folder configured as mapped S: drive to DFS shared folder. For example: in profile tab user has: Home Folder - connect - S: to \\domain.com\dc\users\%username% We also have redirected Desktop, Documents and Downloads folders to \\domain.com\dc\users. Everything was fine. Suddenly (today), users in most locations lost their local profile (both XP and W7 desktops) and got temporary profiles. Also, it looks like local profile was created today (from folder properties). I checked events at couple machines and there is not errors related to profiles or logon process. I do not see issues in event logs at servers as well. Basically, I run out of ideas what is wrong and why machines lost their local profiles. PS: Laptop users do not have their folders redirected, but lost profiles as well.

    Read the article

  • Minimum rights to access the whole Users directory on another computer

    - by philipthegreat
    What is the minimum rights required to access the Users directory on another computer via an admin share? I have a batch file that writes some information to a few other computers using a path of \\%COMPUTERNAME%\c$\Users\%USERNAME%\AppData\Roaming. The batch files run under an unprivileged user (part of Domain Users only). How do I set appropriate rights so that service account can access the AppData\Roaming folder for every user on another computer? I'd like to give rights lower than Local Admin, which I know will work. Things I've attempted: As Domain Admin, attempted to give Modify rights to the C:\Users\ directory on the local computer. Error: Access Denied. Set the service account as Local Admin on the other computer. This works, but is against IT policy where I work. I'd like to accomplish this with rights lower than Local Admin. Any suggestions?

    Read the article

  • Can I share data between two users in an ASP.NET Application?

    - by Dave
    I have an issue with Roles.IsUserInRole function. It take hell amount of time to just check if the logged-in user is in particular role(typ 3-9 sec). I searched to find a solution and arrived on this but I am not sure If I have fully grasped it. What I got from the above, A new derived class is created. Inside that class, there is a list which retrieves all user at once. The next time you check IsUserInRole, you do not use the actual IsUserInRole method but rather use the one you overrode in your class. Is this the correct description? Am I on track? My question is, can data be share between two different users in ASP.NET application? If yes, will the shared data exist only if there is at least one user logged in. If all users logs out, that shared data is destroyed? My point is this data will be created only one time whenever a user logs in. For all subsequent users they can use this data and check their roles against the list? I need a detailed answer. My application has users and different roles. We are using ASP.NET roles.

    Read the article

  • Ubuntu software stack to mimic Active Directory auth

    - by WickedGrey
    I'm going to have an Ubuntu 11.10 box in a customer's data center running a custom webapp. The customer will not have ssh access to the box, but will need authentication and authorization to access the webapp. The customer needs to have the option of either pointing the webapp at something that we've installed locally on the machine, or to use an Active Directory server that they have. I plan on using a standard "users belong to groups; groups have sets of permissions; the webapp requires certain permissions to respond" auth setup. What software stack can I install locally that will allow an easy switch to and from an Active Directory server, while keeping the configuration as simple as possible (both for me and the end customer)? I would like to use as much off-the-shelf software for this as possible; I do not want to be in the business of keeping user passwords secure. I could see handling the user/group/permission relationships myself if there is not a good out-of-the-box solution (but that seems highly unlikely). I will accept answers in the form of links to "here is what you need" pages, but not "here is what Kerberos does" unless that page also tells me if it's required for my use case (essentially, I know that AD can speak Kerberos, but I can't tell if I need it to, or if I can just use LDAP, or...).

    Read the article

  • Help diagnosing Likewise Open Active Directory authentication problem

    - by purpletonic
    I have two servers which were up until recently authenticating against the companies Active Directory Domain controller. I believe a recent change to the Active Directory administrator password caused the servers to stop authenticating against AD. I tried to add the servers back to the domain using the command: domainjoin-cli join example.com adusername this seemed to work without complaints, but when I try to login via ssh with my domain account, I get an invalid password error. When I run the command: lw-enum-users it prints all of the domain users, and looking up my own account, I see that it is valid and my password hasn't expired. I also ran lw-get-status and received the following: LSA Server Status: Agent version: 5.0.0 Uptime: 0 days 3 hours 35 minutes 46 seconds [Authentication provider: lsa-activedirectory-provider] Status: Online Mode: Un-provisioned Domain: example.com Forest: example.com Site: Default-First-Site-Name Online check interval: 300 seconds \[Trusted Domains: 1\] \[Domain: EXAMPLE\] DNS Domain: example.com Netbios name: EXAMPLE Forest name: example.com Trustee DNS name: Client site name: Default-First-Site-Name Domain SID: S-1-5-24-1081533780-4562211299-822531512 Domain GUID: 057f0239-7715-4711-e64b-eb5eeed20e65 Trust Flags: \[0x001d\] \[0x0001 - In forest\] \[0x0004 - Tree root\] \[0x0008 - Primary\] \[0x0010 - Native\] Trust type: Up Level Trust Attributes: \[0x0000\] Trust Direction: Primary Domain Trust Mode: In my forest Trust (MFT) Domain flags: \[0x0001\] \[0x0001 - Primary\] \[Domain Controller (DC) Information\] DC Name: dc1.example.com DC Address: 10.11.0.103 DC Site: Default-First-Site-Name DC Flags: \[0x000003fd\] DC Is PDC: yes DC is time server: yes DC has writeable DS: yes DC is Global Catalog: yes DC is running KDC: yes [Authentication provider: lsa-local-provider] Status: Online Mode: Local system Anyone got any ideas what might be occurring? Thanks in advance!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >