Search Results

Search found 28603 results on 1145 pages for 'active users'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 73/1145 | < Previous Page | 69 70 71 72 73 74 75 76 77 78 79 80  | Next Page >

  • trouble with AD and profile import

    - by GeorgeWNYC
    I am involuntary Admin for a MOSS 2007 site. We use profile import from AD, from two domains: Mycompany.com and AM.MyCompany.Com I was looking at the log for the PEOPLE_DL_IMPORT Content source and it has many entries like: spsimport://?$$dl$$/MyCompany.com/MyCompany.com/MyCompany.com/am.MyCompany.com/MyCompany.com/am.MyCompany.com/MyCompany.com/am.MyCompany.com/am.MyCompany.com/MyCompany.com/am.MyCompany.com/am.MyCompany.com/am.MyCompany.com/MyCompany.com/MyCompany.com/am.MyCompany.com/am.MyCompany.com It certainly doesn't look right. Is this normal? What can I do to remedy it ? Can I start over? There are users already in SP and some of them are in SP groups for permission purposes.

    Read the article

  • NIS AD password synch for new accounts

    - by user135004
    I have a Win2k3R2 DC with NIS. All is working well but its no longer synching the passwords for new accounts. When creating a new AD user, NIS does its thing and sends its Unix account to the synched linux server. It's doing everything its supposed to do but not the users password to the server (getent passwd returns the ABCD!efgh12345$67890 password for the new account). Thinking that password synchronization is not working, I changed the password of an existing working account and it synchs the new password. If I delete a new or old AD user, it deletes it on the linked linux server as well. All this tells me that NIS is doing its thing (at least with existing accounts) No updates have been installed on the DC. I am not even sure where to start here.

    Read the article

  • Log into AD account through Command Line

    - by CranialPain
    Our SBS2003 server likes to lose connection every so often. This appears to 'kick' everyone out, so that no-one can access the server or its shared folders without a log off log in. It usually brings up an error message stating that Windows 7 (on the client machines) cannot find the server, even though its ping-able. Is there a way to login through the command line so I can just write a batch file and have the users double-click it and enter their credentials instead of closing down programs and logging out/in over and over?

    Read the article

  • AD password not synchronising properly

    - by Kaczmar
    I have 600+ users in AD, but only one causes me trouble. The problem is I can reset his password from AD, he can then log in to his machine. After that he would like to change his password from Windows 7, and proceeds without errors. Logs out or locks the workstation but cannot access it again using either old or new password. So I have to reset it again and he can only use the one I provide for him. All our machines are in the same physical location in the same subnet. Functional level is 2003. I'm totally out of ideas. I could create him new user account, but I'd possibly like to know what causes this. I can only suspect some sort of synchronisation problems but other accounts work fine, and I don't know how to dig deeper into this. Thanks, Piotr

    Read the article

  • no internet mail group / mail sending and delivery restrictions

    - by Jeff
    I run a win 2k8 a/d server and an win 2k8 exchange 07 server I have a group called 'No Internet Mail', i made it a distribution group. I tried to setup a transport rule on the exchange server that is configured as follows for outgoing: from a member of no internet mail and sent to users outside the organization redirect the message to administrator and send message refused, forwarded to administrator. Please talk to management for external email use. however , when i enable this it forwards everyones emails to me regardless if they are a member of the no internet mail group or not. not sure what im doing wrong, thanks in advanced.

    Read the article

  • ldap samba user access issue

    - by ancillary
    I have a samba share that is on the LAN. It is auth'd via ldap. Users access file system via ad windows shares. There are shortcuts in directories that point to dir's on samba. Typically a user will click the shortcut to the smb dir, and will be met with a permission denied error. Upon closing explorer and reopening, it will work. DNS is handled by the domain controller, and that is the only server any of the machines use for DNS. Nothing in eventvwr. Only see successful auth entries in samba log. Any ideas?

    Read the article

  • User account restriction error and unable to access share

    - by user44394
    I have a windows share with full control granted to individual domain user accounts on the share and security permission. Whenever the user attempts to browse to the share they receive the error: Logon failure user account restriction. Possible reasons are blank passwords not allowed, logon hour restrictions, or a policy restriction has been enforced. If the users are added to the administrators group on this machine they are able to browse the share without issue. What do I need to change to allow them access to the share without being administrators on that machine?

    Read the article

  • IIS 7 with PHP in Domain with Windows Authentication

    - by Michal Saiyan Hajdony
    I have Windows Server 2008 R2 x64b installed with IIS 7, PHP 5.5. This server is added to domain exampledomain , so I have win authentication enabled and all others disabled. I left the two default providers NTLM and negotiate, I granted IIS_IUSRS read access to wwwroot. So far it has worked for me only as I am added to the Administrators group which has read/write access to wwwroot folder. Yet, when someone else is trying to connect, he gets a credentials window and when he puts the domain name and password he cannot get access to the page. The issue is solved when I add read permission to "Domain users" - then all works fine. BUT. My issue is that if one opens windows explorer and types \\servername\wwwroot one can see the files and read them. I have never configured IIS before so I know I miss some really important thing. How can I solve the file visibility problem?

    Read the article

  • How to clean up orphaned SID's in ACEs in AD?

    - by geoffc
    As a follow up to my question Do backlinks clear in AD for deleted users I have another related but different question. Since I am informed in the answers there that a deleted object's SID (Group or User, so assigning rights to group only minimizes the issue, and does not fix it) will remain within ACEs they have been assigned, leaving them orphaned. Lotus Domino, which has similar issues with back references, has an adminp process to clean up such orphaned references. Is there a similar process in AD that would allow you to clean up such orphaned SIDs floating around your domain?

    Read the article

  • Domain in a hosted environment

    - by cpgascho
    We have an application we host in a third party data center for our clients. We have multiple clients running the same application on several racks of servers. Most of our clients require that our servers be SAS70 compliant. Currently each server has it's own set of users and security settings that need to be configured. We are creating scripts to do this, but what would be the risks/advantages of joining all the servers to the domain for User Management and Group policy for enforcing security settings? The rational of some is that if the DC is hacked the whole network would be compromised where as if one stand alone hosted server is hacked everything else should be safe.

    Read the article

  • Automatically make user local administrator on their computer through GPO?

    - by Grant
    In our AD 2003 domain each user gets local admin permissions on their computer. Everyone else can login with their domain account as normal user. Right now this means going to the desktop and manually adding the user as a local administrator. Is there any way to automate this process through logon scripts or GPOs? I have found ways to use a gpo to make everyone who logs in to a computer a local admin, but really only want to give it to the primary user (or in some cases users) of the computer. I've also seen methods that required adding a group for each computer...but really dont want to clutter AD like that. I do have a list mapping each user to each computer name. If it matters the desktops are a mix of xp and win7.

    Read the article

  • upgrading servers, need to keep domain same as before. what are the best practices?

    - by nLL
    Hi, I am upgrading a domain controller/file server from win2003 standard to win2008 r2 standard. We are planing to have a file server and an AD controller. Our old hardware will be scrapped, we want to copy all AD users/computers to new machine and keep current domain name. I never done this before. What are the best practices? Is it better if we get a contractor to do it for us? I guess best way to start is to build new servers, copy data, take old server down and put new server online. My gut says we would need to re-join all computers. Is that correct? Any input appreciated.

    Read the article

  • ldap vbscript : msExchOmaAdminWirelessEnable is randomly missing on different accounts

    - by phill
    In my script: Function getDescript (strname, uname) Set MyUser = GetObject ("LDAP://cn=" & uname & ",ou=" & strname & ",DC=tms-1,DC=net") getDescript = myUser.Get("msExchOmaAdminWirelessEnable") End Function uname = "Bob Gardner" strname = "bgConsultants" WScript.Echo "wireless enable: " & getDescript(strname, uname) I have noticed some users in the same OU sometimes do and sometimes don't have the msExchOmaAdminWirelessEnable attribute when I check it in sysinternals' ACtive Directory Explorer. All users are in the same OU and the exchange 2003 server has sp2 installed. Anyone might know why this is? Update: I figured out that if I disable and re-enable the Outlook Mobile Access setting for each user, the msExchOmaAdminWirelessEnable attribute shows up again for those users missing that attribute...weird..

    Read the article

  • Extend LDAP Membership to append a prefix/sufix to the username

    - by Romias
    Our web applications are using LDAP Membership Provider to authenticate and register users in Active Directory. In order to allow users to provide usernames that exist in other applications, we need to add a prefix in its username and it should be as transparent and painless as possible. What I need is a way to extend the LDAP Membership Provider to be able to add (concatenate) a prefix to the username just before Membership authenticate or register it. For example, if user input is "JohnS" in application 1... I want to authenticate: "App1_JohnS". How could I extend the membership to accomplish this? Any idea what is triggered just before authenticate and register (create user)? Update: Each web app has an "OU" in AD where create users to and authenticate from. But as it is just ONE Active Directory Controller the usernames must be unique. We need to solve this issue using Membership providers and not adding more ADs.

    Read the article

  • Can't connect to DeploymentShare$ from PC attempting to MDT, but can other PCs on the network

    - by Moman10
    I am in the process of setting up MDT and have run across a problem. MDT is installed on a Windows 2012 server, MDT version 6.2.5019.0. Using WDS as well. Active Directory domain, the server is up to date and on the network. I boot up the PC, it gets an address from DHCP, pulls down the LiteTouchPE_x64.wim image and goes into the MS Solution Accelerators screen, the Processing Bootstrap Settings box comes up and processes for a couple of seconds, then goes away, it sits there for another minute or so and then gives the error: A connection to the deployment share (\\Acme-MDT\DeploymentShare$) could not be made. Can not reach the DeployRoot. Possible Cause: Network Routing error or Network Configuration Error." I can then retry or cancel. I have seen this error online but so far nothing that helps fix it, but seems to be an issue with the FQDN. I verified that I am getting an IP address and that I can successfully ping the MDT server if I use the FQDN, but can not just by it's A record of Acme-MDT. I tried manually mapping the network share using net use and it works if I use the FQDN, but it fails with an error code 53, "Network path not found" if I just use the A record of Acme-MDT. Here is the net use command I'm using: net use * \\Acme-MDT\DeploymentShare$ /u:Domain\Administrator It gives the error System Error 53, Network path not found (and doesn't prompt for a password), but if I use the FQDN of \\Acme-MDT.domain.com\DeploymentShare$ it works fine to map the drive. I guess the problem is, when it tries to load the image, it is trying to start from \\Acme-MDT\DeploymentShare$ and I need it to start from \\Acme-MDT.domain.com\DeploymentShare$, but not sure how to get it to do that. I've put the fully qualified path in CustomSettings.ini and bootstrap, updated the deployment share, regenerated the boot image and replaced the boot wim in WDS. Or, if someone has an idea as to why it's acting this way and knows a way around it. The end result is what matters! :) I did verify in DNS that Acme-MDT is there, with the proper IP, and I can successfully use the net use command to map this drive from a couple other computers that are already on the network. I am assuming it has something to do with that computer not already being part of the domain, but I'm honestly at a loss as to how to fix it. Any ideas are appreciated, thanks in advance for your help!

    Read the article

  • ISAPI filter with LDAP over SSL only works as administrator

    - by Zac
    I have created an ISAPI filter for IIS 6.0 that tries to authenticate against Active directory using LDAP. The filter works fine when authenticating regularly over port 389, but when I try to use SSL, I always get the 0x51 Server Down error at the ldap_connect() call. Even skipping the connect call and using ldap_simple_bind_s() results in the same error. The weird thing is that if I change the app pool identity to the local admin account, then the filter works fine and LDAP over SSL is successful. I created an exe with the same code below and ran it on the server as admin and it works. Using the default NETWORK SERVICE identity for the site's app pool is what seems to be the problem. Any thoughts as to what is happening? I want to use the default identity since I don't want the website to have elevated admin privileges. The server is in a DMZ outside the network and domain where our DCs are that run AD. We have a valid certificate on our DCs for AD as well. Code: // Initialize LDAP connection LDAP * ldap = ldap_sslinit(servers, LDAP_SSL_PORT, 1); ULONG version = LDAP_VERSION3; if (ldap == NULL) { strcpy(error_msg, ldap_err2string(LdapGetLastError())); valid_user = false; } else { // Set LDAP options ldap_set_option(ldap, LDAP_OPT_PROTOCOL_VERSION, (void *) &version); ldap_set_option(ldap, LDAP_OPT_SSL, LDAP_OPT_ON); // Make the connection ldap_response = ldap_connect(ldap, NULL); // <-- Error occurs here! // Bind and continue... } UPDATE: I created a new user without admin privileges and ran the test exe as the new user and I got the same Server Down error. I added the user to the Administrators group and got the same error as well. The only user that seems to work with LDAP over SSL authentication on this particular server is administrator. The web server with the ISAPI filter (and where I've been running the test exe) is running Windows Server 2003. The DCs with AD on them are running 2008 R2. Also worth mentioning, we have a WordPress site on the same server that authenticates against LDAP over SSL using PHP (OpenLDAP) and there's no problem there. I have an ldap.conf file that specifies TLS_REQCERT never and the user running the PHP code is IUSR.

    Read the article

  • Authenticating Apache HTTPd against multiple LDAP servers with expired accounts

    - by Brian Bassett
    We're using mod_authnz_ldap and mod_authn_alias in Apache 2.2.9 (as shipped in Debian 5.0, 2.2.9-10+lenny7) to authenticate against multiple Active Directory domains for hosting a Subversion repository. Our current configuration is: # Turn up logging LogLevel debug # Define authentication providers <AuthnProviderAlias ldap alpha> AuthLDAPBindDN "CN=Subversion,OU=Service Accounts,O=Alpha" AuthLDAPBindPassword [[REDACTED]] AuthLDAPURL ldap://dc01.alpha:3268/?sAMAccountName?sub? </AuthnProviderAlias> <AuthnProviderAlias ldap beta> AuthLDAPBindDN "CN=LDAPAuth,OU=Service Accounts,O=Beta" AuthLDAPBindPassword [[REDACTED]] AuthLDAPURL ldap://ldap.beta:3268/?sAMAccountName?sub? </AuthnProviderAlias> # Subversion Repository <Location /svn> DAV svn SVNPath /opt/svn/repo AuthName "Subversion" AuthType Basic AuthBasicProvider alpha beta AuthzLDAPAuthoritative off AuthzSVNAccessFile /opt/svn/authz require valid-user </Location> We're encountering issues with users that have accounts in both Alpha and Beta, especially when their accounts in Alpha are expired (but still present; company policy is that the accounts live on for at a minimum of 1 year). For example, when the user x (which has en expired account in Alpha, and a valid account in Beta), the Apache error log reports the following: [Tue May 11 13:42:07 2010] [debug] mod_authnz_ldap.c(377): [client 10.1.1.104] [14817] auth_ldap authenticate: using URL ldap://dc01.alpha:3268/?sAMAccountName?sub? [Tue May 11 13:42:08 2010] [warn] [client 10.1.1.104] [14817] auth_ldap authenticate: user x authentication failed; URI /svn/ [ldap_simple_bind_s() to check user credentials failed][Invalid credentials] [Tue May 11 13:42:08 2010] [error] [client 10.1.1.104] user x: authentication failure for "/svn/": Password Mismatch [Tue May 11 13:42:08 2010] [debug] mod_deflate.c(615): [client 10.1.1.104] Zlib: Compressed 527 to 359 : URL /svn/ Attempting to authenticate as a non-existant user (nobodycool) results in the correct behavior of querying both LDAP servers: [Tue May 11 13:42:40 2010] [debug] mod_authnz_ldap.c(377): [client 10.1.1.104] [14815] auth_ldap authenticate: using URL ldap://dc01.alpha:3268/?sAMAccountName?sub? [Tue May 11 13:42:40 2010] [warn] [client 10.1.1.104] [14815] auth_ldap authenticate: user nobodycool authentication failed; URI /svn/ [User not found][No such object] [Tue May 11 13:42:40 2010] [debug] mod_authnz_ldap.c(377): [client 10.1.1.104] [14815] auth_ldap authenticate: using URL ldap://ldap.beta:3268/?sAMAccountName?sub? [Tue May 11 13:42:44 2010] [warn] [client 10.1.1.104] [14815] auth_ldap authenticate: user nobodycool authentication failed; URI /svn/ [User not found][No such object] [Tue May 11 13:42:44 2010] [error] [client 10.1.1.104] user nobodycool not found: /svn/ [Tue May 11 13:42:44 2010] [debug] mod_deflate.c(615): [client 10.1.1.104] Zlib: Compressed 527 to 359 : URL /svn/ How do I configure Apache to correctly query Beta if it encounters an expired account in Alpha?

    Read the article

  • How to reference a Domain Controller out of the Local Network?

    - by Adrian
    We have multiple servers scattered over different hosting providers. For learning, experimenting and, ultimately, production purposes, I set one of them as a Domain Controller. That went well, most of our services are now authenticating via AD, which helps us a lot. What I want to do now is to simplify the authentication for the multiple servers, by making each of them look at the Domain Controller. This way, our Devs can log into (Remote Desktop) the multiple servers with the same credentials from AD. I know I have to configure each server to look at the Domain Controller. But when I try to add the Domain Controller to the Computer, it cannot find it, although the Domain Controller address is a valid, reachable internet sub-domain (as in "ad.ourcompany.com"). This is the detailed error message: Note: This information is intended for a network administrator. If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt. The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller for domain ad.ourcompany.com: The error was: "DNS name does not exist." (error code 0x0000232B RCODE_NAME_ERROR) The query was for the SRV record for _ldap._tcp.dc._msdcs.ad.ourcompany.com Common causes of this error include the following: - The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses: 109.188.207.9 109.188.207.10 - One or more of the following zones do not include delegation to its child zone: ad.ourcompany.com ourcompany.com com . (the root zone) For information about correcting this problem, click Help. What am I missing? I'm an experienced Dev, but a newbie Sysdamin experimenting with new stuff. Disclaimer All IP addresses and domains/subdomains were changed to preserve security. If by any chance you still can see private information, please let me know so that I can change it.

    Read the article

  • Encrypted off-site data storage

    - by Dan
    My business has a rather unique problem. We work in China and we want to implement a file server paradigm which does not store any files locally, but rather in a server overseas. Applications would be saved onto our local machines, but data would be loaded directly into memory from the cloud, e.g. I load a docx into word at the beginning of the day, saving periodically to the cloud as I work on it, and turn off my computer at night, with nothing saved locally. Considering recent events, we worry about being raided by the Chinese authorities, and although all our data is encrypted, it would not be hard for the authorities to force us to give up the keys. So the goal is not to have anything compromising physically in China. We have about 20 computers, and we need an authenticated, encrypted connection with this overseas file server. A system with Active-Directory-like permissions would be best, so that only management can read or write to certain files, or workers can only access files that relate to their projects, and to which all access can be cut off should the need arise. The file server itself would also need to be encrypted. And for convenience, it would be nice if this system was integrated with each computer's file explorer (like skydrive or dropbox does, but, again, without saving a copy locally), rather than through a browser. I can't find any solution online. Does anyone know of a service that does this? Otherwise I'll have to do it myself (which kinda sounds fun, but I don't really have the time), and I'm not sure where to start. Amazon maybe. But the protocols that offices would use on their intranet typically aren't encrypted; we need all traffic securely tunneled out of the country. Each computer already has a VPN to a server in California, but I'm unsure whether it would be efficient to pipe file transfers through it. Let me know if anyone has any ideas. And this is my first post; feel free say whether this question is inappropriate/needs to be posted elsewhere.

    Read the article

  • Determine Users Accessing a Shared Folder Using PowerShell

    - by MagicAndi
    Hi, I need to determine the users/sessions accessing a shared folder on a Windows XP (SP2) machine using a PowerShell script (v 1.0). This is the information displayed using Computer Management | System Tools | Shared Folders | Sessions. Can anyone give me pointers on how to go about this? I'm guessing it will require a WMI query, but my initial search online didn't reveal what the query details will be. Thanks, MagicAndi

    Read the article

  • Black screen when switching users on HP laptop (running vista)

    - by davepreston
    Vista machine: When I switch users I get a black screen for 30+ seconds. Doesn't seem to matter who is logged in. Delay happens when I click "switch user" but not when I lock the screen and log back in as same user. Specs: Windows Vista 64-bit; HP pavilion dv9710t laptop; 17" screen (best guess is that it has something to do with display settings, not sure)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 69 70 71 72 73 74 75 76 77 78 79 80  | Next Page >