Search Results

Search found 12055 results on 483 pages for 'password complexity'.

Page 75/483 | < Previous Page | 71 72 73 74 75 76 77 78 79 80 81 82  | Next Page >

• How can I retrieve "remembered"(stored) wi-fi password from a win. 7 device?

  - by user180880

  I have access to PC, and I am a standard user. Everything(incl. "show charecters" tickbox at wiriless menu) requires admin access. Now, that said machine is actually like a big tv with touch. Type-stuff is handled by virtual keyboard of windows. I can reach to c:\ProgramData\Microsoft\Wlansvc\Profiles\Interfaces and can see-open files there, which is I assume where passwords stored are. Now the problem is that these passwords is encypted. I'm ok with if there is a way with changing/resetting admin password as well. Considering this device has nothing but massive amounts of usb(yep, not even cd-dvd // rw) the only way is from inside or with usb without admin rights.

  Read the article

• What is the time complexity of LinkedList.getLast() in Java?

  - by i.

  I have a private LinkedList in a Java class & will frequently need to retrieve the last element in the list. The lists need to scale, so I'm trying to decide whether I need to keep a reference to the last element when I make changes (to achieve O(1)) or if the LinkedList class does that already with the getLast() call. What is the big-O cost of LinkedList.getLast() and is it documented? (i.e. can I rely on this answer or should I make no assumptions & cache it even if it's O(1)?)

  Read the article

• PHP & MySQL - Undefined variable problem?

  - by TaG

  I keep getting the following error Undefined variable: password on line 33 how do I correct this problem? So this error will stop showing. Here is the php code. $first_name = mysqli_real_escape_string($mysqli, $purifier->purify(htmlentities(strip_tags($_POST['first_name'])))); $password1 = mysqli_real_escape_string($mysqli, $purifier->purify(strip_tags($_POST['password1']))); $password2 = mysqli_real_escape_string($mysqli, $purifier->purify(strip_tags($_POST['password2']))); // Check for a password and match against the confirmed password: if ($password1 == $password2) { $sha512 = hash('sha512', $password1); $password = mysqli_real_escape_string($mysqli, $sha512); } else { echo '<p class="error">Your password did not match the confirmed password!</p>'; } //If the table is not found add it to the database if (mysqli_num_rows($dbc) == 0) { $mysqli = mysqli_connect("localhost", "root", "", "sitename"); $dbc = mysqli_query($mysqli,"INSERT INTO users (user_id, first_name, password) VALUES ('$user_id', '$first_name', '$password')"); } //If the table is in the database update each field when needed if ($dbc == TRUE) { $dbc = mysqli_query($mysqli,"UPDATE users SET first_name = '$first_name', password = '$password' WHERE user_id = '$user_id'"); echo '<p class="changes-saved">Your changes have been saved!</p>'; }

  Read the article

• How to Set Ubuntu 12.04 to it's factory settings like when u first installed it?

  - by Cameron

  Well, this is a simple answered question, from the title, but my real problem is hard af. I have set ubuntu to use root, then it wouldn't let me log into the admin account only root and guest I deleted the admin account, remade another, then attempted to disable root account. This failed - I messed up the password, the original password was "root" I also didn't set a password for my new admin account, so It says it has one, whats the default password for it? I can't moderate my ubuntu system at all now. I have tried to drop to cmd shell thing, it asks for the root password, i type 'root' and any other possible passwords, it doesn't work. To reset ubuntu to factory settings i have found that i could enter the following code: sudo dpkg-reconfigure -phigh -a sudo Requires admin password, that I cant find out without root password and I don;t know. My goal is to try to fix this without remaking a bootable usb for ubuntu, because I lost the one i made for this. so If i can't, please say so. If you can help thanks!

  Read the article

• what other bash variables are available during execution such as $USER that can assist on my script?

  - by semi-newbie

  This is related to question 19245, in that one of the responders answered the question in an awesome way, and very VERY clear to any newbie. Now here is a question that i can't seem to figure. i wrote a script for starting the vmware firefox plugin (don't worry. i gave that up and now run vBox VERY happily. i left vmware for my servers :) ) I needed to start the plugin as sudo, but i also needed to pass an argument (password) to it, that happen to be the same. So, if my password was Hello123, the command would be: sudo ./myscript.sh hi other Hello123 running from command line, the script would ask for my sudo password and then run. i wanted to capture THAT password and pass it as well. i also wanted to run graphically, so i tried gksudo, and there is an option -p that returns the password for variable assignment. well, that was a nightmare, because i would still get prompted for the original sudo: see below Find UserName vUser=$USER Find password (and hopefully enable sudo) vP=gksudo -p -D somedescriptiontext echo Execute command gksudo ./myscript.sh hi $vUser $vP and i still get prompted twice. so my question is tri-fold: is there a variable i can use for the password, just like there is one for user, $USER? is there a different way i should be assigning the value resulting of the command i have in $vP? i am wondering if executing the way i have it, does it in an uninitiated session and not the current one, since i am getting some addtl warning type errors on some variables blah blah i tried using Zenity to just capture the text, but then of course, i couldn't pass that value to sudo, so i could only use as a parameter, which puts me back in 2 prompts. Thanksssssssssss!

  Read the article

• How to troubleshoot problem with OpenVpn Appliance Server not able to connect

  - by Peter

  1) I have a Windows Server 2008 Standard SP2 2) I am running Hyper-V and have the OpenSvn Appliance Server virtual running 3) I have configured it as it said, only issue was that the legacy network adapter does not have a setting the instructions mention "Enable spoofing of MAC Addresses". My understand is that before R2, this was on by default. 4) Server is running, web interfaces look good 5) I am trying to connect from a Vista 64 box and cannot 5a) If I set to UPD I am stuck at Authorizing and client log looks like: 10/11/09 15:00:42: INFO: OvpnConfig: connect... 10/11/09 15:00:42: INFO: Gui listen socket at 34567 10/11/09 15:00:42: INFO: sending start command to instantiator... 10/11/09 15:00:42: INFO: start 34567 ?C:\Users\Peter\AppData\Roaming\OpenVPNTech\config?02369512D0C82A04B88093022DA0226202218022A902264022AE022B? 10/11/09 15:00:42: INFO: Got line from MI->>INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info 10/11/09 15:00:42: INFO: Got line from MI->>HOLD:Waiting for hold release 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: real-time state notification set to ON 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: bytecount interval changed 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: hold flag set to OFF 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: hold release succeeded 10/11/09 15:00:43: INFO: Got line from MI->>PASSWORD:Need 'Auth' username/password 10/11/09 15:00:43: INFO: Processing PASSWORD. 10/11/09 15:00:43: INFO: OvpnClient: setting need auth to true. 10/11/09 15:00:43: INFO: OvpnConfig: Setting need auth to true. 10/11/09 15:00:43: INFO: Got auth request from active_config from 0 10/11/09 15:00:47: INFO: Sending Credentials.... 10/11/09 15:00:47: INFO: Sending 25 bytes for username. 10/11/09 15:00:47: INFO: Sent 25 bytes for username. 10/11/09 15:00:47: INFO: Sending 30 bytes for password. 10/11/09 15:00:47: INFO: Sent 30 bytes for password. 10/11/09 15:00:48: INFO: Got line from MI->SUCCESS: 'Auth' username entered, but not yet verified 10/11/09 15:00:48: INFO: Got line from MI->SUCCESS: 'Auth' password entered, but not yet verified 10/11/09 15:00:48: INFO: Got line from MI->>STATE:1255287647,WAIT,,, 10/11/09 15:00:48: INFO: Got line from MI->>BYTECOUNT:0,42 10/11/09 15:00:48: INFO: Got line from MI->>BYTECOUNT:54,42 10/11/09 15:00:48: INFO: Got line from MI->>STATE:1255287648,AUTH,,, 10/11/09 15:00:50: INFO: Got line from MI->>BYTECOUNT:2560,2868 10/11/09 15:00:52: INFO: Got line from MI->>BYTECOUNT:2560,3378 5b) I setup server for tcp and try to connect, I get a loop of authorizing and reconnecting. Log looks like: 10/11/09 15:00:42: INFO: Got line from MI->>HOLD:Waiting for hold release 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: real-time state notification set to ON 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: bytecount interval changed 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: hold flag set to OFF 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: hold release succeeded 10/11/09 15:00:43: INFO: Got line from MI->>PASSWORD:Need 'Auth' username/password 10/11/09 15:00:43: INFO: Processing PASSWORD. 10/11/09 15:00:43: INFO: OvpnClient: setting need auth to true. 10/11/09 15:00:43: INFO: OvpnConfig: Setting need auth to true. 10/11/09 15:00:43: INFO: Got auth request from active_config from 0 10/11/09 15:00:47: INFO: Sending Credentials.... 10/11/09 15:00:47: INFO: Sending 25 bytes for username. 10/11/09 15:00:47: INFO: Sent 25 bytes for username. 10/11/09 15:00:47: INFO: Sending 30 bytes for password. 10/11/09 15:00:47: INFO: Sent 30 bytes for password. 10/11/09 15:00:48: INFO: Got line from MI->SUCCESS: 'Auth' username entered, but not yet verified 10/11/09 15:00:48: INFO: Got line from MI->SUCCESS: 'Auth' password entered, but not yet verified 10/11/09 15:00:48: INFO: Got line from MI->>STATE:1255287647,WAIT,,, 10/11/09 15:00:48: INFO: Got line from MI->>BYTECOUNT:0,42 10/11/09 15:00:48: INFO: Got line from MI->>BYTECOUNT:54,42 10/11/09 15:00:48: INFO: Got line from MI->>STATE:1255287648,AUTH,,, 10/11/09 15:00:50: INFO: Got line from MI->>BYTECOUNT:2560,2868 10/11/09 15:00:52: INFO: Got line from MI->>BYTECOUNT:2560,3378 10/11/09 15:00:54: INFO: Got line from MI->>BYTECOUNT:2560,3888 ... Is there anyway to turn on robust logging on the server to understand what is happening? Any ideas on how to hunt this down?

  Read the article

• How to troubleshoot problem with OpenVPN Appliance Server not able to connect

  - by Peter

  1) I have a Windows Server 2008 Standard SP2 2) I am running Hyper-V and have the OpenVPN Appliance Server virtual running 3) I have configured it as it said, only issue was that the legacy network adapter does not have a setting the instructions mention "Enable spoofing of MAC Addresses". My understand is that before R2, this was on by default. 4) Server is running, web interfaces look good 5) I am trying to connect from a Vista 64 box and cannot 5a) If I set to UPD I am stuck at Authorizing and client log looks like: 10/11/09 15:00:42: INFO: OvpnConfig: connect... 10/11/09 15:00:42: INFO: Gui listen socket at 34567 10/11/09 15:00:42: INFO: sending start command to instantiator... 10/11/09 15:00:42: INFO: start 34567 ?C:\Users\Peter\AppData\Roaming\OpenVPNTech\config?02369512D0C82A04B88093022DA0226202218022A902264022AE022B? 10/11/09 15:00:42: INFO: Got line from MI->>INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info 10/11/09 15:00:42: INFO: Got line from MI->>HOLD:Waiting for hold release 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: real-time state notification set to ON 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: bytecount interval changed 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: hold flag set to OFF 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: hold release succeeded 10/11/09 15:00:43: INFO: Got line from MI->>PASSWORD:Need 'Auth' username/password 10/11/09 15:00:43: INFO: Processing PASSWORD. 10/11/09 15:00:43: INFO: OvpnClient: setting need auth to true. 10/11/09 15:00:43: INFO: OvpnConfig: Setting need auth to true. 10/11/09 15:00:43: INFO: Got auth request from active_config from 0 10/11/09 15:00:47: INFO: Sending Credentials.... 10/11/09 15:00:47: INFO: Sending 25 bytes for username. 10/11/09 15:00:47: INFO: Sent 25 bytes for username. 10/11/09 15:00:47: INFO: Sending 30 bytes for password. 10/11/09 15:00:47: INFO: Sent 30 bytes for password. 10/11/09 15:00:48: INFO: Got line from MI->SUCCESS: 'Auth' username entered, but not yet verified 10/11/09 15:00:48: INFO: Got line from MI->SUCCESS: 'Auth' password entered, but not yet verified 10/11/09 15:00:48: INFO: Got line from MI->>STATE:1255287647,WAIT,,, 10/11/09 15:00:48: INFO: Got line from MI->>BYTECOUNT:0,42 10/11/09 15:00:48: INFO: Got line from MI->>BYTECOUNT:54,42 10/11/09 15:00:48: INFO: Got line from MI->>STATE:1255287648,AUTH,,, 10/11/09 15:00:50: INFO: Got line from MI->>BYTECOUNT:2560,2868 10/11/09 15:00:52: INFO: Got line from MI->>BYTECOUNT:2560,3378 5b) I setup server for tcp and try to connect, I get a loop of authorizing and reconnecting. Log looks like: 10/11/09 15:00:42: INFO: Got line from MI->>HOLD:Waiting for hold release 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: real-time state notification set to ON 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: bytecount interval changed 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: hold flag set to OFF 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: hold release succeeded 10/11/09 15:00:43: INFO: Got line from MI->>PASSWORD:Need 'Auth' username/password 10/11/09 15:00:43: INFO: Processing PASSWORD. 10/11/09 15:00:43: INFO: OvpnClient: setting need auth to true. 10/11/09 15:00:43: INFO: OvpnConfig: Setting need auth to true. 10/11/09 15:00:43: INFO: Got auth request from active_config from 0 10/11/09 15:00:47: INFO: Sending Credentials.... 10/11/09 15:00:47: INFO: Sending 25 bytes for username. 10/11/09 15:00:47: INFO: Sent 25 bytes for username. 10/11/09 15:00:47: INFO: Sending 30 bytes for password. 10/11/09 15:00:47: INFO: Sent 30 bytes for password. 10/11/09 15:00:48: INFO: Got line from MI->SUCCESS: 'Auth' username entered, but not yet verified 10/11/09 15:00:48: INFO: Got line from MI->SUCCESS: 'Auth' password entered, but not yet verified 10/11/09 15:00:48: INFO: Got line from MI->>STATE:1255287647,WAIT,,, 10/11/09 15:00:48: INFO: Got line from MI->>BYTECOUNT:0,42 10/11/09 15:00:48: INFO: Got line from MI->>BYTECOUNT:54,42 10/11/09 15:00:48: INFO: Got line from MI->>STATE:1255287648,AUTH,,, 10/11/09 15:00:50: INFO: Got line from MI->>BYTECOUNT:2560,2868 10/11/09 15:00:52: INFO: Got line from MI->>BYTECOUNT:2560,3378 10/11/09 15:00:54: INFO: Got line from MI->>BYTECOUNT:2560,3888 ... Is there anyway to turn on robust logging on the server to understand what is happening? Any ideas on how to hunt this down?

  Read the article

• If I ssh to a domain provided by dyndns, does my password go through them?

  - by D Connors

  I'm running Ubuntu on my work PC, and my work place provides me with a static IP address but not with a domain. It's sometimes useful for me to connect to that PC through ssh, but it's not common enough for me to instantly remember the IP number. So I set um a dyndns account, and associated a short and intuitive domain name to that IP. Here's my question, when I try to ssh to the domain, it asks me $ ssh [email protected] The authenticity of host 'something.there.foo (xx.xx.xx.xx)' can't be established. RSA key fingerprint is 'ALPHANUMERIC STRING' Are you sure you want to continue connecting (yes/no)? That surprised me a little bit. I have already registered the RSA fingerprint by connecting directly to the IP address. I thought the domain name was simply a convenient way of pointing me in the right direction (i. e. the ip address), but that message makes me think my data is actually going through their servers or something. Which one is it? Am I sending my password through someone else's server? Or is ssh just really really careful, thus warning me even if the final destination is a know host? The ssh server I'm using is the openssh-server package.

  Read the article

• Every month, scheduled task fails and password must be reset - why?

  - by Ducain

  [NOTE: I posted this originally at StackOverflow but it got no traction there - reposting here.] We have a bit of software installed at a few client locations that runs (via Windows task scheduler) a few times each day. In ONLY ONE of the client locations, we have a unique problem: each month, the task will stop working, after running every day for weeks. Twice now it's failed on the 2nd of the month. When I walk the client through troubleshooting it, we've found that it can't start - access denied. To fix it, we simply re-enter the same exact password, and then off it goes happy as a clam. I've never heard of this issue, and their IT people say they don't have anything running once a month that might cause that. I'm at a complete loss here. Any ideas as to why this might be happening? Further details: Windows XP pro machine. Task is being fired with credentials from a local admin account. Computer is always on, and connected to the net.

  Read the article

• Gawker Passwords

  - by Nick Harrison

  There has been much news about the hack of the Gawker web sites. There has even been an analysis of the common passwords found. This list is embarrassing in many ways. The most common password was "123456". The second most common password was "password". Much has also been written providing advice on how to create good passwords. This article provides some interesting advice, none of which should be taken. Anyone reading my blog, probably already knows the importance of strong passwords, so I am not going to reiterate the reasons here. My target audience is more the folks defining password complexity requirements. A user cannot come up with a strong password, if we have complexity requirements that don't make sense. With that in mind, here are a few guidelines:  Long Passwords Insist on long passwords. In some cases, you may need to change to allow a long password. I have seen many places that cap passwords at 8 characters. Passwords need to be at least 8 characters minimal. Consider how much stronger the passwords would be if you double the length. Passwords that are 15-20 characters will be that much harder to crack. There is no need to have limit passwords to 8 characters. Don't Require Special Characters Many complexity rules will require that your password include a capital letter, a lower case letter, a number, and one of the "special" characters, the shits above the number keys. The problem with such rules is that the resulting passwords are harder to remember. It also means that you will have a smaller set of characters in the resulting passwords. If you must include one of the 9 digits and one of the 9 "special" characters, then you have dramatically reduced the character set that will make up the final password. Two characters will be one of 10 possible values instead of one of 70. Two additional characters will be one of 26 possible characters instead of a 70 character potential character set. If you limit passwords to 8 characters, you are left with only 7 characters having the full set of 70 potential values. With these character restrictions in place, there are 1.6 x1012 possible passwords. Without these special character restrictions, but allowing numbers and special characters, you get a total of 5.76x1014 possible passwords. Even if you only allowed upper and lower case characters, you will still have 2.18X1014 passwords. You can do the math any number of ways, requiring special characters will always weaken passwords. Now imagine the number of passwords when you require more than 8 characters.  If you are responsible for defining complexity rules, I urge you to take these guidelines into account. What other guidelines do you follow?

  Read the article

• Root users and mysql: `sudo mysql` vs `/root/.my.cnf`

  - by user67641

  I have a /root/.my.cnf file which stores the mysql root user's password: [client] password = "my password" When I log in as system root and enter mysql, I get a passwordless login: myuser@local:$ sudo su root@local:$ mysql mysql> But when I try to do the same just using sudo, I get access denied: myuser@local:$ sudo mysql ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) How can I get sudo mysql to log me in as the mysql root user, without entering a password?

  Read the article

• Why are all logins disabled in the virtual terminal after enabling root account from desktop?

  - by Mitch

  Just for testing purposes, I went a head and enabled the root account, by using the commands below: sudo passwd root [sudo] password for abed: Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully Once that happened, I went ahead and did Ctrl+Alt+F1, to get to the first virtual console, and at the login prompt I try logging in as abed, su, root, all comeback with login incorrect. Why is that happening, and how can I fix it.

  Read the article

• can not access http://localhost/phpmyadmin/

  - by nik parsa

  I installed wamp server2 it didn't have password and it had this error below then I went to mysql and set the password for root with this command and I can login using this password but again I can not access phpmyadmin.I restarted the services too. update user.mysql set password=password('root') where user='root'; then i went to config.inc changed the pass to this one: $cfg['Servers'][$i]['password'] = 'root'; again I restarted and again no result. the phpmyadmin page: Welcome to phpMyAdmin Error MySQL said: Documentation #1045 - Access denied for user 'root'@'localhost' (using password: NO) phpMyAdmin tried to connect to the MySQL server, and the server rejected the connection. You should check the host, username and password in your configuration and make sure that they correspond to the information given by the administrator of the MySQL server. config.inc: <?php /* Servers configuration */ $i = 0; /* Server: localhost [1] */ $i++; $cfg['Servers'][$i]['verbose'] = 'localhost'; $cfg['Servers'][$i]['host'] = 'localhost'; $cfg['Servers'][$i]['port'] = ''; $cfg['Servers'][$i]['socket'] = ''; $cfg['Servers'][$i]['connect_type'] = 'tcp'; $cfg['Servers'][$i]['extension'] = 'mysqli'; $cfg['Servers'][$i]['auth_type'] = 'config'; $cfg['Servers'][$i]['user'] = 'root'; $cfg['Servers'][$i]['password'] = 'root'; $cfg['Servers'][$i]['AllowNoPassword'] = true; /* End of servers configuration */ $cfg['DefaultLang'] = 'en-utf-8'; $cfg['ServerDefault'] = 1; $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; /* rajk - for blobstreaming */ $cfg['Servers'][$i]['bs_garbage_threshold'] = 50; $cfg['Servers'][$i]['bs_repository_threshold'] = '32M'; $cfg['Servers'][$i]['bs_temp_blob_timeout'] = 600; $cfg['Servers'][$i]['bs_temp_log_threshold'] = '32M'; ?> It was firstly this line $cfg['Servers'][$i]['password'] = ''; setting allow to false and restarting will not change the error either with the help of Erika I understood that it can't read confg.inc file how to make it read from this file?

  Read the article

• New Thinking for Supply Chain Analytics. PLM for Process. And Untangling Services Complexity.

  - by David Hope-Ross

  The first edition of the quarterly Oracle Information InDepth Value Chain and Procurement Transformation newsletter has just been published. It’s a solid round-up of news and analysis from the fast-moving world of global supply chains and supply management.  As the title of this post implies, the latest edition covers a wide array of great topics. But the story on supply chain analytics from Endeca is especially interesting. Without giving away the ending, it explores new ways of thinking about the value of information and how to exploit it for supply chain improvement. If you enjoy this edition, think about opting-in via the subscription link. It is an easy way to keep up with the latest and greatest.

  Read the article

• Notifications for Expiring DBSNMP Passwords

  - by Courtney Llamas

  Most user accounts these days have a password profile on them that automatically expires the password after a set number of days.   Depending on your company’s security requirements, this may be as little as 30 days or as long as 365 days, although typically it falls between 60-90 days. For a normal user, this can cause a small interruption in your day as you have to go get your password reset by an admin. When this happens to privileged accounts, such as the DBSNMP account that is responsible for monitoring database availability, it can cause bigger problems. In Oracle Enterprise Manager 12c you may notice the error message “ORA-28002: the password will expire within 5 days” when you connect to a target, or worse you may get “ORA-28001: the password has expired". If you wait too long, your monitoring will fail because the password is locked out. Wouldn’t it be nice if we could get an alert 10 days before our DBSNMP password expired? Thanks to Oracle Enterprise Manager 12c Metric Extensions (ME), you can! See the Oracle Enterprise Manager Cloud Control Administrator’s Guide for more information on Metric Extensions. To create a metric extension, select Enterprise / Monitoring / Metric Extensions, and then click on Create. On the General Properties screen select either Cluster Database or Database Instance, depending on which target you need to monitor.  If you have both RAC and Single instance you may need to create one for each. In this example we will create a Cluster Database metric.  Enter a Name for the ME and a Display Name. Then select SQL for the Adapter.  Adjust the Collection Schedule as desired, for this example we will collect this metric every 1 day. Notice for metric collected every day, we can determine the exact time we want to collect. On the Adapter page, enter the query that you wish to execute.  In this example we will use the query below that specifically checks for the DBSNMP user that is expiring within 10 days. Of course, you can adjust this query to alert for any user that can cause an outage such as an application account or service account such as RMAN. select username, account_status, trunc(expiry_date-sysdate) days_to_expirefrom dba_userswhere username = 'DBSNMP'and expiry_date is not null; The next step is to create the columns to store the data returned from the query.  Click Add and add a column for each of the fields in the same order that data is returned.  The table below will help you complete the column additions. Name Display Name Column Type Value Type Metric Category Unit Username User Name Key String Security AccountStatus Account Status Data String Security DaysToExpire Days Until Expiration Data Number Security Days When creating the DaysToExpire column, you can add a default threshold here for Warning and Critical (say < 10 and 5).  When all columns have been added, click Next. On the Credentials page, you can choose to use the default monitoring credentials or specify new credentials.  We will use the default credentials established for our target (dbsnmp). The next step is to test your Metric Extension.  Click on Add to select a target for testing, then click Select. Now click the button Run Test to execute the test against the selected target(s). We can see in the example below that the Metric Extension has executed and returned a value of 68 days to expire. Click Next to proceed. Review the metric extension in the final screen and click Finish. The metric will be created in Editable status.  Select the metric, click Actions and select Deployable Draft. You can do this once more to move to Published. Finally, we want to apply this metric to a target. When managing many targets, it’s best to add your metric to a template, for details on adding a Metric Extension to a template see the Administrator’s Guide. For this example, we will deploy this to a target directly. Select Actions / Deploy to Targets. Click Add and select the target you wish to deploy to and click Submit.  Once deployment is complete, we can go to the target and view the Metric & Collection Settings to see the new metric and its thresholds.   After some time, you will find the metric has collected and the days to expiration for DBSNMP user can be seen in the All Metrics view.   For metrics collected once per day, you may have to wait up to 24 hours to see the metric and current severity. In the example below, the current severity is Clear (green check) as it is not scheduled to expire within 10 days. To test the notification, we can edit the thresholds for the new metric so they trigger an alert.  Our password expires in 139 days, so we’ll change our Warning to 140 and leave Critical at 5, in our example we also changed the collection time to every 5 minutes.  At the next collection, you’ll find that the current severity changes to a Warning and any related Incident Rules would be triggered to create an Incident or Notification as desired. Now that you get a notification that your DBSNMP passwords is about to expire, you can use OEM Command Line Interface (EM CLI) verb update_db_password to change it at both the database target and the OEM target in one step.  The caveat is you must know the existing password to use the update_db_password command.  To learn more about EM CLI, see the Oracle Enterprise Manager Command Line Interface Guide.  Below is an example of changing the password with the update_db_password verb.  $ ./emcli update_db_password -target_name=emrep -target_type=oracle_database -user_name=dbsnmp -change_at_target=yes -change_all_references=yes Enter value for old_password :Enter value for new_password :Enter value for retype_new_password :Successfully submitted a job to change the password in Enterprise Manager and on the target database: "emrep"Execute "emcli get_jobs -job_id=FA66C1C4D663297FE0437656F20ACC84" to check the status of the job.Search for job name "CHANGE_PWD_JOB_FA66C1C4D662297FE0437656F20ACC84" on the Jobs home page to check job execution details. The subsequent job created will typically run quickly enough that a blackout is not needed, however if you submit a script with many targets to change, your job may run slower so adding a blackout to the script is recommended. $ ./emcli get_jobs -job_id=FA66C1C4D663297FE0437656F20ACC84 Name Type Job ID Execution ID Scheduled Completed TZ Offset Status Status ID Owner Target Type Target Name CHANGE_PWD_JOB_FA66C1C4D662297FE0437656F20ACC84 ChangePassword FA66C1C4D663297FE0437656F20ACC84 FA66C1C4D665297FE0437656F20ACC84 2014-05-28 09:39:12 2014-05-28 09:39:18 GMT-07:00 Succeeded 5 SYSMAN oracle_database emrep After implementing the above Metric Extension and using the EM CLI update_db_password verb, you will be able to stay on top of your DBSNMP password changes without experiencing an unplanned monitoring outage.  

  Read the article

• How safe is the quicken encryption of files?

  - by jmvidal

  Quicken has a password-protection option where you type in a password and your file is encrypted. How good is this encryption and how does it depend on the length or complexity of my password? A google search reveals a lot of "quicken password recovery" programs, like this one, which make me feel like the password is just for keeping the really dumb criminals away, not the ones with large computers.

  Read the article

• Creating a really public Windows network share

  - by Timur Aydin

  I want to create a shared folder under Windows (actually, Windows XP, Vista, and Win 7) which can be mounted from a linux system without prompting for a username/password. But before attempting this, I first wanted to establish that this works between two Windows 7 machines. So, on machine A (The server that will hold the public share), I created a folder and set its permissions such that Everyone has read/write access. Then I visited Control Panel - Network and Sharing Center - Advanced Sharing Settings and then selected "Turn off password protected sharing". Then, on machine B (The client that wants to access the public share with no username/password prompt), I tried to "map network driver" and I was immediately prompted by a password prompt. Some search on google suggested changing "Acconts: Limit local account use of blank passwords to console logon only" to "Disabled". Tried that, no luck, still getting username/password prompt. If I enter the username/password, I am not prompted for it again and can use the share as long as the session is active. But still, I really need to access the share without any username/password transaction whatsoever and this is not just a convenience related thing. Here is the actual reason: The device that will access this windows network share is an embedded system running uclinux. It will mount this share locally and then play media files. Its only user interface is a javascript based web page. So, if there is going to be any username/password transaction, I would have to ask the user to enter them over the web page, which will be ridiculously insecure and completely exposed to packet sniffing. After hours of doing experiments, I have found one way to make this happen, but I am not really very fond of it... I first create a new user (shareuser) and give it a password (sharepass). Then I open Group Policy Editor and set "Deny log on locally" to "A\shareuser". Then, I create a folder on A and share it so that shareuser has Read access to it. This way, shareuser cannot login to A, but can access the shared folder. And, if someone discovers the shareuser/sharepass through network sniffing, they can just access the shared folder, but can't logon to A. The same thing can be achieved by enabling the Guest user and then going to Group Policy Editor and deleting the "Guest" from the "Deny access to this computer from the network" setting. Again, Guest can mount the public share, but logging in to A as Guest won't be possible, because Guest is already not allowed to log in by default. So my question would be, how can I create a network share that is truly public, so that it can be mounted from a linux machine without requiring a password? Sorry for the long question, but I wanted to explain the reason for really needing this...

  Read the article

• FTP Logon Restrictions in IIS 8

  - by The Official Microsoft IIS Site

  One of the biggest asks from our customers over the years was to provide a way to prevent brute-force password attacks on the FTP service. On several of the FTP sites that I host, I used to see a large number of fraudulent logon requests from hackers that were trying to guess a username/password combination. My first step in trying to prevent these kinds of attacks, like most good administrators, was to implement strong password requirements and password lockout policies. This was a good first step...(read more)

  Read the article

• JSF 2.0: Validate equality of 2 InputSecret Fields (confirm password) without writing Code?

  - by yournamehere

  I'm developing a pure JavaEE6 application with JSF 2.0 and Glassfish. My JSF implementation is Primefaces (beside Mojarra provided by Glassfish). I want to verify if the values of 2 password fields in a JSF form are equal. With Seam, there is the neat component <s:validateEquality for="pw1"/>. I want do to the same without Seam, just using JSF (or maybe a component of a JSF library). Until now i only saw examples which validate the form with a custom validator. But i would like to compare the fields without writing Java code or Javascript code. Is that possible? This what it looks like with Seam: ... <h:inputSecret id="passwort" value="#{personHome.instance.password}" redisplay="true" required="true"> <f:validateLength minimum="8"/> <a:support event="onblur" reRender="passwortField" bypassUpdates="true" ajaxSingle="true" /> </h:inputSecret> ... <h:inputSecret id="passwort2" required="true" redisplay="true"> <!-- find the JSF2.0-equivalent to this tag: --> <s:validateEquality for="passwort"/> <a:support event="onblur" reRender="passwort2Field" bypassUpdates="true" ajaxSingle="true" /> </h:inputSecret> ... Any help is appreciated. Thanks!

  Read the article

• Can I include a NSUserDefault password test in AppDelegate to load a loginView?

  - by Michael Robinson

  I have a name and password in NSUserDefaults for login. I want to place a test in my AppDelegate.m class to test for presence and load a login/signup loginView.xib modally if there is no password or name stored in the app. Here is the pulling of the defaults: -(void)refreshFields { NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults]; usernameLabel.text = [defaults objectForKey:kUsernameKey]; passwordLabel.text = [defaults objectForKey:kPasswordKey]; Here is the tabcontroller loading part: - (void)applicationDidFinishLaunching:(UIApplication *)application { firstTab = [[FirstTab alloc] initWithStyle:UITableViewStylePlain]; UINavigationController *firstNavigationController = [[UINavigationController alloc] initWithRootViewController:firstTab]; [firstTab release]; secondTab = // EDITED FOR SPACE thirdTab = // EDITED FOR SPACE tabBarController = [[UITabBarController alloc] init]; tabBarController.viewControllers = [NSArray arrayWithObjects:firstNavigationController, secondNavigationController, thirdNavigationController, nil]; [window addSubview:tabBarController.view]; [firstNavigationController release]; [secondNavigationController release]; [thirdNavigationController release]; [self logout]; [window makeKeyAndVisible]; Here is where the loginView.xib loads automatically: - (void)logout { loginViewController = [[LoginViewController alloc] initWithNibName:@"LoginView" bundle:nil]; UINavigationController *loginNavigationController = [[UINavigationController alloc] initWithRootViewController:loginViewController]; [loginViewController release]; [tabBarController presentModalViewController:loginNavigationController animated:YES]; [loginNavigationController release]; } I want to replace the above autoload with a test similar to below (that works) using IF-ELSE - (void)logout { if ([usernameLabel.text length] == 0 || [passwordLabel.text length] == 0) { loginViewController = [[LoginViewController alloc] initWithNibName:@"LoginView" bundle:nil]; UINavigationController *loginNavigationController = [[UINavigationController alloc] initWithRootViewController:loginViewController]; [loginViewController release]; [tabBarController presentModalViewController:loginNavigationController animated:YES]; [loginNavigationController release]; }else { [window addSubview:tabBarController.view];} Thanks in advance, I'm totally lost on this.

  Read the article

• How can I get browser to prompt to save password?

  - by Eric

  Hey, I'm working on a web app that has a login dialog that works like this: User clicks "login" Login form HTML is loaded with AJAX and displayed in DIV on page User enters user/pass in fields and clicks submit. It's NOT a <form> -- user/pass are submitted via AJAX If user/pass are okay, page reloads with user logged in. If user/pass are bad, page does NOT reload but error message appears in DIV and user gets to try again. Here's the problem: the browser never offers the usual "Save this password? Yes / Never / Not Now" prompt that it does for other sites. I tried wrapping the <div> in <form> tags with "autocomplete='on'" but that made no difference. Is it possible to get the browser to offer to store the password without a major rework of my login flow? thanks Eric p.s. to add to my question, I'm definitely working with browers that store passwords, and I've never clicked "never for this site" ...this is a technical issue with the browser not detecting that it's a login form, not operator error :-)

  Read the article

• Using MD5 to generate an encryption key from password?

  - by Charles

  I'm writing a simple program for file encryption. Mostly as an academic exercise but possibly for future serious use. All of the heavy lifting is done with third-party libraries, but putting the pieces together in a secure manner is still quite a challenge for the non-cryptographer. Basically, I've got just about everything working the way I think it should. I'm using 128-bit AES for the encryption with a 128-bit key length. I want users to be able to enter in variable-length passwords, so I decided to hash the password with MD5 and then use the hash as the key. I figured this was acceptable--the key is always supposed to be a secret, so there's no reason to worry about collision attacks. Now that I've implemented this, I ran across a couple articles indicating that this is a bad idea. My question is: why? If a good password is chosen, the cipher is supposed to be strong enough on its own to never reveal the key except via an extraordinary (read: currently infeasible) brute-force effort, right? Should I be using something like PBKDF2 to generate the key or is that just overkill for all but the most extreme cryptographic applications?

  Read the article

• Struts2 Hibernate Login with User table and group table

  - by J2ME NewBiew

  My problem is, i have a table User and Table Group (this table use to authorization for user - it mean when user belong to a group like admin, they can login into admincp and other user belong to group member, they just only read and write and can not login into admincp) each user maybe belong to many groups and each group has been contain many users and they have relationship are many to many I use hibernate for persistence storage. and struts 2 to handle business logic. When i want to implement login action from Struts2 how can i get value of group member belong to ? to compare with value i want to know? Example I get user from username and password then get group from user class but i dont know how to get value of group user belong to it mean if user belong to Groupid is 1 and in group table , at column adminpermission is 1, that user can login into admincp, otherwise he can't my code: User.java /* * To change this template, choose Tools | Templates * and open the template in the editor. */ package org.dejavu.software.model; import java.io.Serializable; import java.util.Date; import java.util.HashSet; import java.util.Set; import javax.persistence.CascadeType; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.FetchType; import javax.persistence.GeneratedValue; import javax.persistence.Id; import javax.persistence.JoinColumn; import javax.persistence.JoinTable; import javax.persistence.ManyToMany; import javax.persistence.Table; import javax.persistence.Temporal; /** * * @author Administrator */ @Entity @Table(name="User") public class User implements Serializable{ private static final long serialVersionUID = 2575677114183358003L; private Long userId; private String username; private String password; private String email; private Date DOB; private String address; private String city; private String country; private String avatar; private Set<Group> groups = new HashSet<Group>(0); @Column(name="dob") @Temporal(javax.persistence.TemporalType.DATE) public Date getDOB() { return DOB; } public void setDOB(Date DOB) { this.DOB = DOB; } @Column(name="address") public String getAddress() { return address; } public void setAddress(String address) { this.address = address; } @Column(name="city") public String getCity() { return city; } public void setCity(String city) { this.city = city; } @Column(name="country") public String getCountry() { return country; } public void setCountry(String country) { this.country = country; } @Column(name="email") public String getEmail() { return email; } public void setEmail(String email) { this.email = email; } @ManyToMany(fetch = FetchType.LAZY, cascade = CascadeType.ALL) @JoinTable(name="usergroup",joinColumns={@JoinColumn(name="userid")},inverseJoinColumns={@JoinColumn( name="groupid")}) public Set<Group> getGroups() { return groups; } public void setGroups(Set<Group> groups) { this.groups = groups; } @Column(name="password") public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } @Id @GeneratedValue @Column(name="iduser") public Long getUserId() { return userId; } public void setUserId(Long userId) { this.userId = userId; } @Column(name="username") public String getUsername() { return username; } public void setUsername(String username) { this.username = username; } @Column(name="avatar") public String getAvatar() { return avatar; } public void setAvatar(String avatar) { this.avatar = avatar; } } Group.java /* * To change this template, choose Tools | Templates * and open the template in the editor. */ package org.dejavu.software.model; import java.io.Serializable; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.GeneratedValue; import javax.persistence.Id; import javax.persistence.Table; /** * * @author Administrator */ @Entity @Table(name="Group") public class Group implements Serializable{ private static final long serialVersionUID = -2722005617166945195L; private Long idgroup; private String groupname; private String adminpermission; private String editpermission; private String modpermission; @Column(name="adminpermission") public String getAdminpermission() { return adminpermission; } public void setAdminpermission(String adminpermission) { this.adminpermission = adminpermission; } @Column(name="editpermission") public String getEditpermission() { return editpermission; } public void setEditpermission(String editpermission) { this.editpermission = editpermission; } @Column(name="groupname") public String getGroupname() { return groupname; } public void setGroupname(String groupname) { this.groupname = groupname; } @Id @GeneratedValue @Column (name="idgroup") public Long getIdgroup() { return idgroup; } public void setIdgroup(Long idgroup) { this.idgroup = idgroup; } @Column(name="modpermission") public String getModpermission() { return modpermission; } public void setModpermission(String modpermission) { this.modpermission = modpermission; } } UserDAO /* * To change this template, choose Tools | Templates * and open the template in the editor. */ package org.dejavu.software.dao; import java.util.List; import org.dejavu.software.model.User; import org.dejavu.software.util.HibernateUtil; import org.hibernate.Query; import org.hibernate.Session; /** * * @author Administrator */ public class UserDAO extends HibernateUtil{ public User addUser(User user){ Session session = HibernateUtil.getSessionFactory().getCurrentSession(); session.beginTransaction(); session.save(user); session.getTransaction().commit(); return user; } public List<User> getAllUser(){ Session session = HibernateUtil.getSessionFactory().getCurrentSession(); session.beginTransaction(); List<User> user = null; try { user = session.createQuery("from User").list(); } catch (Exception e) { e.printStackTrace(); session.getTransaction().rollback(); } session.getTransaction().commit(); return user; } public User checkUsernamePassword(String username, String password){ Session session = HibernateUtil.getSessionFactory().getCurrentSession(); session.beginTransaction(); User user = null; try { Query query = session.createQuery("from User where username = :name and password = :password"); query.setString("username", username); query.setString("password", password); user = (User) query.uniqueResult(); } catch (Exception e) { e.printStackTrace(); session.getTransaction().rollback(); } session.getTransaction().commit(); return user; } } AdminLoginAction /* * To change this template, choose Tools | Templates * and open the template in the editor. */ package org.dejavu.software.view; import com.opensymphony.xwork2.ActionSupport; import org.dejavu.software.dao.UserDAO; import org.dejavu.software.model.User; /** * * @author Administrator */ public class AdminLoginAction extends ActionSupport{ private User user; private String username,password; private String role; private UserDAO userDAO; public AdminLoginAction(){ userDAO = new UserDAO(); } @Override public String execute(){ return SUCCESS; } @Override public void validate(){ if(getUsername().length() == 0){ addFieldError("username", "Username is required"); }if(getPassword().length()==0){ addFieldError("password", getText("Password is required")); } } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } public String getRole() { return role; } public void setRole(String role) { this.role = role; } public User getUser() { return user; } public void setUser(User user) { this.user = user; } public String getUsername() { return username; } public void setUsername(String username) { this.username = username; } } other question. i saw some example about Login, i saw some developers use interceptor, im cant understand why they use it, and what benefit "Interceptor" will be taken for us? Thank You Very Much!

  Read the article

• mappedBy reference an unknown target entity property - hibernate error

  - by tommy

  first, my classes: User package com.patpuc.model; import java.util.List; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.Id; import javax.persistence.OneToMany; import javax.persistence.Table; import com.patpuc.model.RolesMap; @Entity @Table(name = "users") public class User { @Id @Column(name = "USER_ID", unique = true, nullable = false) private int user_id; @Column(name = "NAME", nullable = false) private String name; @Column(name = "SURNAME", unique = true, nullable = false) private String surname; @Column(name = "USERNAME_U", unique = true, nullable = false) private String username_u; // zamiast username @Column(name = "PASSWORD", unique = true, nullable = false) private String password; @Column(name = "USER_DESCRIPTION", nullable = false) private String userDescription; @Column(name = "AUTHORITY", nullable = false) private String authority = "ROLE_USER"; @Column(name = "ENABLED", nullable = false) private int enabled; @OneToMany(mappedBy = "rUser") private List<RolesMap> rolesMap; public List<RolesMap> getRolesMap() { return rolesMap; } public void setRolesMap(List<RolesMap> rolesMap) { this.rolesMap = rolesMap; } /** * @return the user_id */ public int getUser_id() { return user_id; } /** * @param user_id * the user_id to set */ public void setUser_id(int user_id) { this.user_id = user_id; } /** * @return the name */ public String getName() { return name; } /** * @param name * the name to set */ public void setName(String name) { this.name = name; } /** * @return the surname */ public String getSurname() { return surname; } /** * @param surname * the surname to set */ public void setSurname(String surname) { this.surname = surname; } /** * @return the username_u */ public String getUsername_u() { return username_u; } /** * @param username_u * the username_u to set */ public void setUsername_u(String username_u) { this.username_u = username_u; } /** * @return the password */ public String getPassword() { return password; } /** * @param password * the password to set */ public void setPassword(String password) { this.password = password; } /** * @return the userDescription */ public String getUserDescription() { return userDescription; } /** * @param userDescription * the userDescription to set */ public void setUserDescription(String userDescription) { this.userDescription = userDescription; } /** * @return the authority */ public String getAuthority() { return authority; } /** * @param authority * the authority to set */ public void setAuthority(String authority) { this.authority = authority; } /** * @return the enabled */ public int getEnabled() { return enabled; } /** * @param enabled * the enabled to set */ public void setEnabled(int enabled) { this.enabled = enabled; } @Override public String toString() { StringBuffer strBuff = new StringBuffer(); strBuff.append("id : ").append(getUser_id()); strBuff.append(", name : ").append(getName()); strBuff.append(", surname : ").append(getSurname()); return strBuff.toString(); } } RolesMap.java package com.patpuc.model; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.Id; import javax.persistence.JoinColumn; import javax.persistence.ManyToOne; import javax.persistence.Table; import com.patpuc.model.User; @Entity @Table(name = "roles_map") public class RolesMap { private int rm_id; private String username_a; private String username_l; //private String username_u; private String password; private int role_id; @ManyToOne @JoinColumn(name="username_u", nullable=false) private User rUser; public RolesMap(){ } /** * @return the user */ public User getUser() { return rUser; } /** * @param user the user to set */ public void setUser(User rUser) { this.rUser = rUser; } @Id @Column(name = "RM_ID", unique = true, nullable = false) public int getRmId() { return rm_id; } public void setRmId(int rm_id) { this.rm_id = rm_id; } @Column(name = "USERNAME_A", unique = true) public String getUsernameA() { return username_a; } public void setUsernameA(String username_a) { this.username_a = username_a; } @Column(name = "USERNAME_L", unique = true) public String getUsernameL() { return username_l; } public void setUsernameL(String username_l) { this.username_l = username_l; } @Column(name = "PASSWORD", unique = true, nullable = false) public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } @Column(name = "ROLE_ID", unique = true, nullable = false) public int getRoleId() { return role_id; } public void setRoleId(int role_id) { this.role_id = role_id; } } when i try run this on server i have exception like this: Error creating bean with name 'SessionFactory' defined in ServletContext resource [/WEB-INF/classes/baseBeans.xml]: Invocation of init method failed; nested exception is org.hibernate.AnnotationException: mappedBy reference an unknown target entity property: com.patpuc.model.RolesMap.users in com.patpuc.model.User.rolesMap But i don't exaclu know what i'm doing wrong. Can somebody help me fix this problem?

  Read the article

• heimdal kerberos in openldap issue

  - by Brian

  I think I posted this on the wrong 'sister site', so here it is. I'm having a bit of trouble getting Kerberos (Heimdal version) to work nicely with OpenLDAP. The kerberos database is being stored in LDAP itself. The KDC uses SASL EXTERNAL authentication as root to access the container ou. I created the database in LDAP fine using kadmin -l, but it won't let me use kadmin without the -l flag: root@rds0:~# kadmin -l kadmin> list * krbtgt/REALM kadmin/changepw kadmin/admin changepw/kerberos kadmin/hprop WELLKNOWN/ANONYMOUS WELLKNOWN/org.h5l.fast-cookie@WELLKNOWN:ORG.H5L default brian.empson brian.empson/admin host/rds0.example.net ldap/rds0.example.net host/localhost kadmin> exit root@rds0:~# kadmin kadmin> list * brian.empson/admin@REALM's Password: <----- With right password kadmin: kadm5_get_principals: Key table entry not found kadmin> list * brian.empson/admin@REALM's Password: <------ With wrong password kadmin: kadm5_get_principals: Already tried ENC-TS-info, looping kadmin> I can get tickets without a problem: root@rds0:~# klist Credentials cache: FILE:/tmp/krb5cc_0 Principal: brian.empson@REALM Issued Expires Principal Nov 11 14:14:40 2012 Nov 12 00:14:37 2012 krbtgt/REALM@REALM Nov 11 14:40:35 2012 Nov 12 00:14:37 2012 ldap/rds0.example.net@REALM But I can't seem to change my own password without kadmin -l: root@rds0:~# kpasswd brian.empson@REALM's Password: <---- Right password New password: Verify password - New password: Auth error : Authentication failed root@rds0:~# kpasswd brian.empson@REALM's Password: <---- Wrong password kpasswd: krb5_get_init_creds: Already tried ENC-TS-info, looping kadmin's logs are not helpful at all: 2012-11-11T13:48:33 krb5_recvauth: Key table entry not found 2012-11-11T13:51:18 krb5_recvauth: Key table entry not found 2012-11-11T13:53:02 krb5_recvauth: Key table entry not found 2012-11-11T14:16:34 krb5_recvauth: Key table entry not found 2012-11-11T14:20:24 krb5_recvauth: Key table entry not found 2012-11-11T14:20:44 krb5_recvauth: Key table entry not found 2012-11-11T14:21:29 krb5_recvauth: Key table entry not found 2012-11-11T14:21:46 krb5_recvauth: Key table entry not found 2012-11-11T14:23:09 krb5_recvauth: Key table entry not found 2012-11-11T14:45:39 krb5_recvauth: Key table entry not found The KDC reports that both accounts succeed in authenticating: 2012-11-11T14:48:03 AS-REQ brian.empson@REALM from IPv4:192.168.72.10 for kadmin/changepw@REALM 2012-11-11T14:48:03 Client sent patypes: REQ-ENC-PA-REP 2012-11-11T14:48:03 Looking for PK-INIT(ietf) pa-data -- brian.empson@REALM 2012-11-11T14:48:03 Looking for PK-INIT(win2k) pa-data -- brian.empson@REALM 2012-11-11T14:48:03 Looking for ENC-TS pa-data -- brian.empson@REALM 2012-11-11T14:48:03 Need to use PA-ENC-TIMESTAMP/PA-PK-AS-REQ 2012-11-11T14:48:03 sending 294 bytes to IPv4:192.168.72.10 2012-11-11T14:48:03 AS-REQ brian.empson@REALM from IPv4:192.168.72.10 for kadmin/changepw@REALM 2012-11-11T14:48:03 Client sent patypes: ENC-TS, REQ-ENC-PA-REP 2012-11-11T14:48:03 Looking for PK-INIT(ietf) pa-data -- brian.empson@REALM 2012-11-11T14:48:03 Looking for PK-INIT(win2k) pa-data -- brian.empson@REALM 2012-11-11T14:48:03 Looking for ENC-TS pa-data -- brian.empson@REALM 2012-11-11T14:48:03 ENC-TS Pre-authentication succeeded -- brian.empson@REALM using aes256-cts-hmac-sha1-96 2012-11-11T14:48:03 ENC-TS pre-authentication succeeded -- brian.empson@REALM 2012-11-11T14:48:03 AS-REQ authtime: 2012-11-11T14:48:03 starttime: unset endtime: 2012-11-11T14:53:00 renew till: unset 2012-11-11T14:48:03 Client supported enctypes: aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96, des3-cbc-sha1, arcfour-hmac-md5, using aes256-cts-hmac-sha1-96/aes256-cts-hmac-sha1-96 2012-11-11T14:48:03 sending 704 bytes to IPv4:192.168.72.10 2012-11-11T14:45:39 AS-REQ brian.empson/admin@REALM from IPv4:192.168.72.10 for kadmin/admin@REALM 2012-11-11T14:45:39 Client sent patypes: REQ-ENC-PA-REP 2012-11-11T14:45:39 Looking for PK-INIT(ietf) pa-data -- brian.empson/admin@REALM 2012-11-11T14:45:39 Looking for PK-INIT(win2k) pa-data -- brian.empson/admin@REALM 2012-11-11T14:45:39 Looking for ENC-TS pa-data -- brian.empson/admin@REALM 2012-11-11T14:45:39 Need to use PA-ENC-TIMESTAMP/PA-PK-AS-REQ 2012-11-11T14:45:39 sending 303 bytes to IPv4:192.168.72.10 2012-11-11T14:45:39 AS-REQ brian.empson/admin@REALM from IPv4:192.168.72.10 for kadmin/admin@REALM 2012-11-11T14:45:39 Client sent patypes: ENC-TS, REQ-ENC-PA-REP 2012-11-11T14:45:39 Looking for PK-INIT(ietf) pa-data -- brian.empson/admin@REALM 2012-11-11T14:45:39 Looking for PK-INIT(win2k) pa-data -- brian.empson/admin@REALM 2012-11-11T14:45:39 Looking for ENC-TS pa-data -- brian.empson/admin@REALM 2012-11-11T14:45:39 ENC-TS Pre-authentication succeeded -- brian.empson/admin@REALM using aes256-cts-hmac-sha1-96 2012-11-11T14:45:39 ENC-TS pre-authentication succeeded -- brian.empson/admin@REALM 2012-11-11T14:45:39 AS-REQ authtime: 2012-11-11T14:45:39 starttime: unset endtime: 2012-11-11T15:45:39 renew till: unset 2012-11-11T14:45:39 Client supported enctypes: aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96, des3-cbc-sha1, arcfour-hmac-md5, using aes256-cts-hmac-sha1-96/aes256-cts-hmac-sha1-96 2012-11-11T14:45:39 sending 717 bytes to IPv4:192.168.72.10 I wish I had more detailed logging messages, running kadmind in debug mode seems to almost work but it just kicks me back to the shell when I type in the correct password. GSSAPI via LDAP doesn't work either, but I suspect it's because some parts of kerberos aren't working either: root@rds0:~# ldapsearch -Y GSSAPI -H ldaps:/// -b "o=mybase" o=mybase SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80) additional info: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information () root@rds0:~# ldapsearch -Y EXTERNAL -H ldapi:/// -b "o=mybase" o=mybase SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 # extended LDIF <snip> Would anyone be able to point me in the right direction?

  Read the article

< Previous Page | 71 72 73 74 75 76 77 78 79 80 81 82  | Next Page >