Search Results

Search found 23527 results on 942 pages for 'group policy management e'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 77/942 | < Previous Page | 73 74 75 76 77 78 79 80 81 82 83 84  | Next Page >

  • Implications of allowing Windows clients to use NTLMv1?

    - by Boden
    I have a web application that I'd like to authenticate to using pass-through NTLM for SSO. There is a problem, however, in that NTLMv2 apparently will not work in this scenario (without the application storing an identical password hash). I enabled NTLMv1 on one client machine (Vista) using its local group policy: Computer-Windows Settings-Security Settings-Network Security: LAN Manager authentication level. I changed it to Send LM & NTLM - use NTLMv2 session security if negotiated. This worked, and I'm able to login to the web application using NTLM. Now this application would be used by all of my client machines... so I'm wondering what the security risks are if I was push this policy out to all of them (not to the domain controller itself though)?

    Read the article

  • Server 2012 GPO: PowerShell Script on Computer Startup not running

    - by Alex
    I've got a couple of Server 2012 instances on Amazon EC2 and I'm in the process of setting up the GPOs. All of the settings of the GPOs are being applied fine, except none of the PowerShell scripts specified on computer startup are actually being executed. The scripts are sitting on a UNC share which has Authenticated Users applied to it with full permissions. I'm assuming it probably has something to do with the Execution Policy, but I'm not sure how to automatically bypass it. I could just go in each instance and bypass the Execution Policy, but that's obviously not a good idea, plus I'm eventually going to connect Windows 7 computers that will be running the same scripts. How can I get the scripts to actually run? Google searches hasn't yielded a whole lot...

    Read the article

  • Incident Management-Monitoring Ideas

    - by sprsr
    Hello all, What we are tring to do at our company (banking industry) is to apply some ITIL (Information Technology Infrastructure Library) principles and I need some ideas to develop our incident management system of our company. For those who have experienced with incident management, what are the things that helps you most ? What are the things that you can't live without while managing the incidents. Do you have some good screenshots of such a monitoring software ? Since we choosed to develop our own system instead of buying a big system, there are lots of things we may miss, and we are brainstorming here. I need some key points that most crucial in incident management and monitoring. Thanks.

    Read the article

  • SQL Management Studio is painfully slow on 32-bit Windows 7

    - by Sergei
    I've been having issues running anything in SQL Management Studio on Win 7. Basically, doing anything through the Management Studio interfaces completely freezes it up for a few minutes. Running a query is nearly impossible because it takes nearly 2 minutes just for the IDE to parse it and another minute to run it when the query itself completes instantaneously outside of the IDE. I'm not even going to go into the query designer. Anything with heavy user interaction such as editing a row in the result set where i have to click a cell freezes up the front-end. I tried reinstalling to no avail. Also tried running in compatibility mode without any difference whatsoever. Anybody had a similar experience? I'm running SQL Management Studio 2008 version 10.0.2531.0 on 32-bit Windows 7. Connecting to a remote SQL Server instance (2008 R2). Thanks.

    Read the article

  • SCCM for mobile device management returns 404 on /devicemgmt/server.resource

    - by Dan
    We have a new Windows Server 2008 R2 machine onto which we have installed SCCM SP2 followed by the R2 package. We have enabled a mobile device management point and enabled distribution points to support mobile devices as per http://technet.microsoft.com/en-us/library/bb680634.aspx We have also installed the Mobile Device Management Client on to a Windows Mobile 6.1 device. The client on the device fails to connect to the server. Our investigation so far has led us to the URL /devicemgmt/server.resource. However, looking in IIS on the server shows no such URL (in fact nothing apart from the aspnet_client directory) and visiting the URL with a browser returns 404. WebDav is enabled on the Default Web Site in IIS. BITS is installed on the server. Can anyone confirm whether enabling mobile device management will add visible directories to IIS and if so why it might be failing in our case?

    Read the article

  • Hide Drive / Avoid Low Diskspace Warning on ReadyBoost Cache?

    - by Simon Richter
    I've just added an SSD as a ReadyBoost cache drive, and have two minor cosmetic issues with it: the drive still shows up in the drive list I get a warning balloon every five minutes that the drive is full and that I should empty the Recycle Bin. The former is ignorable (and I guess I can solve it with a group policy); the latter is somewhat going on my nerves. Are there official buttons "hide ReadyBoost drives" and "do not warn on low diskspace for ReadyBoost drives" somewhere that I may have missed? If not, I guess I can use the group policy to hide the drive; I'd still need a way for the system to not warn about the drive being full. Also, am I right that I need to assign a drive letter and format the drive with NTFS to use it for ReadyBoost, or is there a way to just use the raw device?

    Read the article

  • System Restore Points

    - by Ross Lordon
    Currently I am investigating how to schedule an automatic initiation of a system restore point for all of the workstations in my office. It seems that Task Scheduler already has some nice defaults (screenshots below). Even the history for this task verifies that it is running successfully. However, when I go to Recovery in the Control Panel it only lists the System Restore Points one for every previous for only 3 weeks back even if I check the show more restore points box. Why don't the additional ones appear? Would there be a better way to implement a solution, like via group policy or a script? Is there any documentation on this online? I've been having a hard time tracking anything down except how to subvert group policy disabling this feature.

    Read the article

  • How to troubleshoot slow powerconnect 62xx management interface

    - by Hannes
    Our Dell Powerconnect 62xx switches have a very high packetloss on the management interface. I presume this is caused by a new appliance which uses multicast for communication but I am not sure. Our network setup is following: servers a - Dell PC6248 | servers b - Dell PC6248 |- juniper core router servers c - Dell PC6248 | What we see is that the multicast traffic arrives at all servers (but only the servers b use the multicast) and I fear that this multicast traffic floods the switch management interface. The switches' management interfaces are reachable via vlan101, all other traffic is sent over other vlans. When I tcpdump on one of the 2 servers with a vlan 101 ip address, I only get a few arp requests but almost nothing. When I try to ping between these 2 servers, it works like a charm. I would like to know what a good way is to troubleshoot this problem and maybe help me understand what is going wrong on that subnet.

    Read the article

  • Windows Server 2012 File Security Warning

    - by Technicolour
    I've mapped my domain users to a remote share, and I'm trying to get rid of the security warning that appears whenever a file is run from the remote share. I've tried adding the FQDN to the intranet list with no prevail and I'm starting to go crazy. I've also turned off IE Enhanced Security Configuration for both Admins and Users. The group policies are being applied, and I can see the FQDN in the intranet list in internet options. Relevant group policy: Relevant security warning:

    Read the article

  • Restrict Administrators from changing system time - Windows XP machines (no domain)

    - by user72128
    I need to write a script that will remove all users under Local Computer Policy > Computer Configuration > Windows Settings > Security Settings > User Rights Assignment > Change the system time from the local group policy (gpedit.msc) on all Windows XP machines. These machines are not on the domain. I DO have a way to distribute and run the script automatically. Can someone point me in the right direction for creating a script like this?

    Read the article

  • Default user logon on Windows Server system

    - by Robert Koritnik
    I installed Remote Desktop Services role (ex Terminal Services) on my Windows Server 2008 R2 machine. After installation when I try to logon locally, there's no default user as it used to be. Can I tweak group policy to have my default user back? I did enable to remember last logon user, but it didn't work... Obviously RDS (ex TS) ignores this policy setting. Additional note: I'm not connected to a domain. It's a standalone development machine running server OS. No domain needed for it.

    Read the article

  • Domain controller policies having administrative issues with program installations

    - by russ
    I have an issue with our domain and policies where a user needs administrative rights to install a program and someone provides the credentials for the 'run as admin' or 'run as other user' it will always show an error: Cannot find specified file on the drive. So we cannot install programs for our employees. How I fix it is I add the user to administrators, force a policy update, have them reboot, run as administrator and install it that way. Then remove them after and update the policy. Another way was to right click the install file (.exe/.msi) and add the user and administrator as an owner with full control. Only works when we have the installation file. I have no idea how to fix this and I can't find a relevant thread or QA about this problem. I can only find users having issues on their home computers not on a domain. Any help and threads to read would be great!

    Read the article

  • gpresult for local users on local machine?

    - by Jonas
    I would like to list the group policies for local users on a machine I'm setting up. However, when I run gpresult /v /u localmachine\user I get the error that I do have to specify a server name, and when I run gpresult /v /s 127.0.0.1 /u localmachine\user I get the message user credentials for local system are ignored, and I get the group policies for the local administrator as a result. How do I get the settings for the users?

    Read the article

  • How to check whether a user belongs to an AD group and nested groups?

    - by elsharpo
    hi guys, I have an ASP.NET 3.5 application using Windows Authentication and implementing our own RoleProvider. Problem is we want to restrict access to a set of pages to a few thousand users and rathern than inputing all of those one by one we found out they belong to an AD group. The answer is simple if the common group we are checking membership against the particular user is a direct member of it but the problem I'm having is that if the group is a member of another group and then subsequently member of another group then my code always returns false. For example: Say we want to check whether User is a member of group E, but User is not a direct member of *E", she is a member of "A" which a member of "B" which indeed is a member of E, therefore User is a member of *E" One of the solutions we have is very slow, although it gives the correct answer using (var context = new PrincipalContext(ContextType.Domain)) { using (var group = GroupPrincipal.FindByIdentity(context, IdentityType.Name, "DL-COOL-USERS")) { var users = group.GetMembers(true); // recursively enumerate return users.Any(a => a.Name == "userName"); } } The original solution and what I was trying to get to work, using .NET 3.5 System.DirectoryServices.AccountManagement and it does work when users are direct members of the group in question is as follows: public bool IsUserInGroup(string userName, string groupName) { var cxt = new PrincipalContext(ContextType.Domain, "DOMAIN"); var user = UserPrincipal.FindByIdentity(cxt, IdentityType.SamAccountName, userName); if (user == null) { return false; } var group = GroupPrincipal.FindByIdentity(cxt, groupName); if (group == null) { return false; } return user.IsMemberOf(group); } The bottom line is, we need to check for membership even though the groups are nested in many levels down. Thanks a lot!

    Read the article

  • Correlate GROUP BY and LEFT JOIN on multiple criteria to show latest record?

    - by Sunbird
    In a simple stock management database, quantity of new stock is added and shipped until quantity reaches zero. Each stock movement is assigned a reference, only the latest reference is used. In the example provided, the latest references are never shown, the stock ID's 1,4 should have references charlie, foxtrot respectively, but instead show alpha, delta. How can a GROUP BY and LEFT JOIN on multiple criteria be correlated to show the latest record? http://sqlfiddle.com/#!2/6bf37/107 CREATE TABLE stock ( id tinyint PRIMARY KEY, quantity int, parent_id tinyint ); CREATE TABLE stock_reference ( id tinyint PRIMARY KEY, stock_id tinyint, stock_reference_type_id tinyint, reference varchar(50) ); CREATE TABLE stock_reference_type ( id tinyint PRIMARY KEY, name varchar(50) ); INSERT INTO stock VALUES (1, 10, 1), (2, -5, 1), (3, -5, 1), (4, 20, 4), (5, -10, 4), (6, -5, 4); INSERT INTO stock_reference VALUES (1, 1, 1, 'Alpha'), (2, 2, 1, 'Beta'), (3, 3, 1, 'Charlie'), (4, 4, 1, 'Delta'), (5, 5, 1, 'Echo'), (6, 6, 1, 'Foxtrot'); INSERT INTO stock_reference_type VALUES (1, 'Customer Reference'); SELECT stock.id, SUM(stock.quantity) as quantity, customer.reference FROM stock LEFT JOIN stock_reference AS customer ON stock.id = customer.stock_id AND stock_reference_type_id = 1 GROUP BY stock.parent_id

    Read the article

  • Allowing connections initiated from outside

    - by Mark S. Rasmussen
    I've got an old Juniper SSG5 running ScreenOS 5.4.0r6.0. Once a day, more or less, it'll start randomly dropping packets at a rate of ~5-10%. We currently solve this issue by simply rebooting the unit, after which it resumes working in perfect condition. As this error has started appearing randomly, without any configuration or hardware changes, I'm assuming I've got an aging unit about to fail. As such, I've got a replacement SSG5 running ScreenOS 6.0. I've dumped the config on the 5.4 and imported it into a clean 6.0, and it seems to gladly accept it, and all my configuration seems to be A-OK. However, upon connecting the new unit, all outside-initiated connections seem to be blocked. If I browse our external IP from the inside, everything works perfectly, and it's not just port 80, SSH, Crashplan - all of our policies route correctly. All normal networking, initiated from the inside, work perfectly as well. If on the other hand I browse our external IP from the outside, everything is blocked. Barring differences between ScreenOS 5.4 and 6.0, the config is identical. Is there a setting somewhere that defines whether outside/inside initiated connections are allowed? unset key protection enable set clock timezone 1 set vrouter trust-vr sharable set vrouter "untrust-vr" exit set vrouter "trust-vr" unset auto-route-export exit set service "MyVOIP_UDP4569" protocol udp src-port 0-65535 dst-port 4569-4569 set service "MyVOIP_TCP22" protocol tcp src-port 0-65535 dst-port 22-22 set service "MyRDP" protocol tcp src-port 0-65535 dst-port 3389-3389 set service "MyRsync" protocol tcp src-port 0-65535 dst-port 873-873 set service "NZ_FTP" protocol tcp src-port 0-65535 dst-port 40000-41000 set service "NZ_FTP" + tcp src-port 0-65535 dst-port 21-21 set service "PPTP-VPN" protocol 47 src-port 2048-2048 dst-port 2048-2048 set service "PPTP-VPN" + tcp src-port 1024-65535 dst-port 1723-1723 set service "NZ_FMS_1935" protocol tcp src-port 0-65535 dst-port 1935-1935 set service "NZ_FMS_1935" + udp src-port 0-65535 dst-port 1935-1935 set service "NZ_FMS_8080" protocol tcp src-port 0-65535 dst-port 8080-8080 set service "CrashPlan Server" protocol tcp src-port 0-65535 dst-port 4280-4280 set service "CrashPlan Console" protocol tcp src-port 0-65535 dst-port 4282-4282 unset alg sip enable set alg appleichat enable unset alg appleichat re-assembly enable set alg sctp enable set auth-server "Local" id 0 set auth-server "Local" server-name "Local" set auth default auth server "Local" set auth radius accounting port 1646 set admin name "netscreen" set admin password "XXX" set admin auth web timeout 10 set admin auth dial-in timeout 3 set admin auth server "Local" set admin format dos set vip multi-port set zone "Trust" vrouter "trust-vr" set zone "Untrust" vrouter "trust-vr" set zone "DMZ" vrouter "trust-vr" set zone "VLAN" vrouter "trust-vr" set zone "Untrust-Tun" vrouter "trust-vr" set zone "Trust" tcp-rst set zone "Untrust" block unset zone "Untrust" tcp-rst set zone "MGT" block unset zone "V1-Trust" tcp-rst unset zone "V1-Untrust" tcp-rst set zone "DMZ" tcp-rst unset zone "V1-DMZ" tcp-rst unset zone "VLAN" tcp-rst set zone "Untrust" screen tear-drop set zone "Untrust" screen syn-flood set zone "Untrust" screen ping-death set zone "Untrust" screen ip-filter-src set zone "Untrust" screen land set zone "V1-Untrust" screen tear-drop set zone "V1-Untrust" screen syn-flood set zone "V1-Untrust" screen ping-death set zone "V1-Untrust" screen ip-filter-src set zone "V1-Untrust" screen land set interface ethernet0/0 phy full 100mb set interface ethernet0/3 phy full 100mb set interface ethernet0/4 phy full 100mb set interface ethernet0/5 phy full 100mb set interface ethernet0/6 phy full 100mb set interface "ethernet0/0" zone "Untrust" set interface "ethernet0/1" zone "Null" set interface "bgroup0" zone "Trust" set interface "bgroup1" zone "Trust" set interface "bgroup2" zone "Trust" set interface bgroup2 port ethernet0/2 set interface bgroup0 port ethernet0/3 set interface bgroup0 port ethernet0/4 set interface bgroup1 port ethernet0/5 set interface bgroup1 port ethernet0/6 unset interface vlan1 ip set interface ethernet0/0 ip 215.173.182.18/29 set interface ethernet0/0 route set interface bgroup0 ip 192.168.1.1/24 set interface bgroup0 nat set interface bgroup1 ip 192.168.2.1/24 set interface bgroup1 nat set interface bgroup2 ip 192.168.3.1/24 set interface bgroup2 nat set interface ethernet0/0 gateway 215.173.182.17 unset interface vlan1 bypass-others-ipsec unset interface vlan1 bypass-non-ip set interface ethernet0/0 ip manageable set interface bgroup0 ip manageable set interface bgroup1 ip manageable set interface bgroup2 ip manageable set interface bgroup0 manage mtrace unset interface bgroup1 manage ssh unset interface bgroup1 manage telnet unset interface bgroup1 manage snmp unset interface bgroup1 manage ssl unset interface bgroup1 manage web unset interface bgroup2 manage ssh unset interface bgroup2 manage telnet unset interface bgroup2 manage snmp unset interface bgroup2 manage ssl unset interface bgroup2 manage web set interface ethernet0/0 vip 215.173.182.19 2048 "PPTP-VPN" 192.168.1.131 set interface ethernet0/0 vip 215.173.182.19 + 4280 "CrashPlan Server" 192.168.1.131 set interface ethernet0/0 vip 215.173.182.19 + 4282 "CrashPlan Console" 192.168.1.131 set interface ethernet0/0 vip 215.173.182.22 22 "MyVOIP_TCP22" 192.168.2.127 set interface ethernet0/0 vip 215.173.182.22 + 4569 "MyVOIP_UDP4569" 192.168.2.127 set interface ethernet0/0 vip 215.173.182.22 + 3389 "MyRDP" 192.168.2.202 set interface ethernet0/0 vip 215.173.182.22 + 873 "MyRsync" 192.168.2.201 set interface ethernet0/0 vip 215.173.182.22 + 80 "HTTP" 192.168.2.202 set interface ethernet0/0 vip 215.173.182.22 + 2048 "PPTP-VPN" 192.168.2.201 set interface ethernet0/0 vip 215.173.182.22 + 8080 "NZ_FMS_8080" 192.168.2.216 set interface ethernet0/0 vip 215.173.182.22 + 1935 "NZ_FMS_1935" 192.168.2.216 set interface bgroup0 dhcp server service set interface bgroup1 dhcp server service set interface bgroup2 dhcp server service set interface bgroup0 dhcp server auto set interface bgroup1 dhcp server auto set interface bgroup2 dhcp server auto set interface bgroup0 dhcp server option domainname companyalan set interface bgroup0 dhcp server option dns1 192.168.1.131 set interface bgroup1 dhcp server option domainname companyblan set interface bgroup1 dhcp server option dns1 192.168.2.202 set interface bgroup2 dhcp server option dns1 8.8.8.8 set interface bgroup2 dhcp server option wins1 8.8.4.4 set interface bgroup0 dhcp server ip 192.168.1.2 to 192.168.1.116 set interface bgroup1 dhcp server ip 192.168.2.2 to 192.168.2.116 set interface bgroup2 dhcp server ip 192.168.3.2 to 192.168.3.126 unset interface bgroup0 dhcp server config next-server-ip unset interface bgroup1 dhcp server config next-server-ip unset interface bgroup2 dhcp server config next-server-ip set interface "ethernet0/0" mip 215.173.182.21 host 192.168.2.202 netmask 255.255.255.255 vr "trust-vr" set interface "serial0/0" modem settings "USR" init "AT&F" set interface "serial0/0" modem settings "USR" active set interface "serial0/0" modem speed 115200 set interface "serial0/0" modem retry 3 set interface "serial0/0" modem interval 10 set interface "serial0/0" modem idle-time 10 set flow tcp-mss unset flow tcp-syn-check unset flow tcp-syn-bit-check set flow reverse-route clear-text prefer set flow reverse-route tunnel always set pki authority default scep mode "auto" set pki x509 default cert-path partial set pki x509 dn name "[email protected]" set dns host dns1 0.0.0.0 set dns host dns2 0.0.0.0 set dns host dns3 0.0.0.0 set address "Trust" "192.168.1.0/24" 192.168.1.0 255.255.255.0 set address "Trust" "192.168.2.0/24" 192.168.2.0 255.255.255.0 set address "Trust" "192.168.3.0/24" 192.168.3.0 255.255.255.0 set crypto-policy exit set ike respond-bad-spi 1 set ike ikev2 ike-sa-soft-lifetime 60 unset ike ikeid-enumeration unset ike dos-protection unset ipsec access-session enable set ipsec access-session maximum 5000 set ipsec access-session upper-threshold 0 set ipsec access-session lower-threshold 0 set ipsec access-session dead-p2-sa-timeout 0 unset ipsec access-session log-error unset ipsec access-session info-exch-connected unset ipsec access-session use-error-log set vrouter "untrust-vr" exit set vrouter "trust-vr" exit set l2tp default ppp-auth chap set url protocol websense exit set policy id 1 from "Trust" to "Untrust" "Any" "Any" "ANY" permit set policy id 1 exit set policy id 2 from "Untrust" to "Trust" "Any" "VIP(215.173.182.19)" "PPTP-VPN" permit traffic set policy id 2 exit set policy id 3 from "Untrust" to "Trust" "Any" "VIP(215.173.182.22)" "HTTP" permit log set policy id 3 set service "MyRDP" set service "MyRsync" set service "MyVOIP_TCP22" set service "MyVOIP_UDP4569" exit set policy id 6 from "Trust" to "Trust" "192.168.1.0/24" "192.168.2.0/24" "ANY" deny set policy id 6 exit set policy id 7 from "Trust" to "Trust" "192.168.2.0/24" "192.168.1.0/24" "ANY" deny set policy id 7 exit set policy id 8 from "Trust" to "Trust" "192.168.3.0/24" "192.168.1.0/24" "ANY" deny set policy id 8 exit set policy id 9 from "Trust" to "Trust" "192.168.3.0/24" "192.168.2.0/24" "ANY" deny set policy id 9 exit set policy id 10 from "Untrust" to "Trust" "Any" "MIP(215.173.182.21)" "NZ_FTP" permit set policy id 10 exit set policy id 11 from "Untrust" to "Trust" "Any" "VIP(215.173.182.22)" "PPTP-VPN" permit set policy id 11 exit set policy id 12 from "Untrust" to "Trust" "Any" "VIP(215.173.182.22)" "NZ_FMS_1935" permit set policy id 12 set service "NZ_FMS_8080" exit set policy id 13 from "Untrust" to "Trust" "Any" "VIP(215.173.182.19)" "CrashPlan Console" permit set policy id 13 set service "CrashPlan Server" exit set nsmgmt bulkcli reboot-timeout 60 set ssh version v2 set config lock timeout 5 unset license-key auto-update set telnet client enable set snmp port listen 161 set snmp port trap 162 set vrouter "untrust-vr" exit set vrouter "trust-vr" unset add-default-route exit set vrouter "untrust-vr" exit set vrouter "trust-vr" exit Note that I've previously posted a similar question (pertaining to the same device & replacement, but ultimately caused by a malfunctioning switch, and thus clouding the current issue): Outbound traffic being blocked for MIP/VIPped servers (Juniper SSG5)

    Read the article

  • Client-side policy error using JacORB (Java/CORBA) with SSL

    - by jason
    I'm trying to add SSL to an existing CORBA app, and I keep getting this error: org.omg.CORBA.NO_PERMISSION: Client-side policy requires SSL/TLS, but server doesn't support it vmcid: 0x0 minor code: 0 completed: No at org.jacorb.orb.iiop.ClientIIOPConnection.checkSSL(ClientIIOPConnection.java:535) at org.jacorb.orb.iiop.ClientIIOPConnection.connect(ClientIIOPConnection.java:144) at org.jacorb.orb.giop.GIOPConnection.sendMessage(GIOPConnection.java:835) at org.jacorb.orb.giop.GIOPConnection.sendRequest(GIOPConnection.java:805) at org.jacorb.orb.giop.ClientConnection.sendRequest(ClientConnection.java:302) at org.jacorb.orb.giop.ClientConnection.sendRequest(ClientConnection.java:282) at org.jacorb.orb.Delegate.invoke_internal(Delegate.java:919) at org.jacorb.orb.Delegate.invoke(Delegate.java:868) at org.jacorb.orb.Delegate.is_a(Delegate.java:1268) at org.omg.CORBA.portable.ObjectImpl._is_a(ObjectImpl.java:112) at databridge.autogen.ILoginManagerHelper.narrow(ILoginManagerHelper.java:57) at databridge.test.Client.main(Client.java:59) I have generated keystores for both client and server and exchanged the keys between the two. Using this setup, I can get the demo application that came in the JacORB download to run successfully. The only difference I can tell is that my test is using the Tie method to get the POA. There are some policies that go into that, but I can't find any information on what policies need to go in there to enable SSL, if any. I'm not even sure that's the problem as the JacORB demo doesn't set any policies on the server or poa. When I run the -Djavax.net.debug=ssl, I can see the keystores load up the trusted certs on both the client and the server. I'm just not sure what policies are being referred to here, but it's odd that the demo works and the test doesn't using the exact same keystores and properties. I've emailed the mailing list, but I'm not holding out much hope as that doesn't seem to be very active. Any help would be greatly appreciated. Below are my properties files. Server Props: jacorb.security.support_ssl=on jacorb.security.ssl.server.supported_options=60 jacorb.security.ssl.server.required_options=20 jacorb.ssl.socket_factory=org.jacorb.security.ssl.sun_jsse.SSLSocketFactory jacorb.ssl.server_socket_factory=org.jacorb.security.ssl.sun_jsse.SSLServerSocketFactory jacorb.security.keystore=dbserver.jks jacorb.security.keystore_password=dbsslserver_pass jacorb.security.jsse.trustees_from_ks=on jacorb.security.jsse.log.verbosity=4 jacorb.implname=StandardImplName client props jacorb.security.support_ssl=on jacorb.security.ssl.client.supported_options=60 jacorb.security.ssl.client.required_options=20 jacorb.ssl.socket_factory=org.jacorb.security.ssl.sun_jsse.SSLSocketFactory jacorb.security.keystore=dbclient.jks jacorb.security.keystore_password=dbsslclient_pass jacorb.security.jsse.trustees_from_ks=on jacorb.security.jsse.log.verbosity=4 jacorb.implname=StandardImplName

    Read the article

  • WebSphere MQ running under local account / group cannot read group memberships for Active Directory user. Workaround or alternative resolution?

    - by noahz
    I am developing an application that is using WebSphere MQ v6.0. WebSphere MQ is currently not working due to the following issue: WebSphere MQ service runs under local user "MUSR_MQADMIN" in the local group "mqm" I attempt to use the service using my own account, BIZ\noahz MUSR_MQADMIN needs to check if BIZ\noahz is in local group "mqm" MUSR_MQADMIN does not have permission to read the Active Directory group membership of BIZ\noahz The following error appears in the MQ log file: ----- amqzfubn.c : 3582 ------------------------------------------------------- 1/31/2011 18:51:32 - Process(704.1105) User(MUSR_MQADMIN) Program(amqzlaa0.exe) AMQ8079: Access was denied when attempting to retrieve group membership information for user 'noahz@biz'. EXPLANATION: WebSphere MQ, running with the authority of user 'musr_mqadmin@noahz-biz', was unable to retrieve group membership information for the specified user. ACTION: Ensure Active Directory access permissions allow user 'musr_mqadmin@noahz-biz' to read group memberships for user 'noahz@biz'. To retrieve group membership information for a domain user, MQ must run with the authority of a domain user. ----- amqzfubn.c : 3582 ------------------------------------------------------- I found more information is here on IBM's web site: http://publib.boulder.ibm.com/infocenter/wmqv7/v7r0/index.jsp?topic=/com.ibm.mq.amqtac.doc/wq10830_.htm I don't have Active Directory admin rights for my Windows machine, so my question is: Is there anything else I can do to resolve (or work-around) this issue and get WebSphere MQ working for me again? For example, can I disable this security check in WebSphere MQ?

    Read the article

  • mrepo and grouplist/groupinstall?, mrepo not working as expected with group

    - by user52874
    All, I'm trying to set up mrepo so we can have internal repositories. After quite the slog, things seem to be working as expected EXCEPT for groups. From man createrepo: EXAMPLES Here is an example of a repository with a groups file. Note that the groups file should be in the same directory as the rpm packages (i.e. /path/to/rpms/comps.xml). createrepo -g comps.xml /path/to/rpms So here's what I'm doing: wget -c http://ftp.scientificlinux.org/linux/scientific/6/x86_64/os/repodata/comps-sl6-x86_64.xml cp comps-sl6-x86_64.xml /var/mrepo/SL6-x86_64/os/Packages/comps-sl6-x86_64.xml createrepo -g comps-sl6-x86_64.xml /var/mrepo/SL6-x86_64/os/Packages/ lots of output, no apparent errors or warnings BUT.. from a client: yum grouplist Loaded plugins: refresh-packagekit Setting up Group Process Error: No group data available for configured repositories Here's /etc/mrepo.conf: ### Configuration file for mrepo ### The [main] section allows to override mrepo's default settings ### The mrepo-example.conf gives an overview of all the possible settings [main] srcdir = /var/mrepo wwwdir = /var/www/mrepo confdir = /etc/mrepo.conf.d arch = x86_64 mailto = root@localhost smtp-server = localhost pxelinux = /usr/lib/syslinux/pxelinux.0 tftpdir = /tftpboot #rhnlogin = username:password ### Any other section is considered a definition for a distribution ### You can put distribution sections in /etc/mrepo.conf.d ### Examples can be found in the documentation. Here's /etc/mrepo.conf.d/sl6.mrepo: ### Scientific Linux 6 [SL6] name = Scientific Linux 6 release = 6 arch = x86_64 metadata = repomd repoview os = rsync://rsync.scientificlinux.org/scientific/$release/$arch/os/ updates = rsync://rsync.scientificlinux.org/scientific/$release/$arch/updates/ security = rsync://rsync.scientificlinux.org/scientific/$release/$arch/updates/security/ fastbugs = rsync://rsync.scientificlinux.org/scientific/$release/$arch/updates/fastbugs/

    Read the article

  • Unix Permissions issue with users belonging to the same group accessing a folder

    - by TK Kocheran
    I have a folder I'd really like to allow another user on this machine access to. I'm using mt-daapd to serve music to the network, so I'd like to enable the mt-daapd user to access my Music directory, /home/rfkrocktk/Music. The master user is rfkrocktk obviously. I've tried to set all of my permissions properly on the directory, but the mt-daapd user can't acces the files. I created a group called media-users and added both rfkrocktk and mt-daapd to it in order to give mt-daapd permission to simply read all of the files in that directory and subdirectories. If I run id on each of my users, here's what's displayed: $ id rfkrocktk > uid=1000(rfkrocktk) gid=1000(rfkrocktk) groups=1000(rfkrocktk),4(adm),20(dialout),24(cdrom),29(audio),46(plugdev),104(lpadmin),115(admin),120(sambashare),124(vboxusers),1001(jupiter),2002(media-users) $ id mt-daapd > uid=123(mt-daapd) gid=65534(nogroup) groups=65534(nogroup),2002(media-users) It definitely seems that both users are a part of the media-users group, so what could be going wrong? If I run ls -l on the actual Music directory to see its permissions, here's the output: drwxr-Sr-- 201 rfkrocktk media-users 12288 2011-01-13 12:26 Music If I run ls -l on the Music directory to get its children, here's the output: drwxr-Sr-- 3 rfkrocktk media-users 4096 2010-12-20 15:31 2DBoy drwxr-Sr-- 3 rfkrocktk media-users 4096 2010-05-25 12:50 ABBA drwxr-Sr-- 3 rfkrocktk media-users 4096 2009-12-28 15:19 Access Denied drwxr-Sr-- 10 rfkrocktk media-users 4096 2009-12-28 15:19 AC-DC drwxr-Sr-- 3 rfkrocktk media-users 4096 2009-12-28 15:19 Aerosmith drwxr-Sr-- 3 rfkrocktk media-users 4096 2010-06-04 10:45 A Flock of Seagulls drwxr-Sr-- 4 rfkrocktk media-users 4096 2010-05-28 18:13 Alestorm drwxr-Sr-- 3 rfkrocktk media-users 4096 2010-06-22 23:29 Amon Amarth drwxr-Sr-- 5 rfkrocktk media-users 4096 2009-12-28 15:19 Anberlin ... From this, it would seem that I should be able to access the folders from mt-daapd, but I can't. Running sudo -i -u mt-daapd ls -l /home/rfkrocktk/Music displays nothing, indicating to me that for whatever reason, mt-daapd doesn't have access to read the folder. What am I doing wrong?

    Read the article

  • Windows 7, network shares, and authentication via local group instead of local user

    - by Donovan
    I have been doing some troubleshooting of my home network lately and have come to an odd conclusion that I was hoping to get some clarification on. I'm used to managing share permissions in a domain environment via groups instead of individual user accounts. I have a box at home running windows 7 ultimate and I decided to share some directories on that machine. I set it up to disallow guest access and require specifically granted permissions. (password moe?). Anyway, after a whole bunch of time i figured out that even though the shares I created were allowed via a local group i could not access them until i gave specific allowance to the intended user. I just didn't think i would have to do that. So here is the breakdown. Network is windows workgroup, not homegroup or nt domain PC_1 - win 7 ultimate - sharing in classic mode - user BOB - groups Admins PC_2 - win 7 starter - client - user BOB - groups admins PC_3 - win xp pro - client - user BOB - groups admins the share on PC_1 granted permission to only the local group administrators. local user BOB on PC_1 was a member of administrators. Both PC_2 and PC_3 could not browse the intended share on PC_1 because they were denied access. Also, no challenge was presented. They were simply denied. After adding BOB specifically to the intended share everything works just fine. Remember, its not an nt domain just a workgroup. But still, shouldn't i be able to manage share permissions via groups instead of individual user accounts? D.

    Read the article

  • Allignment of ext3 partition on LVM RAID volume group

    - by John P
    I'm trying to add a partition on a LVM that resides on a RAID6 volume group and fdisk is complaining about the partition not residing on a physical sector boundry. My question is, how do you calculate the correct starting sector for a partition on a LVM? This partition will be formated ext3. Would it be better to just format the LVM directly instead of creating a new partition? Disk /dev/dedvol/backup: 2199.0 GB, 2199023255552 bytes 255 heads, 63 sectors/track, 267349 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 1048576 bytes / 8388608 bytes Disk identifier: 0x4e428f49 Device Boot Start End Blocks Id System /dev/dedvol/backup1 63 267349 2146982827+ 83 Linux Partition 1 does not start on physical sector boundary. lvdisplay /dev/dedvol/backup --- Logical volume --- LV Name /dev/dedvol/backup VG Name dedvol LV UUID OV2n5j-7LHb-exJL-t8dI-dU8A-2vxf-uIicCt LV Write Access read/write LV Status available # open 0 LV Size 2.00 TiB Current LE 524288 Segments 1 Allocation inherit Read ahead sectors auto - currently set to 32768 Block device 253:1 vgdisplay dedvol --- Volume group --- VG Name dedvol System ID Format lvm2 Metadata Areas 1 Metadata Sequence No 3 VG Access read/write VG Status resizable MAX LV 0 Cur LV 2 Open LV 1 Max PV 0 Cur PV 1 Act PV 1 VG Size 14.55 TiB PE Size 4.00 MiB Total PE 3815448 Alloc PE / Size 3670016 / 14.00 TiB Free PE / Size 145432 / 568.09 GiB VG UUID 8fBcOk-aXGx-P3Qy-VVpJ-0zK1-fQgy-Cb691J

    Read the article

  • NetBackup's bplist doesn't get user/group info for Windows files

    - by Gnustavo
    I'm trying to get information about storage consumption from NetBackup's bplist output. I'm running NBU 6.0MP5 on a RHEL 3 server. The server is backing up several Solaris, Linux, and Windows machines. When I use bplist to get information about files backed up on any UNIX machine I get something like this: # bplist -C unixclient -R 99 -l -s 01/28/2006 -e 01/29/2006 / drwxr-xr-x test ccase 0 Nov 16 09:28 /l/home2/test/ -rw------- test ccase 4737 Jan 06 17:54 /l/home2/test/.bash_history -rw-rw-r-- test ccase 104 Nov 11 2004 /l/home2/test/.bashrc However, when I use it to list files backed up on any Windows client I can't get the user and group information. They both always appear as 'root'. Like this: # bplist -C winclient -t 13 -R 99 -l -s 02/20/2006 / drwx------ root root 0 Feb 20 14:26 /C/temp/ -rwx------ root root 41 Feb 20 14:26 /C/temp/asdf.txt drwx------ root root 0 May 25 2004 /C/temp/CTRMNGR/ Does anyone know why bplist doesn't show the correct user/group for Windows files? If it can't, is there a way to get that information using another command? Thanks. Gustavo.

    Read the article

  • How to add a user to Wheel group?

    - by Natasha Thapa
    I am trying to add a use to wheel group using in a Ubuntu server. sudo usermod -aG wheel john I get: usermod: group 'wheel' does not exist On my /etc/sudoers I have this: > cat /etc/sudoers > # sudoers file. > # > # This file MUST be edited with the 'visudo' command as root. > # > # See the sudoers man page for the details on how to write a sudoers file. > # > > # Host alias specification > > # User alias specification > > # Cmnd alias specification > > # Defaults specification > > # User privilege specification root ALL=(ALL) ALL %root ALL=(ALL) NOPASSWD: ALL > > %wheel ALL=(ALL) NOPASSWD: ALL Do I have to do groupadd of wheel?

    Read the article

  • different user group can not upload file in the server

    - by Dallal
    I have a CentOS server running in Thailand, and I'm in Canada. The guy at the computer center who set up the server for me doesn't really understand much about linux and left me off an issue to solve myself. I just moved from Mac Server to Linux server, and the first thing I'm facing a problem now is `file name` has failed to upload due to an error The uploaded file could not be moved to `location name` So what happen is that I knew from my experiences of these problem is all about permissions. So I go ahead and checked on my whole folder and found that everything in the folder permission is like myusername mygroupname then I checked the httpd file in the server and it is default to apache apache. My question is that how can I make my user to be in the same group with apache group so that I don't have to have any problem about uploading, changing data in my file....? But without having to affect other user in the same server. I'm holding Administrator account, but not root account, but I can change stuff on the server root no problem. When I was with godaddy.com there never been any problem about the permission and I wish I know how they configure that :(

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 73 74 75 76 77 78 79 80 81 82 83 84  | Next Page >