Search Results

Search found 474 results on 19 pages for 'realm'.

Page 8/19 | < Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >

  • Assistance in setting up new APC Smart-UPS RT on a new VMware enviroment

    - by user38085
    I'm new to the realm of setting up a APC Smart-UPS RT 8000VA UPS with a management network card (AP9618). The project calls for the upgrade of the firmware for the network card to the newest and greatest. It also calls for the Powerchute Business Software to be installed with notifications setup per email for temperature, shutdown, and battery low. I know I'll have to use the serial cable to flash the firmware and install the software on one server 2003 box. Also on that server I'll have to install the software and setup the GUI (IP address) interface. Whats confusing the most is the whole process, and steps to use without taking down the network, which would be very bad. In flashing the firmware does it take down the UPS? Do i have to run BOOTP commands to setup the network card? Also no agents will be used on any of the VWware OS's and no SNMP trap will be used.

    Read the article

  • I can't add PPA repository behind the proxy (with @ in the username)

    - by kenorb
    I'm trying to add the ppa repository (as a root) with the following command: export HTTP_PROXY="http://[email protected]:[email protected]:8080" add-apt-repository ppa:nilarimogard/webupd8 Traceback (most recent call last): File "/usr/bin/add-apt-repository", line 125, in <module> ppa_info = get_ppa_info_from_lp(user, ppa_name) File "/usr/lib/python2.7/dist-packages/softwareproperties/ppa.py", line 84, in get_ppa_info_from_lp curl.perform() pycurl.error: (56, 'Received HTTP code 407 from proxy after CONNECT') Unfortunately it doesn't work. Looks like curl is connecting to the proxy, but the proxy says that Authentication is Required. I've tried with .curlrc, http_proxy env instead, but it doesn't work. strace -e network,write -s1000 add-apt-repository ppa:nilarimogard/webupd8 socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP) = 4 socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 4 connect(4, {sa_family=AF_INET, sin_port=htons(8080), sin_addr=inet_addr("165.x.x.232")}, 16) = -1 EINPROGRESS (Operation now in progress) getsockopt(4, SOL_SOCKET, SO_ERROR, [0], [4]) = 0 getpeername(4, {sa_family=AF_INET, sin_port=htons(8080), sin_addr=inet_addr("165.x.x.232")}, [16]) = 0 getsockname(4, {sa_family=AF_INET, sin_port=htons(46025), sin_addr=inet_addr("161.20.75.220")}, [16]) = 0 sendto(4, "CONNECT launchpad.net:443 HTTP/1.1\r\nHost: launchpad.net:443\r\nUser-Agent: PycURL/7.22.0\r\nProxy-Connection: Keep-Alive\r\nAccept: application/json\r\n\r\n", 146, MSG_NOSIGNAL, NULL, 0) = 146 recvfrom(4, "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: BASIC realm=\"proxy\"\r\nCache-Control: no-cache\r\nPragma: no-cache\r\nContent-Type: text/html; charset=utf-8\r\nProxy-Connection: close\r\nSet-Cookie: BCSI-CS-91b9906520151dad=2; Path=/\r\nConnection: close\ Maybe it's because there is @ sign in the username? Wget works with proxy fine. Related: How do I add a repository from behind a proxy? Environment Ubuntu 12.04 curl 7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3 curl Features: GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP

    Read the article

  • Get to Know a Candidate (10 of 25): Tom Stevens&ndash;Objectivist Party

    - by Brian Lanham
    DISCLAIMER: This is not a post about “Romney” or “Obama”. This is not a post for whom I am voting. Information sourced for Wikipedia. Stevens is an American professor, attorney, politician and blogger. He is the founder and chairman of the Objectivist Party and was that party's nominee for President in the 2008 and 2012 United States Presidential elections. He is the party's presidential nominee in the 2012 election as well. He is also the founder of the Personal Freedom Party of New York. Stevens was the first vice chairman of the political party Boston Tea Party. He resigned from that position in 2008. In 2010, he announced the formation of the Personal Freedom Party of New York. Stevens runs the blog site Liberty Lion. He is a graduate of New York University and Hofstra University School of Law. Stevens is on the ballot in CO, and FL. The Objectivist Party is a political party in the United States that seeks to promote Ayn Rand's philosophy of Objectivism in the political realm. The party was formed on February 2, 2008 by Thomas Stevens; the date was chosen to coincide with Rand's birthday. The party believes in the repeal of the federal income tax; thus the repeal of the 16th Amendment. The income tax would then be replaced by a Flat Tax of 10% or Federal sales tax. The party supports the 2nd Amendment, but only as long as violent criminals are not permitted to own any weapon. Learn more about Tom Stevens and Objectivist Party on Wikipedia.

    Read the article

  • Podcasting vs Stack Overflow vs Geekswithblogs

    - by MarkPearl
    For a few years now I have been looking for effective ways to be involved in the “community”. While there are a few community programming events in my area (Johannesberg), there isn’t too much face to face stuff – which has caused me to turn to the internet. My internet attempts have been varied – at first I took the passive approach of listening to tech podcasts. This was great for a while, but soon the content became semi-repetitive and a little boring. It seemed that the podcasts I was listening to all went round the same themes and speakers and while I am still a keen listener to several tech podcasts – it didn’t quench my thirst. So I began to be a bit more active – starting with stack overflow – where I would scan the site for questions that were in the realm of my ability to answer. It worked for a while but soon it began to be discouraging – there seems to be so many people that know so much more than me and are quicker at typing that I felt fairly ineffective. So while I still use Stack Overflow when I am in a pickle and need some help – it feels more like me taking from the community than giving anything. Which brought me to Geeks with blogs. Till I found GWB I hadn’t felt like I was an active part of a community. I had blogged before on Blogspot and Wordpress but hadn’t felt associated to the community. Now when I get a comment from someone on one of my GWB posts either thanking me or adding a bit more or correcting me, it makes me feel like I am contributing to a community. So well done GWB. Thanks for making a spot that makes me feel at home!

    Read the article

  • Cyrus on CentOS with sasl / pam / ldap

    - by Oscar
    SASL/PAM/LDAP is driving me crazy... that's what I read a lot when googling for problems in this area, and what I experience myself :-S I'm trying to get Cyrus imap working for virtual hosting on CentOS with this authorisation backend and really don't know what's happening. In saslauthd I configured the LDAP search filter to use, but it looks like pam completely ignores it. Here's what I do for testing (done more tests but all with similar results): [root@testserv ~]# imtest -u [email protected] -a [email protected] WARNING: no hostname supplied, assuming localhost S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS] testserv. Cyrus IMAP4 v2.3.7-Invoca-RPM-2.3.7-7.el5_6.4 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH S: C01 OK Completed Please enter your password: C: L01 LOGIN [email protected] {6} S: + go ahead C: <omitted> S: L01 NO Login failed: authentication failure Authentication failed. generic failure Security strength factor: 0 C: Q01 LOGOUT * BYE LOGOUT received Q01 OK Completed Connection closed. The LDAP entry does exist (and so does the mailbox in Cyrus): [root@testserv ~]# ldapsearch -WxD cn=Manager,o=mydomain,c=com [email protected] Enter LDAP Password: # extended LDIF # # LDAPv3 # base <> with scope subtree # filter: [email protected] # requesting: ALL # # myuser, accounts, testserv.mydomain.com, mydomain, com dn: uid=myuser,ou=accounts,dc=testserv.mydomain.com,o=mydomain,c=com objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount uidNumber: 16 uid: myuser gidNumber: 5 givenName: My sn: Name mail: [email protected] cn: My Name userPassword:: dYN5ebB0fXhNRn1pZllhRnJX7Uk= shadowLastChange: 15176 homeDirectory: /dev/null # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 This is what I get in /var/log/messages Aug 2 04:00:11 testserv cyrus/imap[12514]: auxpropfunc error invalid parameter supplied Aug 2 04:00:19 testserv saslauthd[5926]: do_auth : auth failure: [[email protected]] [service=imap] [realm=testserv.mydomain.com] [mech=pam] [reason=PAM auth error] ... /var/adm/auth.log Aug 2 04:00:11 testserv cyrus/imap[12514]: auxpropfunc error invalid parameter supplied Aug 2 04:00:11 testserv cyrus/imap[12514]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: ldapdb Aug 2 04:00:19 testserv saslauthd[5926]: DEBUG: auth_pam: pam_authenticate failed: User not known to the underlying authentication module Aug 2 04:00:19 testserv saslauthd[5926]: do_auth : auth failure: [[email protected]] [service=imap] [realm=testserv.mydomain.com] [mech=pam] [reason=PAM auth error] (AFAIK I can ignore the auxprop msg) ... and /var/log/slapd.log: Aug 2 04:00:19 testserv slapd[5968]: conn=61 fd=27 ACCEPT from IP=127.0.0.1:51403 (IP=0.0.0.0:389) Aug 2 04:00:19 testserv slapd[5968]: conn=61 op=0 BIND dn="" method=128 Aug 2 04:00:19 testserv slapd[5968]: conn=61 op=0 RESULT tag=97 err=0 text= Aug 2 04:00:19 testserv slapd[5968]: conn=61 op=1 SRCH base="o=mydomain,c=com" scope=2 deref=0 filter="([email protected])" Aug 2 04:00:19 testserv slapd[5968]: conn=61 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text= Aug 2 04:00:19 testserv slapd[5968]: conn=61 op=2 UNBIND Aug 2 04:00:19 testserv slapd[5968]: conn=61 fd=27 closed These are the settings in In /etc/imapd.conf: sasl_mech_list: PLAIN LOGIN sasl_pwcheck_method: saslauthd ## sasl_auxprop_plugin: sasldb sasl_auto_transition: no and my sasl config: [root@testserv ~]# cat /etc/sysconfig/saslauthd # Directory in which to place saslauthd's listening socket, pid file, and so # on. This directory must already exist. SOCKETDIR=/var/run/saslauthd # Mechanism to use when checking passwords. Run "saslauthd -v" to get a list # of which mechanism your installation was compiled with the ablity to use. MECH=pam # Additional flags to pass to saslauthd on the command line. See saslauthd(8) # for the list of accepted flags. FLAGS="-c -r -O /etc/saslauthd.conf" [root@testserv ~]# cat /etc/saslauthd.conf ldap_servers: ldap://127.0.0.1/ ldap_search_base: dc=%d,o=mydomain,c=com ldap_auth_method: bind #ldap_filter: (|(uid=%u)((&(mail=%u@%d)(accountStatus=active))) ldap_filter: (&(mail=%u@%d)(accountStatus=active)) ldap_debug: 1 ldap_version: 3 The accountStatus=active is not in ldap yet, but that doesn't make a difference since I don't see it in the filter... that's not the reason for the failure. The weird thing is, I do get an error when I rename or remove /etc/saslauthd.conf, but when the file exists it seems happily ignored... The filter in slapd.log seems to be taken from /etc/ldap.conf. Apart from some timers, that only contains: host 127.0.0.1 base o=mydomain,c=com pam_login_attribute mail Outcommenting the pam_login_attribute results in this filter in slapd.log: filter="([email protected])" Pam-imap looks like this: [root@testserv ~]# cat /etc/pam.d/imap auth required pam_ldap.so debug account required pam_ldap.so debug #auth sufficient pam_unix.so likeauth nullok #auth sufficient pam_ldap.so use_first_pass #auth required pam_deny.so #account sufficient pam_unix.so #account sufficient pam_ldap.so The outcommented stuff is because I don't have the cyrus admin user in Ldap; that's a Linux user. That works fine when uncommented, but I still need to play around with that a little and first I wanna get imap working. Finally nsswitch: [root@testserv ~]# cat /etc/nsswitch.conf # # /etc/nsswitch.conf # # An example Name Service Switch config file. This file should be # sorted with the most-used services at the beginning. # # The entry '[NOTFOUND=return]' means that the search for an # entry should stop if the search in the previous entry turned # up nothing. Note that if the search failed due to some other reason # (like no NIS server responding) then the search continues with the # next entry. # # Legal entries are: # # nisplus or nis+ Use NIS+ (NIS version 3) # nis or yp Use NIS (NIS version 2), also called YP # dns Use DNS (Domain Name Service) # files Use the local files # db Use the local database (.db) files # compat Use NIS on compat mode # hesiod Use Hesiod for user lookups # [NOTFOUND=return] Stop searching if not found so far # # To use db, put the "db" in front of "files" for entries you want to be # looked up first in the databases # # Example: #passwd: db files nisplus nis #shadow: db files nisplus nis #group: db files nisplus nis passwd: compat ldap group: compat ldap shadow: compat ldap hosts: files dns bootparams: nisplus [NOTFOUND=return] files ethers: files netmasks: files networks: files protocols: files rpc: files services: files netgroup: nisplus publickey: nisplus automount: files nisplus aliases: files nisplus Any info where to start looking will be greatly appreciated! Thnx in advance

    Read the article

  • Low-cost, Flexible Log Aggregation [closed]

    - by Dan McClain
    I'm starting to have quite the collection of Ubuntu VMs that I must manage. I'm starting to investigate Puppet for managing the configuration of all of them, and apticron to let me know what's out of date. But the issue I feel I should deal with sooner than later is log aggregation. I'd like to stay in the free/open source realm for now, seeing that we don't have much budget for something like splunk yet. In addition to syslog, I would like to collect application specific logs (We are running different apps on different machines, from nginx+passenger for rails, to Apache+Tomcat for java, to PHP for expression engine, and mysql/postgresql database server), so that we can analyze the relavent data. For now, I'm just looking to get all the logs one place.

    Read the article

  • Credentials can not be delegated - Alfresco Share

    - by leftcase
    I've hit a brick wall configuring Alfresco 4.0.d on Redhat 6. I'm using Kerberos authentication, it seems to be working normally, and single sign on is working on the main alfresco app itself. I've been through the configuration steps to get the share app working, but try as I may, I keep getting this error in catalina.out each time a browser accesses http://server:8080/share along with a 'Windows Security' password box. WARN [site.servlet.KerberosSessionSetupPrivilegedAction] credentials can not be delegated! Here's what I've done so far: Using AD users and computers, selected the alfrescohttp account, and selected 'trust this user for delegation to any service (Kerberos only). Copied /opt/alfresco-4.0.d/tomcat/shared/classes/alfresco/web-extension/share-config-custom.xml.sample to share-config-custom.xml and edited like this: <config evaluator="string-compare" condition="Kerberos" replace="true"> <kerberos> <password>*****</password> <realm>MYDOMAIN.CO.UK</realm> <endpoint-spn>HTTP/[email protected]</endpoint-spn> <config-entry>ShareHTTP</config-entry> </kerberos> </config> <config evaluator="string-compare" condition="Remote"> <remote> <keystore> <path>alfresco/web-extension/alfresco-system.p12</path> <type>pkcs12</type> <password>alfresco-system</password> </keystore> <connector> <id>alfrescoCookie</id> <name>Alfresco Connector</name> <description>Connects to an Alfresco instance using cookie-based authentication</description> <class>org.springframework.extensions.webscripts.connector.AlfrescoConnector</class> </connector> <endpoint> <id>alfresco</id> <name>Alfresco - user access</name> <description>Access to Alfresco Repository WebScripts that require user authentication</description> <connector-id>alfrescoCookie</connector-id> <endpoint-url>http://localhost:8080/alfresco/wcs</endpoint-url> <identity>user</identity> <external-auth>true</external-auth> </endpoint> </remote> </config> Setup the /etc/krb5.conf file like this: [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = MYDOMAIN.CO.UK default_tkt_enctypes = rc4-hmac default_tgs_enctypes = rc4-hmac forwardable = true proxiable = true [realms] MYDOMAIN.CO.UK = { kdc = mydc.mydomain.co.uk admin_server = mydc.mydomain.co.uk } [domain_realm] .mydc.mydomain.co.uk = MYDOMAIN.CO.UK mydc.mydomain.co.uk = MYDOMAIN.CO.UK /opt/alfresco-4.0.d/java/jre/lib/security/java.login.config is configured like this: Alfresco { com.sun.security.auth.module.Krb5LoginModule sufficient; }; AlfrescoCIFS { com.sun.security.auth.module.Krb5LoginModule required storeKey=true useKeyTab=true keyTab="/etc/alfrescocifs.keytab" principal="cifs/server.mydomain.co.uk"; }; AlfrescoHTTP { com.sun.security.auth.module.Krb5LoginModule required storeKey=true useKeyTab=true keyTab="/etc/alfrescohttp.keytab" principal="HTTP/server.mydomain.co.uk"; }; com.sun.net.ssl.client { com.sun.security.auth.module.Krb5LoginModule sufficient; }; other { com.sun.security.auth.module.Krb5LoginModule sufficient; }; ShareHTTP { com.sun.security.auth.module.Krb5LoginModule required storeKey=true useKeyTab=true keyTab="/etc/alfrescohttp.keytab" principal="HTTP/server.mydomain.co.uk"; }; And finally, the following settings in alfresco-global.conf authentication.chain=kerberos1:kerberos,alfrescoNtlm1:alfrescoNtlm kerberos.authentication.real=MYDOMAIN.CO.UK kerberos.authentication.user.configEntryName=Alfresco kerberos.authentication.cifs.configEntryName=AlfrescoCIFS kerberos.authentication.http.configEntryName=AlfrescoHTTP kerberos.authentication.cifs.password=****** kerberos.authentication.http.password=***** kerberos.authentication.defaultAdministratorUserNames=administrator ntlm.authentication.sso.enabled=true As I say, I've hit a brick wall with this and I'd really appreciate any help you can give me! This question is also posted on the Alfresco forum, but I wondered if any folk here on serverfault have come across similar implementation challenges?

    Read the article

  • How to manage groups and users in Jenkins

    - by Michael
    I'm trying to use role based security plugin in Jenkins, but i'm not sue i am using it right. I've decided to go with jenkin's own user database as a security realm instead of LDAP. i'm adding the users one by one. Now in the Assign Roles screen, i have global roles like administrator, read only etc... and i have project specific roles like prod_a_developer, prod_b_developer... For each user, do i have to both assign one of the global roles for him and also assign a specific project role ? Also, how do i assign a user to a group ? instead of assigning each user a global role i want to assign a group a global role. not so trivial, Can someone please help me ? Thanks.

    Read the article

  • Oracle IRM video demonstration of seperating duties of document security

    - by Simon Thorpe
    One thing an Information Rights Management technology should do well is separate out three main areas of responsibility.The business process of defining and controlling the classifications to which content is secured and the definition of the roles employees, customers, partners and contractors have when accessing secured content. Allow IT to manage the server and perform the role of authorizing the creation of new classifications to meet business needs but yet once the classification has been created and handed off to the business, IT no longer plays a role on the ongoing management. Empower the business to take ownership of classifications to which their own content is secured. For example an employee who is leading an acquisition project should be responsible for defining who has access to confidential project documents. This person should be able to manage the rights users have in the classification and also be the point of contact for those wishing to gain rights. Oracle IRM has since it's creation in the late 1990's had this core model at the heart of its design. Due in part to the important seperation of rights from the documents themselves, Oracle IRM places the right functionality within the right parts of the business. For example some IRM technologies allow the end user to make decisions about what users can print, edit or save a secured document. This in practice results in a wide variety of content secured with a plethora of options that don't conform to any policy. With Oracle IRM users choose from a list of classifications to which they have been given the ability to secure information against. Their role in the classification was given to them by the business owner of the classification, yet the definition of the role resides within the realm of corporate security who own the overall business classification policies. It is this type of design and philosophy in Oracle IRM that makes it an enterprise solution that works beyond a few users and a few secured documents to hundreds of thousands of users and millions of documents. This following video shows how Oracle IRM 11g, the market leading document security solution, lets the security organization manage and create classifications whilst the business owns and manages them. If you want to experience using Oracle IRM secured content and the effects of different roles users have, why not sign up for our free demonstration.

    Read the article

  • IOUG Webcast Series on Identity Management

    - by Tanu Sood
    Identity Management for Business Empowerment Identity Management has gone from the realm of IT tools to being a business solution. Security and Identity Management offer confidence in doing secure and compliant business. But more than that, Identity Management today contributes to business growth with secure social, cloud, mobile and internal & external ecosystem enablement. Cloud computing has heightened the interest in user access security, mobile computing brings access to information beyond the enterprise and a bring your own device culture in-house, social media has added a new dimension to user identity and increasing security compliance pressure has made organizations rethink their roles and entitlements strategy. To discuss the industry trends, maturity and framework for security, compliance and business empowerment with identity management, Oracle is proud to collaborate with IOUG to launch a series of live webcasts. Covering a span of topics from identity platform to entitlements managements, privilege access management and cloud, mobile and social security, these webcasts will provide direct access to subject matter experts and technology specialists. Hear first-hand about best practices, a pragmatic approach to security implementation, customer success stories and more. Register today for the individual webcasts or the series. And just a reminder that the conversation starts at COLLABORATE 12 in Las Vegas from April 22nd – 26th. In addition to our conference sessions, as an added value this year, we are offering a half-day deep dive session on Oracle Identity Management: Building a Security and Compliance Framework for Oracle Systems. The session is scheduled for Sunday, April 22nd from 9 am to 3 pm and will cover relevant topics such as: • A Primer on Identity Management • Security and Compliance with Oracle Identity Management • Security for Oracle Applications, Fusion Applications• Managing Identities in The Cloud and Mobile World • Best Practices: Building an Identity Roadmap and Getting Started To get a head start on your compliance and security program, pre-register for this session today.

    Read the article

  • Rails/Node.js interaction

    - by lpvn
    I and my co-worker are developing a web application with rails and node.js and we can't reach a consensus regarding a particular architectural decision. Our setup is basically a rails server working with node.js and redis, when a client makes a http request to our rails API in some cases our rails application posts the response to a redis database and then node.js transmits the response via websocket. Our disagreement occurs in the following point: my co-worker thinks that using node.js to send data to clients is somewhat business logic and should be inside the model, so in the first code he wrote he used commands of broadcast in callbacks and other places of the model, he's convinced that the models are the best place for the interaction between rails and node. I on the other hand think that using node.js belongs to the runtime realm, my take is that the broadcast commands and other node.js interactions should be in the controller and should only be used in a model if passed through a well defined interface, just like the situation when a model needs to access the current user of a session. At this point we're tired of arguing over this same thing and our discussion consists in us repeating to ourselves our same opinions over and over. Could anyone, preferably with experience in the same setup, give us an unambiguous response saying which solution is more adequate and why it is?

    Read the article

  • Subversion problem, repo has moved

    - by Rudiger
    Hi, I've set up subversion on a CentOS fresh install. Web view works fine and gives no errors and requests password but when I try and access it through svn client (xcode) it gives the error 175011 (Repository has been moved). I've tried some of the solutions out there but no success. My subversion.conf: <Location /repos> DAV svn SVNParentPath /var/www/html/repos # Limit write permission to list of valid users. # Require SSL connection for password protection. SSLRequireSSL AuthType Basic AuthName "Authorization Realm" AuthUserFile /etc/svn-auth-conf Require valid-user </Location> My Apache DocumentRoot: /var/www/html I've only set up one svn repository so far so there shouldn't be any conflicts there. If you need any more info let me know. Thanks

    Read the article

  • Password Management for Oracle WebLogic customers

    - by Anthony Shorten
    One of the most common requests for enhancements I get across my desk is that customers wish to allow end users to change their passwords from our products. Now, typically password management is not in the realm of individual applications but it is an infrastructure requirement, so we don't usually add this to our roadmaps by default. The issue is that with the vast range of security stores that can be used with our product line across the Web Application Servers we support, it is almost impossible to come up with a generic enough API to work across them. If you have a specific security store on a specific Web Application Server platform then there are simpler solutions. There are a number of ways of implementing this without providing functionality specific functionality: Oracle sells Identity Management software that offers common API's to manage passwords. You can purchase those products and link to the password change dialog in those products using Navigation Keys. If you are a customer using Oracle WebLogic, then there is a sample JSP's that can be linked to provide this functionality under Oracle TechNet (registration required) under Code Samples (project S20). These can be added as a Navigation Key to complete the functionality. This will allow end users to manage their own passwords. Obviously these are all samples and should be treated as customizations when you implement them. If you wish to understand Navigation Keys, then look at the Oracle Utilities Application Framework Integration Guidelines (Doc Id: 789060.1) available from My Oracle Support.

    Read the article

  • What are the boundaries between the responsibilities of a web designer and a web developer?

    - by Beofett
    I have been hired to do functional development for several web site redesigns. The company I work for has a relatively low technical level, and the previous development of the web sites were completed by a graphic designer who is self taught as far as web development is concerned. My responsibilities have extended beyond basic development, as I have been also tasked with creating the development environment, and migrating hosting from external CMS hosting to internal servers incorporating scripting languages (I opted for PHP/MySQL). I am working with the graphic designer, and he is responsible for the creative design of the web. We are running into a bit of friction over confusion between the boundaries of our respective tasks. For example, we had some differences of opinion on navigation. I was primarily concerned with ease-of-use (the majority of our userbase are not particularly web-savvy), as well as meeting W3 WAI standards (many of our users are older, and we have a higher than average proportion of users with visual impairment). His sole concern was what looked best for the website, and I felt that the direction he was pushing for caused some functional problems. I feel color choices, images, fonts, etc. are clearly his responsibility, and my expectation was that he would simply provide me with the CSS pages and style classes and IDs to use, but some elements of page layout also seem to fall more under the realm of "usability", which to me translates as near-synonymous with "functionality". I've been tasked with selecting the tools we'll use, which include frameworks, scripting languages, database design, and some open source applications (Moodle for example, and quite probably Drupal in the future). While these tools are quite customizable, working directly with some of the interfaces is beyond his familiarity with CSS, HTML, and PHP. This limits how much direct control he has over the appearance, which has lead to some discussion about the tool choices. Is there a generally accepted dividing line between the roles of a web designer and a web developer? Does his relatively inexperienced background in web technologies influence that dividing line?

    Read the article

  • "svn: Cannot negotiate authentication mechanism" for OSX CLI and WinXp TortoiseSVN, but linux CLI works

    - by dacracot
    I had a working subversion server which used the passwd file which stores passwords in clear text. My requirements changed so that passwords now need to be encrypted. I did everything according to the book to use SASL, or so I believe, but now only the linux command line can authenticate. My OSX users, which also use command line, and my WinXp users, which use TortoiseSVN get errors. Linux versions are 1.6.11. OSX versions are 1.6.17. And TortoiseSVN versions are 1.7.4. /opt/subversion/QRpage/conf/svnserve.conf: [general] anon-access = none auth-access = write realm = ABC [sasl] use-sasl = true min-encryption = 128 max-encryption = 256 /etc/sasl2/svn.conf: pwcheck_method: auxprop auxprop_plugin: sasldb sasldb_path: /etc/sasldb2 mech_list: DIGEST-MD5 Then I add new users via: saslpasswd2 -c -f /etc/sasldb2 -u ABC dacracot But for instance OSX users get this error trying to check out: $ svn co svn://svn.nowhere.org/QRpage svn: Cannot negotiate authentication mechanism

    Read the article

  • Mac OSX Server: svn via ssh command line and encrypted passwords.

    - by Ben Clayton
    Hi all. When I log into our mac mini server running OSX 10.6 via ssh and use svn I get the message: ATTENTION! Your password for authentication realm: can only be stored to disk unencrypted! You are advised to configure your system so that Subversion can store passwords encrypted, if possible. See the documentation for details. You can avoid future appearances of this warning by setting the value of the 'store-plaintext-passwords' option to either 'yes' or 'no' in '/Users/xxxxxxxx/.subversion/servers'. I dont' want to store the password unencrypted though. I've found some details on how to use GNOME keychain in linux to sort this, but nothing on how to use macosx's keychain. Anyone got any ideas? Thanks a lot!

    Read the article

  • squid3 auth thru samba using ntlm to AD doesn't work

    - by derty
    some users here are spending to much time exploring the WWW. So big boss whats to get this under control. We use a squid3 just for some security reason and chace benefits. and now i'm trying to set up a new proxy on a different server (Debian 6) Permissions are defined in AC and the squid3 should get the auth thru samba/winbind by using the ntlm protocol. but i'll get all the time Access, denited. it only works by using LDAP but thats not the way i need it. here some log and confs squid access.log 1326878095.784 1 192.168.15.27 TCP_DENIED/407 4049 GET http://at.msn.com/? -NONE/- text/html 1326878095.791 1 192.168.15.27 TCP_DENIED/407 4294 GET http://at.msn.com/? - NONE/- text/html 1326878095.803 9 192.168.15.27 TCP_DENIED/403 4028 GET http://at.msn.com/? kavan NONE/- text/html 1326878095.848 0 192.168.15.27 TCP_DENIED/403 3881 GET http://www.squid-cache.org/Artwork/SN.png kavan NONE/- text/html 1326878100.279 0 192.168.15.27 TCP_DENIED/403 3735 GET http://www.google.at/ kavan NONE/- text/html 1326878100.296 0 192.168.15.27 TCP_DENIED/403 3870 GET http://www.squid-cache.org/Artwork/SN.png kavan NONE/- text/html 1326878155.700 0 192.168.15.27 TCP_DENIED/407 4072 GET http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml - NONE/- text/html 1326878155.705 2 192.168.15.27 TCP_DENIED/407 4317 GET http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml - NONE/- text/html 1326878155.709 3 192.168.15.27 TCP_DENIED/403 4026 GET http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml kavan NONE/- text/html squid chace 2012/01/18 10:12:49| Creating Swap Directories 2012/01/18 10:12:49| Starting Squid Cache version 3.1.6 for x86_64-pc-linux-gnu... 2012/01/18 10:12:49| Process ID 17236 2012/01/18 10:12:49| With 65535 file descriptors available 2012/01/18 10:12:49| Initializing IP Cache... 2012/01/18 10:12:49| DNS Socket created at [::], FD 7 2012/01/18 10:12:49| DNS Socket created at 0.0.0.0, FD 8 2012/01/18 10:12:49| Adding nameserver 192.168.15.2 from /etc/resolv.conf 2012/01/18 10:12:49| Adding nameserver 192.168.15.19 from /etc/resolv.conf 2012/01/18 10:12:49| Adding nameserver 192.168.15.1 from /etc/resolv.conf 2012/01/18 10:12:49| Adding domain schoenbrunn.local from /etc/resolv.conf 2012/01/18 10:12:49| helperOpenServers: Starting 5/5 'squid_ldap_auth' processes 2012/01/18 10:12:49| helperOpenServers: Starting 10/10 'ntlm_auth' processes 2012/01/18 10:12:49| helperOpenServers: Starting 10/10 'squid_kerb_auth' processes 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| helperOpenServers: Starting 5/5 'squid_ldap_group' processes 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| squid_kerb_auth: INFO: Starting version 1.0.5 2012/01/18 10:12:49| Unlinkd pipe opened on FD 73 2012/01/18 10:12:49| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec 2012/01/18 10:12:49| Store logging disabled 2012/01/18 10:12:49| Swap maxSize 0 + 262144 KB, estimated 20164 objects 2012/01/18 10:12:49| Target number of buckets: 1008 2012/01/18 10:12:49| Using 8192 Store buckets 2012/01/18 10:12:49| Max Mem size: 262144 KB 2012/01/18 10:12:49| Max Swap size: 0 KB 2012/01/18 10:12:49| Using Least Load store dir selection 2012/01/18 10:12:49| Set Current Directory to /var/spool/squid3 2012/01/18 10:12:49| Loaded Icons. 2012/01/18 10:12:49| Accepting HTTP connections at [::]:3128, FD 74. 2012/01/18 10:12:49| HTCP Disabled. 2012/01/18 10:12:49| Squid modules loaded: 0 2012/01/18 10:12:49| Adaptation support is off. 2012/01/18 10:12:49| Ready to serve requests. 2012/01/18 10:12:50| storeLateRelease: released 0 objects smb.conf # Domain Authntication Settings workgroup = <WORKGROUP> security = ads password server = <DOMAINNAME>.LOCAL realm = <DOMAINNAME>.LOCAL ldap ssl = no # logging log level = 5 max log size = 50 # logs split per machine log file = /var/log/samba/%m.log # max 50KB per log file, then rotate ; max log size = 50 # User settings username map = /etc/samba/smbusers idmap uid = 10000-20000000 idmap gid = 10000-20000000 idmap backend = ad ; template primary group = <ad group> template shell = /sbin/nologin # Winbind Settings winbind separator = + winbind enum users = Yes winbind enum groups = Yes winbind netsted groups = Yes winbind nested groups = Yes winbind cache time = 10 winbind use default domain = Yes #Other Globals unix charset = LOCALE server string = <SERVERNAME> load printers = no printing = cups cups options = raw ; printcap name = /etc/printcap #obtain list of printers automatically on SystemV ; printcap name = lpstat ; printing = cups squid.conf auth_param ntlm program /usr/bin/ntlm_auth --require-membership-of=<DOMAINNAME>\\INTERNETZ --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 10 auth_param basic program /usr/lib/squid3/squid_ldap_auth -R -b "dc=<dcname>,dc=local" -D "cn=administrator,cn=Users,dc=<domainname>,dc=local" -w "******" -f sAMAccountName=%s -h 192.168.15.19:3268 auth_param basic realm "Proxy Authentifizierung. Bitte geben Sie Ihren Benutzername und Ihr Passwort ein!" #means insert you PW in an other language - # external_acl_type InetGroup %LOGIN /usr/lib/squid3/squid_ldap_group -R -b "dc=<domainname>,dc=local" -D "cn=administrator,cn=Users,dc=<domainname>,dc=local" -w "******" -f "(&(objectclass=person)(sAMAccountName=%v) (memberof=cn=%a,cn=internetz,dc=<domainname>,dc=local))" -h 192.168.15.19:3268 auth_param negotiate program /usr/lib/squid3/squid_kerb_auth -d auth_param negotiate children 10 auth_param negotiate keep_alive on acl localnet proxy_auth REQUIRED acl InetAccess external InetGroup Internetz http_access allow InetAccess http_access deny all acl auth proxy_auth REQUIRED http_access allow auth and a very suspicious is that by adding the proxy server to the Domain i see 2 new entries in the PC one with the original computer-name leopoldine and one with leopoldine CNF:f8efa4c4-ff0e-4217-939d-f1523b43464d ?!? I tried a lot, really... but i stuck on this problem... i actually i even reinstalled all dependent programs and reconfigured them from default. Group exists and has me in it. Firefox running on the old proxy and i use IE for testing the new one. But i'll get all the time Access-Denited and to be honest i'm quite a beginner, so please don't be to prude. I'll interested in improving, i'll get the information we need to fix this but i started working 2 month ago and got only 1 1/2 year's training and not a single sec. in linux ;)

    Read the article

  • Setup for mounting kerberized nfs home directory - gssd not finding valid kerberos ticket

    - by janm
    Our home directories are exported via kerberized nfs, so the user needs a valid kerberos ticket to be able to mount its home. This setup works fine with our existing clients & server. Now we want to add some 11.10 client and thus set up ldap & kerberos together with pam_mount. The ldap authentication works and users can login via ssh, however their homes can not be mounted. When pam_mount is configured to mount as root, gssd does not find a valid kerberos ticket and the mount fails. Nov 22 17:34:26 zelda rpc.gssd[929]: handle_gssd_upcall: 'mech=krb5 uid=0 enctypes=18,17,16,23,3,1,2 ' Nov 22 17:34:26 zelda rpc.gssd[929]: handling krb5 upcall (/var/lib/nfs/rpc_pipefs/nfs/clnt2) Nov 22 17:34:26 zelda rpc.gssd[929]: process_krb5_upcall: service is '<null>' Nov 22 17:34:26 zelda rpc.gssd[929]: getting credentials for client with uid 0 for server purple.physcip.uni-stuttgart.de Nov 22 17:34:26 zelda rpc.gssd[929]: CC file '/tmp/krb5cc_65678_Ku2226' being considered, with preferred realm 'PURPLE.PHYSCIP.UNI-STUTTGART.DE' Nov 22 17:34:26 zelda rpc.gssd[929]: CC file '/tmp/krb5cc_65678_Ku2226' owned by 65678, not 0 Nov 22 17:34:26 zelda rpc.gssd[929]: WARNING: Failed to create krb5 context for user with uid 0 for server purple.physcip.uni-stuttgart.de Nov 22 17:34:26 zelda rpc.gssd[929]: doing error downfall When pam_mount is on the other hand configured with the noroot=1 option, then it cannot mount the volume at all. Nov 22 17:33:58 zelda sshd[2226]: pam_krb5(sshd:auth): user phy65678 authenticated as [email protected] Nov 22 17:33:58 zelda sshd[2226]: Accepted password for phy65678 from 129.69.74.20 port 51875 ssh2 Nov 22 17:33:58 zelda sshd[2226]: pam_unix(sshd:session): session opened for user phy65678 by (uid=0) Nov 22 17:33:58 zelda sshd[2226]: pam_mount(mount.c:69): Messages from underlying mount program: Nov 22 17:33:58 zelda sshd[2226]: pam_mount(mount.c:73): mount: only root can do that Nov 22 17:33:58 zelda sshd[2226]: pam_mount(pam_mount.c:521): mount of /Volumes/home/phy65678 failed So how can we allow users of a specific group to perform nfs mounts? If this does not work, can we make pam_mount use root but pass the correct uid?

    Read the article

  • Can't send emails through sendmail, error occured

    - by skomak
    Hi, I have sendmail MTA and i use pear:Mail class to send mails through remote sendmail server. Everything was fine till yesterday. Probably nothing changes was made in configs. At maillog i can see: May 6 12:58:55 xxx sendmail[25903]: STARTTLS=server, relay=hostxxxx.static.xx.xx.pl [85.x.x.x], version=TLSv1/SSLv3, verify=NO, cipher=DHE-RSA-AES256-SHA, bits=256/256 May 6 12:58:56 xxx sendmail[25903]: o46AwtqE025903: hostxxxx.static.xx.xx.pl [85.x.x.x] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA2 and in /var/log/messages: May 6 13:00:17 lilia sendmail[27193]: realm changed: authentication aborted I use ldap to authenticate users but i used the same script to check mailing on another server and it works there good, only this server behave weird. Packets are deliverd to sendmail server i can see it in tcpdump, but there is smaller packets than on other server which sends emails. Could you tell me how can i check what is wrong with that? D.S.

    Read the article

  • As an indie game dev, what processes are the best for soliciting feedback on my design/spec/idea? [closed]

    - by Jess Telford
    Background I have worked in a professional environment where the process usually goes like the following: Brain storm idea Solidify the game mechanics / design Iterate on design/idea to create a more solid experience Spec out the details of the design/idea Build it Step 3. is generally done with the stakeholders of the game (developers, designers, investors, publishers, etc) to reach an 'agreement' which meets the goals of all involved. Due to this process involving a series of often opposing and unique view points, creative solutions can surface through discussion / iteration. This is backed up by a process for collating the changes / new ideas, as well as structured time for discussion. As a (now) indie developer, I have to play the role of all the stakeholders (developers, designers, investors, publishers, etc), and often find myself too close to the idea / design to do more than minor changes, which I feel to be local maxima when it comes to the best result (I'm looking for the global maxima, of course). I have read that ideas / game designs / unique mechanics are merely multipliers of execution, and that keeping them secret is just silly. In sharing the idea with others outside the realm of my own thinking, I hope to replicate the influence other stakeholders have. I am struggling with the collation of changes / new ideas, and any kind of structured method of receiving feedback. My question: As an indie game developer, how and where can I share my ideas/designs to receive meaningful / constructive feedback? How can I successfully collate the feedback into a new iteration of the design? Are there any specialized websites, etc?

    Read the article

  • How to resolve "HTTP/1.1 403 Forbidden" errors from iCal/CalDAV server after upgrade to Snow Leopard Server?

    - by morgant
    We recently upgraded our Open Directory Master & Replica to Mac OS X 10.6.4 Snow Leopard Server. We had a mismatched server FQDN & LDAP Search Base/Kerberos Realm, so we exported all users & groups, created the new Open Directory Master w/matching FQDN & Search Base/Realm, reimported users & groups, and re-bound all servers & workstations to the new OD Master. At the same time as all of this, we upgraded our iCal/CalDAV server to Mac OS X 10.6.4 Snow Leopard Server. Ever since doing so, we've seen the following issues with our iCal/CalDAV server and iCal clients on both Mac OS X 10.5 Leopard & Mac OS X 10.6: If a user attempts to move or delete an event (single or repeating) that was created prior to the upgrade to 10.6 Server, they get the following error: Access to "blah" in "blah" in account "blah" is not permitted. The server responded: "HTTP/1.1 403 Forbidden" to operation CalDAVWriteEntityQueueableOperation. New users added to the directory get the following error when attempting to add their account to in iCal's preferences: The user "blah" has no configured pricipals. Confirm with your network administrator that your account has at least one CalDAV principal configured. Interestingly, we've since discovered that users seem to be able to delete individual events from an old repeating event without error, but that's a massive amount of work to get rid of a repeating event. I will note that we have not yet added an SRV record in DNS as instructed on page 19 of iCal_Server_Admin_v10.6.pdf. Further Investigation: In this particular case, a user is attempting to decline repeating events created prior to the upgrade to Snow Leopard Server. Granting the user full write access with sudo calendarserver_manage_principals --add-write-proxy users:user1 users:user2 (which did work) doesn't allow deletion of the events. Still get the usual error: Access to "blah blah" in "blah blah" in account "blah blah" is not permitted. The server responded: "HTTP/1.1 403 Forbidden" to operation CalDAVWriteEntityQueueableOperation. The error that shows up in /var/log/caldavd/error.log on the iCal Server when attempting to delete one of the events is: 2011-03-17 15:14:30-0400 [-] [caldav-8009] [PooledMemCacheProtocol,client] [twistedcaldav.extensions#info] PUT /calendars/__uids__/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/calendar/XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX.ics HTTP/1.1 2011-03-17 15:14:30-0400 [-] [caldav-8009] [PooledMemCacheProtocol,client] [twistedcaldav.scheduling.implicit#error] Cannot change ORGANIZER: UID:XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX And the error in /var/log/system.log on the client is: Mar 17 15:14:30 192-168-21-169-dhcp iCal[33509]: CalDAV CalDAVWriteEntityQueueableOperation failed: status 'HTTP/1.1 403 Forbidden' request:\n\nBEGIN:VCALENDAR^M\nVERSION:2.0^M\nPRODID:-//Apple Inc.//iCal 3.0//EN^M\nCALSCALE:GREGORIAN^M\nBEGIN:VTIMEZONE^M\nTZID:US/Eastern^M\nBEGIN:DAYLIGHT^M\nTZOFFSETFROM:-0500^M\nTZOFFSETTO:-0400^M\nDTSTART:20070311T020000^M\nRRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=2SU^M\nTZNAME:EDT^M\nEND:DAYLIGHT^M\nBEGIN:STANDARD^M\nTZOFFSETFROM:-0400^M\nTZOFFSETTO:-0500^M\nDTSTART:20071104T020000^M\nRRULE:FREQ=YEARLY;BYMONTH=11;BYDAY=1SU^M\nTZNAME:EST^M\nEND:STANDARD^M\nEND:VTIMEZONE^M\nBEGIN:VEVENT^M\nSEQUENCE:5^M\nDTSTART;TZID=US/Eastern:20090117T094500^M\nDTSTAMP:20081227T143043Z^M\nSUMMARY:blah blah^M\nATTENDEE;CN="First Last";CUTYPE=INDIVIDUAL;ROLE=REQ-PARTICIPANT:urn:uuid^M\n :XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX^M\nATTENDEE;CN="First Last";CUTYPE=INDIVIDUAL;PARTSTAT=ACCEPTED:mailto:user@d^M\n omain.tld^M\nEXDATE;TZID=US/Eastern:20110319T094500^M\nDTEND;TZID=US/Eastern:20090117T183000^M\nRRULE:FREQ=WEEKLY;INTERVAL=1^M\nTRANSP:OPAQUE^M\nUID:XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX^M\nORGANIZER;CN="First Last":mailto:[email protected]^M\nX-WR-ITIPSTATUSML:UNCLEAN^M\nCREATED:20110317T191348Z^M\nEND:VEVENT^M\nEND:VCALENDAR^M\n\n\n... response:\nHTTP/1.1 403 Forbidden^M\nDate: Thu, 17 Mar 2011 19:14:30 GMT^M\nDav: 1, access-control, calendar-access, calendar-schedule, calendar-auto-schedule, calendar-availability, inbox-availability, calendar-proxy, calendarserver-private-events, calendarserver-private-comments, calendarserver-principal-property-search^M\nContent-Type: text/xml^M\nContent-Length: 134^M\nServer: Twisted/8.2.0 TwistedWeb/8.2.0 TwistedCalDAV/2.5 (iCal Server v12.56.21)^M\n^M\n<?xml version='1.0' encoding='UTF-8'?><error xmlns='DAV:'>^M\n <valid-attendee-change xmlns='urn:ietf:params:xml:ns:caldav'/>^M\n</error> One thing I have noticed, and I'm not sure if this has any real effect is that in many of these pre-Snow Leopard Server migration events, the ORGANIZER is specified like the following: ORGANIZER;CN=First Last:mailto:[email protected] But newer ones are more like one of the two following: ORGANIZER;CN=First Last;[email protected];SCHEDULE-STATUS=1 ORGANIZER;CN=First Last;[email protected]:urn:uuid:XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX iCal_Server_Admin_v10.6.pdf notes that the ".db.sqlite" files are completely disposable, they're merely a performance cache and are re-built on the fly, so are safe to delete. I did delete the one for the organizer's calendars and it took longer to process the attempted event delete while it rebuilt the database, but still errored out in the end. FWIW the error is thrown by this code: https://trac.calendarserver.org/browser/CalendarServer/trunk/twistedcaldav/scheduling/implicit.py Any further suggestions? I see lots of questions about this in my Google searches, but not solutions and this is a widespread problem on our iCal Server. Now, we mostly try to get users to ignore them (hence the amount of time this question has been open), but every now and then I dig in deeper trying to find the culprit and/or solution.

    Read the article

  • How to automate kinit process to obtain TGT for Kerberos?

    - by tore-
    I'm currently writing a puppet module to automate the process of joining RHEL servers to an AD domain, with support for Kerberos. Currently I have problems with automatically obtain and cache Kerberos ticket-granting ticket via 'kinit'. If this were to be done manually, I would do this: kinit [email protected] This prompts for the AD user password, hence there is a problem with automate this. How can i automate this? I've found some posts mentioning using kadmin to create a database with the ad users password in it, but I've had no luck. Thanks for input

    Read the article

  • CentOS 6.5 SVN https - Unknown DAV provider: svn

    - by Programster
    I am trying to setup a CentOS 6.5 64bit server with SVN over HTTPS. Unfortunately after configuring the /etc/httpd/conf.d/subversion.conf file as follows (changed paths): <Location /repos> DAV svn SVNParentPath /path/to/svn/repos # Limit write permission to list of valid users <LimitExcept GET PROPFIND OPTIONS REPORT> # Require SSL connection for password protection SSLRequireSSL AuthType Basic AuthName "Authorization Realm" AuthUserFile /path/to/passwdfile Require valid-user </LimitExcept> </Location> I get the following error message when restarting http: Starting httpd: Syntax error on line 3 of /etc/httpd/conf.d/subversion.conf: Unknown DAV provider: svn I have triple checked that I have the mod_dav_svn package already installed: Package mod_dav_svn-1.6.11-10.el6_5.x86_64 already installed and latest version Is my config wrong or are there other packages I need to set up?

    Read the article

  • Simple issue tracker for 1-2 developers

    - by devoured elysium
    (I'm not sure whether this pertains to the realm of programmers@se or so@se) I'm currently working mostly alone on a project (in Java). I'm mostly alone as I have an advisor that gives me high level instructions on what to do, and will seldom make any code contribution. She will code in a couple of acceptance tests from time to time, though. I've never used an Issue Tracker before, and was thinking about starting to use one now, as I'd like to have a place where I can log possible bugs I find and keep track of them in a centralized manner. Would it be possible to integrate the issue tracker with Eclipse, better yet. So here are the constraints: It's NOT a open-source project. Our code is not to be shared with anyone! we are and will be using Subversion; we have our own Subversion server and we will keep using this same Subversion server; it must be free; it must allow at least 2 users. What is your advice on what to pick? I'm looking for the simplest solution available!

    Read the article

  • Computer science curriculum for non-CS major?

    - by Daniel
    Hi all, I would like to have some ideas for building up my foundation CS skills. I have started programming computers 10 years ago and have made a pretty good career out of it. However, I cannot stop thinking that the path that brought me here was very particular, and if something goes wrong (e.g. I get laid off) it would be harder to find a job here in the US on the same salary level, OR in a top company. The reason I say that is that I am a self-learner; my degree is not in Computer Science so although I master C/C++/Java, I do not have the formal CS and mathematical background that many other software developers (esp. here in the US) have. When I look at job interview questions from Apple, Google, Amazon, I have the impression that I'd flunk those technical interviews at some point. Don't get me wrong, I know my algorithms and data structures, but when things dive too deeply into the CS realm I am in trouble. What can I do to close the gap? I was thinking about a MSc in CS, but will I even UNDERSTAND what's going on there if I'm not a CS undergrad? Should I go back to basics and get a BSc in CS instead? I always tend to go into self-study mode when I want to learn new stuff, but I have the impression that I will need more formal education in CS if I want to have a shot at working at those kinds of companies. Thank you!

    Read the article

< Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >