Search Results

Search found 3366 results on 135 pages for 'openvpn auth ldap'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 80/135 | < Previous Page | 76 77 78 79 80 81 82 83 84 85 86 87  | Next Page >

  • How to get rid of Gmail's on "behalf of" using postfix

    - by user2815
    I'm using the default configuration of postfix on Ubuntu 9.04, and I've been trying to configure Gmail to send email through my server. I'm looking for a simple configuration for 10-15 users (like using a password file), but all the tutorials I have found have been too extensive and seem very enterprise-oriented. I just need to configure postfix with AUTH/TLS that is compatible with gmail.

    Read the article

  • How to secure a directory in Apache using a PHP session

    - by Cogsy
    I have a site that uses PHP session for authentication. There is one directory that I would like to restrict access to that does not use any PHP, it's just full of static content. I just don't know how to restrict access without every request going through a PHP script. Is there some way to have Apache check the session credentials and restrict access like Basic Auth?

    Read the article

  • Is there a way to apply a GPO to all but selective users? (SBS 2008)

    - by CandyCo
    I've created a GPO in SBS 2008 that deploys and updates software. Unfortunately, one of our VPN users lives out in the sticks and has severe latency, so the start up processes and updates time out and take an awfully long time, if they ever complete at all. I'd like to apply this GPO to all auth'd users except for him, without having to create a new custom user group. Any thoughts?

    Read the article

  • Active Directory validate service account and user accounts

    - by Padur
    Hello folks I have an issue here, I guess you all know what is AD service account and why it is used for, if not please see the below description ? SSL-Explorer requires a dedicated Active Directory account to use for authenticating AD users. This account serves as a link to your Active Directory database. If the Service Account is not found on your AD database then the SSL-Explorer service will not start. Well I have Active Directory service account details and user submitted login/password details.In the code below I validated service account by giving MEMBER_GRPUP and adminPassword and I check whether the user exists in Active Directory by submitting samaaccountname but my question here is how do I validate the password submitted for that user? I am not sure how to do this, I appreciate if anybody has any suggestions on this. Thanks for your time. public boolean validateUserFromActiveDirectory(String userId) { final String MEMBER_GROUP = "CN=asdadasd,OU=asdasdasd Accounts,OU=adasdas,OU=asdasdas,DC=asdasdas,DC=asdasdas,DC=adasdasd,DC=asdasdasd"; String employeeNumber = ""; final String LDAP_INIT_CTX = "com.sun.jndi.ldap.LdapCtxFactory"; final String LDAP_URL = "ldap://xx-ssssssss.eee.eee.eeeee.eeeee:636"; final String MY_ATTRS[] = { "employeeNumber" }; String adminPassword = "somepassword"; String securityProtocol = "ssl"; boolean isValidUser = false; try { Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY, LDAP_INIT_CTX); env.put(Context.PROVIDER_URL, LDAP_URL); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.REFERRAL, "follow"); env.put(Context.SECURITY_PRINCIPAL, MEMBER_GROUP); env.put(Context.SECURITY_CREDENTIALS, adminPassword); env.put(Context.SECURITY_PROTOCOL, securityProtocol); //C:\Documents and Settings\yourusername\Local Settings\Temp File tf = File.createTempFile("adentTruststore", ".jks"); tf.deleteOnExit(); byte buffer[] = new byte[0x1000]; ClassLoader cl = JNDI.class.getClassLoader(); InputStream in = cl.getResourceAsStream( "someTruststore.jks"); FileOutputStream out = new FileOutputStream(tf); int cnt; while ((cnt = in.read(buffer)) != -1) out.write(buffer, 0, cnt); in.close(); out.close(); System.setProperty("javax.net.ssl.trustStore", tf .getAbsolutePath()); DirContext context = new InitialLdapContext(env, null); SearchControls searchControls = new SearchControls(); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); NamingEnumeration results = context.search( "XX=ent,XX=abc,XX=aaaaa,XX=aaaa", "(sAMAccountName=" + userId + ")", searchControls); if (results != null && results.hasMore()) { //some logic } } } catch (Exception e) { e.printStackTrace(); } return isValidUser; }

    Read the article

  • Call out to script to stop with attribute in wWWHomePage

    - by Steven Maxon
    I'm gettinga n error message in line 8 when I try to call out the script to stop when it finds teh attribute in the Web page: field in AD. Set objSysInfo = CreateObject("ADSystemInfo") strUserDN = objSysInfo.UserName Set objUser = GetObject("LDAP://" & strUserDN) strwWWHomePage = objItem.Get("wWWHomePage") If wWWHomePage 6 Then wscript.quit Else Set ppt = CreateObject("PowerPoint.Application") ppt.Visible = True ppt.Presentations.Open "\\abngan01\tracking\ppt.pptx" End If

    Read the article

  • Performance of a proposed JEE architecture

    - by kineas
    I have concerns about the performance of the following architecture: j2ee application in an appserver, ejb session bean and DAOs remote (rich) client, a swing app. A classic, form-based client only one stateless ejb, the ejb is accessed via web services, not rmi, through a homegrown framework each web service request will get authenticated against an LDAP no state stored on the server, only client-side sessions I guess working on the rich GUI will involve a remote call in every 2-10 seconds, or more, per user. What do you think?

    Read the article

  • Java force catch RuntimeException?

    - by wuntee
    Is it possible to force java to make you catch RuntimeExceptions? Specifically I am working with the Spring framework and the whole Exception hierarchy is based upon RuntimeExceptions. A lot of the times I forget to try and catch the Exceptions. A specific example is when doing an LDAP query, or an SQL call.

    Read the article

  • SSH Advanced Logging

    - by Radek Šimko
    I've installed OpenSUSE on my server and want to set ssh to log every command, which is send to system over it. I've found this in my sshd_config: # Logging # obsoletes QuietMode and FascistLogging #SyslogFacility AUTH #LogLevel INFO I guess that both of those directives has to be uncommented, but I'd like to log every command, not only authorization (login/logout via SSH). I just want to know, if someone breaks into my system, what did he do.

    Read the article

  • CNAME to another domain fails on some office networks, why?

    - by crashalpha
    Our domain "aspenfasteners.com" is hosted by Volusion. We have CNAME records "find" and "search" which point to site indexing accounts on www.picosearch.com. These addresses fail on SOME private office networks which have their own DNS. We suspect the problem comes from Volusion's own name servers, n2.volusion.com and n3.volusion.com. Volusion support on problems this technical is non-existant. We have tried an NSLOOKUP on find.aspenfasteners.com with level 2 debugging info, and we got the results below. Is it possible that the local DNS is recursing to Volusion's name servers, and that while Volusion DOES return the canonical name, they do NOT resolve the address? Can anybody with expertise in this sort of stuff PLEASE look at the NSLOOKUP below and tell me if we are right, because Volusion is giving me absolutely NO support on this topic. I need proof of where the problem lies. Thanks VERY much! Carlo find.aspenfasteners.com Server: mtl-srm-dbsv-01.fastenerwholesale.com Address: 192.168.0.44 SendRequest(), len 61 HEADER: opcode = QUERY, id = 8, rcode = NOERROR header flags: query, want recursion questions = 1, answers = 0, authority records = 0, additional = 0 QUESTIONS: find.aspenfasteners.com.fastenerwholesale.com, type = A, class = IN ------------ Got answer (138 bytes): HEADER: opcode = QUERY, id = 8, rcode = NXDOMAIN header flags: response, auth. answer, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0 QUESTIONS: find.aspenfasteners.com.fastenerwholesale.com, type = A, class = IN AUTHORITY RECORDS: -> fastenerwholesale.com type = SOA, class = IN, dlen = 46 ttl = 3600 (1 hour) primary name server = mtl-srm-dbsv-01.fastenerwholesale.com responsible mail addr = admin.fastenerwholesale.com serial = 10219 refresh = 900 (15 mins) retry = 600 (10 mins) expire = 86400 (1 day) default TTL = 3600 (1 hour) ------------ SendRequest(), len 41 HEADER: opcode = QUERY, id = 9, rcode = NOERROR header flags: query, want recursion questions = 1, answers = 0, authority records = 0, additional = 0 QUESTIONS: find.aspenfasteners.com, type = A, class = IN ------------ Got answer (141 bytes): HEADER: opcode = QUERY, id = 9, rcode = NXDOMAIN header flags: response, auth. answer questions = 1, answers = 1, authority records = 1, additional = 1 QUESTIONS: find.aspenfasteners.com, type = A, class = IN ANSWERS: -> find.aspenfasteners.com type = CNAME, class = IN, dlen = 17 canonical name = www.picosearch.com ttl = 3600 (1 hour) AUTHORITY RECORDS: -> com type = SOA, class = IN, dlen = 43 ttl = 900 (15 mins) primary name server = ns3.volusion.com responsible mail addr = admin.volusion.com serial = 1 refresh = 900 (15 mins) retry = 600 (10 mins) expire = 86400 (1 day) default TTL = 3600 (1 hour) ADDITIONAL RECORDS: -> ns3.volusion.com type = A, class = IN, dlen = 4 internet address = 65.61.137.154 ttl = 900 (15 mins) * mtl-srm-dbsv-01.fastenerwholesale.com can't find find.aspenfasteners.com: Non-existent domain

    Read the article

  • nginx auth_basic errors: user not found and no user/password provided

    - by Jhilke Dai
    I have set auth basic in nginx and blocked other ips like: location / { auth_basic "Restricted Area"; auth_basic_user_file .htpasswd; allow 127.0.0.1; deny all; } I can login using the username/password provided in .htpasswd but the error log in nginx shows errors like: user "memcache" was not found in "/etc/nginx/.htpasswd" no user/password was provided for basic authentication Any suggestion why this occurs and how to get rid of it ?

    Read the article

  • Add user in CentOS 5

    - by Ron
    I created a new user in my CentOS web server with useradd. Added a password with passwd. But I can't log in with the user via SSH. I keep getting 'access denied'. I checked to make sure that the password was assigned and that the account is active. /var/log/secure shows the following error: Aug 13 03:41:40 server1 su: pam_unix(su:auth): authentication failure; logname= uid=500 euid=0 tty=pts/0 ruser=rwade rhost= user=root Please help, Thanks Thanks for the responses so far: I should add that it is a VPS on a remote computer, fresh out of the box. I can log in as the root user quite fine. I can also su to the new user, but I cannot log in as the new user. Here is my sshd_config file: # $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options change a # default value. #Port 22 #Protocol 2,1 Protocol 2 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 1h #ServerKeyBits 768 # Logging # obsoletes QuietMode and FascistLogging #SyslogFacility AUTH SyslogFacility AUTHPRIV #LogLevel INFO # Authentication: #LoginGraceTime 2m #PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 #RSAAuthentication yes #PubkeyAuthentication yes #AuthorizedKeysFile .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #RhostsRSAAuthentication no # similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords no PasswordAuthentication yes # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes ChallengeResponseAuthentication no # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no # GSSAPI options #GSSAPIAuthentication no GSSAPIAuthentication yes #GSSAPICleanupCredentials yes GSSAPICleanupCredentials yes # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication mechanism. # Depending on your PAM configuration, this may bypass the setting of # PasswordAuthentication, PermitEmptyPasswords, and # "PermitRootLogin without-password". If you just want the PAM account and # session checks to run without PAM authentication, then enable this but set # ChallengeResponseAuthentication=no #UsePAM no UsePAM yes # Accept locale-related environment variables AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL #AllowTcpForwarding yes #GatewayPorts no #X11Forwarding no X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes #UseLogin no #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #ShowPatchLevel no #UseDNS yes #PidFile /var/run/sshd.pid #MaxStartups 10 #PermitTunnel no #ChrootDirectory none # no default banner path #Banner /some/path # override default of no subsystems Subsystem sftp /usr/libexec/openssh/sftp-server

    Read the article

  • how to setup OpenSSH per-user authentication types?

    - by Seaweed
    Hi - I'd like to be able to have one set of users authenticating using public key auth and the other set to use username/password. Is this possible in OpenSSH on Linux? If so how do I go about it? Right now, I'm stuck with only having one option as far as I can see in /et/ssh/sshd_config - it's either PAM or PublicKey authentication...

    Read the article

  • Add user in CentOS 5

    - by Ron
    I created a new user in my CentOS web server with useradd. Added a password with passwd. But I can't log in with the user via SSH. I keep getting 'access denied'. I checked to make sure that the password was assigned and that the account is active. /var/log/secure shows the following error: Aug 13 03:41:40 server1 su: pam_unix(su:auth): authentication failure; logname= uid=500 euid=0 tty=pts/0 ruser=rwade rhost= user=root Please help, Thanks Thanks for the responses so far: I should add that it is a VPS on a remote computer, fresh out of the box. I can log in as the root user quite fine. I can also su to the new user, but I cannot log in as the new user. Here is my sshd_config file: # $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options change a # default value. #Port 22 #Protocol 2,1 Protocol 2 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 1h #ServerKeyBits 768 # Logging # obsoletes QuietMode and FascistLogging #SyslogFacility AUTH SyslogFacility AUTHPRIV #LogLevel INFO # Authentication: #LoginGraceTime 2m #PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 #RSAAuthentication yes #PubkeyAuthentication yes #AuthorizedKeysFile .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #RhostsRSAAuthentication no # similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords no PasswordAuthentication yes # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes ChallengeResponseAuthentication no # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no # GSSAPI options #GSSAPIAuthentication no GSSAPIAuthentication yes #GSSAPICleanupCredentials yes GSSAPICleanupCredentials yes # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication mechanism. # Depending on your PAM configuration, this may bypass the setting of # PasswordAuthentication, PermitEmptyPasswords, and # "PermitRootLogin without-password". If you just want the PAM account and # session checks to run without PAM authentication, then enable this but set # ChallengeResponseAuthentication=no #UsePAM no UsePAM yes # Accept locale-related environment variables AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL #AllowTcpForwarding yes #GatewayPorts no #X11Forwarding no X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes #UseLogin no #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #ShowPatchLevel no #UseDNS yes #PidFile /var/run/sshd.pid #MaxStartups 10 #PermitTunnel no #ChrootDirectory none # no default banner path #Banner /some/path # override default of no subsystems Subsystem sftp /usr/libexec/openssh/sftp-server

    Read the article

  • Git: push via ssh to a root owned repository with ssh root logins disabled

    - by anthonysomerset
    is that even possible? Summary, i'm running puppet master on a server and ideally we want root logins via ssh disabled, we want to force all access via sudo if root access required however we have puppet installed using a git repo to manage the manifests, this repo is currently owned by root and currently i only know of 2 solutions (less ideal) allow root access via key auth only - if so, what can i lock it down to to only allow the git push commands? own the repo in /etc/puppet as a different owner - will puppet work reliably with this?

    Read the article

  • Problem remotely managing Exchange Server 2010

    - by Carlos
    I can't connect to the instance of exchange server 2010 through EMC on the local machine running w2k8 r2. I've checked all the default website bindings, the kerberos auth and WSMan are set to native type in powershell and I still get this error message. Connecting to remote server failed with the following error message: The WS-Management service does not support the request. It was running the command 'Discover-ExchangeServer -UseWIA $true -suppresserror $true'

    Read the article

  • Problem installing Exchange Server

    - by Carlos
    I can't connect to the instance of exchange server 2010 through EMC on the local machine running w2k8 r2. I've checked all the default website bindings, the kerberos auth and WSMan are set to native type in powershell and I still get this error message. Connecting to remote server failed with the following error message: The WS-Management service does not support the request. It was running the command 'Discover-ExchangeServer -UseWIA $true -suppresserror $true'

    Read the article

  • Is CSF overkill?

    - by A4J
    My server runs just my own sites (vBulletin forums - which are always patched with security fixes) and Rails sites using the latest version) so do I really need CSF? (http://configserver.com/cp/csf.html) Or is it unnecessary for this kind of server set-up? I have already done the usual (disable SSH login, pub-key auth, very strong passwords everywhere else etc) It was often recommended by users over at the cPanel forums - but I guess most of them are hosts there.

    Read the article

  • Is it okay to use a SSH key with an empty passphrase?

    - by mozillalives
    When I first learned how to make ssh keys, the tutorials I read all stated that a good passphrase should be chosen. But recently, when setting up a daemon process that needs to ssh to another machine, I discovered that the only way (it seems) to have a key that I don't need to auth at every boot is to create a key with an empty passphrase. So my question is, what are the concerns with using a key with no passphrase?

    Read the article

  • .net directoryService returns less result as compared to the CSVDE

    - by kapilg
    I am using .net directoryService to execute an LDAP query and retrieve the users from AD. but when I run the same query using CSVDE tool , i get more no of result as compared to the directorySerrvice. in both the case, i'm using thesame credential to run the application and CSVDE. does any one have any idea if I need to set some flag or any thing while using directoryservice. any pointer will be helpful.

    Read the article

  • pam_tty_audit and non privileged users

    - by Jeff
    I'm working on a cents 6.3 box and am trying to log all commands executed from a bash shell and came across pam_tty_audit. I've added the appropriate line to my /etc/pam.d/system-auth file: "session required pam_tty_audit.so enable=*" The problem is that it does not appear to capture commands unless a user is root. For example, if i ssh in as root it logs everything to the audit log, but if I ssh as a regular user it does not start logging anything until after I have su to root. Any ideas?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 76 77 78 79 80 81 82 83 84 85 86 87  | Next Page >