Search Results

Search found 45505 results on 1821 pages for 'change directory'.

Page 81/1821 | < Previous Page | 77 78 79 80 81 82 83 84 85 86 87 88  | Next Page >

  • deploying AV via GPO only to workstations

    - by jeremy
    We have a small (100 machines) Windows domain running Server 2008R2. We use Symantec Endpoint Protection 12.1 I want to have GPO deploy the AV software to client machines automatically, but only to client workstations, not to servers, which run a different software. I've set it up before using a GPO linked to the domain mycompany.local and it works, but it deploys the AV software to ALL machines on the domain, including my servers. I can create an OU in active directory for Servers, and perhaps create one for client machines too, but I'd rather not have to go and move new domain members from the default under Computers into a different folder. How can I use GPO to deploy this AV software only to workstations on our network, and not to servers?

    Read the article

  • How do you configure ISC Bind to support GSS-TSIG Updates?

    - by netlinxman
    First, has anyone EVER configured ISC bind 9.5.0 OR greater with support for GSS-TSIG Dynamic DNS Updates AND gotten it to work? If so, what is the configuration that was used to make that happen? I feel close to having this working. I see that GSS cred passes w/o apparent error during the TKEY negotiation with an Active Directory DC and the BIND DNS server: client 192.168.0.30#52314: query gss cred: "DNS/[email protected]", GSS_C_ACCEPT, 4294967256 gss-api source name (accept) is [email protected] process_gsstkey(): dns_tsigerror_noerror client 192.168.0.30#52314: send But, when the Update is sent, it is refused: client 192.168.0.30#58330: update client 192.168.0.30#58330: updating zone 'example.com/IN': update failed: rejected by secure update (REFUSED) client 192.168.0.30#58330: send Does anyone have this working in the real world?

    Read the article

  • Can arbitrary email addresses be stored in AD userPrincipalName?

    - by Rob Potter
    I have a web app that is front-ended by ISA, natively authenticating against AD. All users currently log on with sAMAccountName. I would like to allow users to provide a personal email address and be able to authenticate against this instead. From what I understand the AD userPrincipalName is typically used for an internally generated logon name, which by convention, is often their internally generated email address. The web app that I have is web scale (circa 3 million accounts*) and not an internal, corporate app, so the email addresses will be from diverse domains. Can I just set the AD userPrincipalName attribute to the user's email address, and then will ISA natively authenticate against this attribute instead? I heard rumours of AD having a maximum number of domain suffixes that it allows in AD userPrincipalName...? (presumably it catalogues them). [*I realise that AD is not the ideal authentication directory for a user population of this scale.]

    Read the article

  • Best way to find the computer a user last logged on from?

    - by Garrett
    I am hoping that somewhere in Active Directory the "last logged on from [computer]" is written/stored, or there is a log I can parse out? The purpose of wanting to know the last PC logged on from is for offering remote support over the network - our users move around pretty infrequently, but I'd like to know that whatever I'm consulting was updating that morning (when they logged in, presumably) at minimum. I'm also considering login scripts that write the user and computer names to a known location I can reference, but some of our users don't like to logout for 15 days at a time. If there is an elegant solution that uses login scripts, definitely mention it - but if it happens to work for merely unlocking the station, that would be even better!

    Read the article

  • Adding a Windows Server 2012 Essentials server to an existing domain, without migrating the AD

    - by TiernanO
    I have an existing Active Directory in house, a mix between a Win2K8R2 and Win2K3 domain, and i would like to test out Windows Server 2012 Essentials BETA on the network. When walking though the install, it gives me the option of a new domain, or migrating from an existing domain. when clicking existing, it tells me i can only have one SBS server running on a domain at a time... So, i dont have any existing SBS servers in house (both are full standard or enterprise editions) but i do plan on keeping at least one of these extra servers running... So, how do i get a 2012 Essentials server to join a domain, and not migrate the existing domain? or if i do migrate, can i still get one of the other boxes to act as secondary controllers?

    Read the article

  • Cloning a Windows server with VMWare ESXi without domain membership conflicts

    - by Brad
    We are using VMWare ESXi 3.5, and have found it quite useful for cloning a live server to then use the virtualized version to test/practice software upgrades. The trouble is, when the virtualized version fires up, it registers itself on our domain (Active Directory), causing the original server to no longer be accessible via Windows shares. The fix is to remove the virtualized version from the domain, configuring it to use a workgroup instead, deleting the Computer account in AD, and then removing the real server from the domain and re-adding it. Is there a better procedure? Note, we cannot simply disconnect the virtual network from the virtualized server, as it needs to be connected to the network to actually be removed from the domain.

    Read the article

  • Where can I find a link to download the SP2 of OES2?

    - by Philippe
    Hi, I have a Netware Novell server with an eDirectory and different objects configured. I implemented an OEServer2 SP1 to emulate a DSfW to manage the eDirectory with AD. I join the domain with the Administrator login and I am logged as the Administrator domain. So far, there are no problems. When I open the MMC window on Windows Server 08 and snap in the "Active Directory Users and Computers" I can see all the OUs and objects presented in the Netware N. server. But, when I select some OUs I can have an error, and when I select other I don’t have this error. Error: “Data from XXXXX is not available from Domain Controller OES2.yyyy.local because: The server is unwilling to process the request. Try again later, or choose another DC by selecting Connect to Domain Controller on the Domain context menu.” With XXXX= OU’s name and yyyy.local= domain name and OES2 server name If somebody can upload this SP or post a link to download it... Thank you for your help!

    Read the article

  • Schedule of Password Expiration to a specific time

    - by elcool
    Is there a way in Windows Server 2003 or 2008 and in Active Directory, to specify in a policy that when a users password expires that day, to have it expire at a certain time, say 4:00am. The issue came up, because the expiration occurs during the middle of the working day, say 9:00am. Then when a user is already logged into Windows in the network, and using different applications, those will start behaving wrongly because of authentication. They have to log out and log back in, in order for Windows to ask for the new password. So, if when they log in early in the morning it would ask for the new password, then they won't have to log back out during the working day. One of the AD Admins said: "Have them check if their password will expire before starting the day".. but really, who does that? And I don't have access to an AD to check these types of policies. So, is this possible?

    Read the article

  • does windows incremental backup include system state backup?

    - by Kossel
    I'm managing my very small office server with windows server 2008. since I have only one server, and the user group is really small. I made the first hdd into 2 partitions. one (C:) for windows and Active directory, another (D:) for tomcat and database. I'm doing incremental back C: and D: daily to hdd2 (E:) using windows server backup. is it enough to let me do fully restore my server in case of disaster? I ask this because I have read there is also a system state backup, and I also have to do that periodically in order to get AD back? isn't it with incremental/full backup I can do full bare-metal recovery?

    Read the article

  • winbind not working

    - by Yon
    I'm trying to set up winbind with an Active Directory running on Win2003. This works: net rpc user -S SOMEDOMAIN -U Administrator Password: Administrator ASPNET Demo Guest IUSR_SERVER20 IWAM_SERVER20 krbtgt RemoteUser SUPPORT_388945a0 This does not: wbinfo -u Error looking up domain users From the winbindd log: [2012/05/31 16:45:38, 1] nsswitch/winbindd_ads.c:ads_cached_connection(128) ads_connect for domain SOMEDOMAIN failed: Operations error [2012/05/31 16:46:38, 1] nsswitch/winbindd_util.c:trustdom_recv(230) Could not receive trustdoms ADS is not working with this domain. Why is winbind trying to use it instead of RPC? How can I force it to use only RPC and for all of this to work?

    Read the article

  • SharePoint 2010 with AD

    - by Tim Decuypere
    We are students and we have to make a project by using SharePoint. We have already learned the basic steps of SharePoint 2010 but now we have some problems with using the Active Directory. We've deleted SharePoint from the server and afterwards we've installed the AD-role and finished dcpromo. When we’ve reinstalled SharePoint 2010, we have some problems in the configuration of SharePoint. It automatically ask for a Databaseserver but we don't have one in the company of our project. My question is if there is any possibility to use SharePoint with AD and without a Databaseserver. If it is possible it would be nice to tell me how.

    Read the article

  • Count the Number of Characters in a Full FIle Path?

    - by Richie086
    I need to be able to count the number of characters in a full path to a file in windows. How I am currently accomplishing this task is as follows: Open a command prompt cd to the directory in question (for example c:\CruiseControl\ProjectArtifacts\ProjectName) type the following command dir /s /b output.csv Open the resulting output.csv file in excel. use the =LEN() function in excel to count the number of characters per row as listed in the output.csv file. Does anyone know of an explorer shell extension, or some 3rd party tool that could preform this function without me having to manipulate the output from dir in excel? Is there some easier way to go about doing this? The root of the issue I am having is the ~260 character file path limit in Windows. I am trying to analyze which paths are approx ~260 characters so I can shorten them to avoid getting this error.

    Read the article

  • How to make WinServer's AD work with Linux DNS/DHCP on VMware?

    - by Borald
    Hope you're fine. I got 2 virtual machines : Windows Server 2008 with Active Directory installed. Linux that works as a DNS and DHCP Server I need to make them work together, but I don't if this is going to be possible because VMWARE is sharing the NIC with other virtual machines and computer itself. I've assigned different IP static adresses to the servers. Is there a way for me to make these things get interconnected and test them on some virtual clients ? Any help will be much appreciated... (useful links,tutorials,..) Thanks in advance !

    Read the article

  • How do I change the NGINX user?

    - by danielfaraday
    I have a PHP script that creates a directory and outputs an image to the directory. This was working just fine under Apache but we recently decided to switch to NGINX to make more use of our limited RAM. I'm using the PHP mkdir() command to create the directory: mkdir(dirname($path['image']['server']), 0755, true); After the switch to NGINX, I'm getting the following warning: Warning: mkdir(): Permission denied in ... I've already checked all the permissions of the parent directories, so I've determined that I probably need to change the NGINX or PHP-FPM 'user' but I'm not sure how to do that (I never had to specify user permissions for APACHE). I can't seem to find much information on this. Any help would be great! (Note: Besides this little hang-up, the switch to NGINX has been pretty seamless; I'm using it for the first time and it literally only took about 10 minutes to get up and running with NGINX. Now I'm just ironing out the kinks.)

    Read the article

  • Finding Locked Out Users

    - by Bart Silverstrim
    Active Directory up to 2008 network (our servers are a mix of 2008, 2003...) I'm looking for a quick way to query AD to find out what users are locked out, preferably from a batch or script file, to monitor for possible issues with either user accounts being attacked by an automated attack or just anomalies in the network. I've Googled and my Google-fu has failed; I found a query off Microsoft's own knowledgebase that cites a string to use on Server 2003 with the management snap-in's saved queries (http://support.microsoft.com/kb/555131) but when I entered it, the query returned 400 users that a spot-check showed did NOT have a checkmark in the "Account is locked out" box under "account." In fact, I don't see anything wrong with their accounts. Is there a simple utility (wisesoft bulkadusers apparently uses this method behind the scenes, since it's results were also wrong) that will give a count of users and possibly their user object names? Script? Something?

    Read the article

  • "Unknown user name or bad password" when I launch ADUC

    - by Chris
    When I open up Active Directory Users and Computers from my workstation, I receive an error: Naming information cannot be located because: Logon failure: unknown user name or bad password. Contact your system administrator to verify that your domain is properly configured and is currently online. If I log in to my workstation as somebody else, it works. If I log into a different workstation using my account, it works. All the workstations in question are running Windows Vista (32 and 64 bit) or Windows Server 2008. The domain controller in question is running Windows Small Business Server 2008. Everything else (that I tried) in the Remote Server Administration Tools runs just fine. Any thoughts? Edit: I just tried reinstalling RSAT. No such luck.

    Read the article

  • Which firewall ports do I need to open in order for a domain trust to work?

    - by Massimo
    I have two Active Directory domains in two different forests; each domain has two DCs (all of them Windows Server 2008 R2). The domains are also in different networks, with a firewall connecting them. I need to create a two-way forest trust between the two domains and forest. How do I configure the firewall to allow this? I found this article, but it doesn't explain very clearly which traffic is required between DCs, and which traffic (if any) in needed instead between domain computers in one domain and DCs for the other one. I'm allowed to permit all traffic between the DCs, but allowing computers in one network to access DCs in the other one would be a little more difficult.

    Read the article

  • What are people using as Login scripts in large enterprises

    - by beakersoft
    Hi, We have recently been tasked with looking after the user login side of things in our enterprise (windows clients in active directory). We have a system at the moment that uses a vbscript login/loggof script to call a couple of DLL written in vb 6. The DLL's actions are controled by some config files based on users/groups witch is administrated from a central app. This is quite a good system, but kind of want to come away from vb6 for the dll's (maybe port them to c++ but them you have to make them com+ to call them from vbscripts etc) and possibly away from vbscript for the actual login scripts themselves. Just wondered what other people are using, what people can suggest etc Thanks Luke

    Read the article

  • Any good phone system on a Windows Environment ?

    - by Kedare
    Hello, I am looking for a phone system that integrate well with a (almost) 100% Microsoft. I would like something that can integrate with Exchange and Active Directory (in-phone searching/calling by name (is this possible using SIP ?), etc) and if possible something not too expensive (Bye bye Cisco !), what do you recommend me ? I've heard of 3CX as IPBX and Aastra as Phones, are they good for this ? Or do you know something else good at this ? I've also seen some Alcatel IP Phones doing this (search by name, but I think that was a separated address book and not loaded from AD/Exchange) Thank you !

    Read the article

  • Find out what resource is triggering bad password attempt?

    - by Craig Tataryn
    Background: Have a problem at work where I am constantly being locked out of my computer. We are in an environment that has a Domain Controller and we use Active Directory for authentication. By going through my normal workflow while on the phone with Desktop Support we were able to track the bad password attempts that were causing the lockouts to an application: "Eclipse". This is the application I use to do software development. I immediately thought it was a cached password for our SVN server that's the culprit, however the desktop support person couldn't tell me which resource the password attempt was being made against (i.e. which URL for instance). Question: Is there a way that I can monitor bad authentication requests made by an application on my desktop and find out what resource they are attempting it against?

    Read the article

  • Migrating Gmail to Office 365

    - by user218699
    Good Morning, I have been setting up Office 365 for my organization. We are currently using Gmail. I have synced our local Active Directory server w/ Office 365, as well as our domains. The problem I am having has to do with migrating mailboxes from Gmail to Office 365. I have been using this article to walk me through the process: http://technet.microsoft.com/en-us/library/dn568114.aspx The issue arises when I begin to sync the mailboxes. Currently I have been trying to sync my own mailbox as a test. The synchronization process has been going on for about 15 hours (for just one mailbox) with no errors or any information given by Office 365, other than the "Syncing" status on the migration page in the Exchange Admin Center. Is syncing a single mailbox supposed to take this long, or have I missed a step? Thanks!

    Read the article

  • Samba file shares - ownership of folder accessible for 1 group verified by MS active direcctory

    - by jackweirdy
    I have a machine set up to share a folder /srv/sambashare, here's an exerpt of the config file: [share] path = /srv/sambashare writable = yes The permissions of that folder are set at 700 and it is owned by nobody:nogroup at the moment. The problem I face is probably a simple one but I'm fairly new to Samba so I'm not sure what to do. The contents of the share should be accessible to a particular user who will authenticate with domain credentials, checked against Active Directory by kerberos. I haven't got kerberos configured yet as I wanted to test the share as soon as samba was configured, albeit basically, to ensure that it works. I've noticed that I can only access & write to the share when the folder is either owned by the user logging in or made world writable. The key issues are that this folder can't be world writable as it contains sensitive stuff, but at the same time can't be owned by a user or group since they come from the AD server. Anyone know what I should do?

    Read the article

  • How are cached Windows credentials stored on the local machine?

    - by MDMarra
    How are cached Active Directory domain credentials stored on a Windows client? Are they stored in the local SAM database, thus making them susceptible to the same rainbow table attacks that local user accounts are susceptible to, or are they stored differently? Note, that I do realize that they are salted and hashed, so as not to be stored in plain-text, but are they hashed in the same way as local accounts and are they stored in the same location? I realize that at a minimum they're be susceptible to a brute force attack, but that's a much better situation than being vulnerable to rainbow tables in the event of a stolen machine.

    Read the article

  • Data loss with roaming profiles on login on two different computers

    - by Jurriaan Pijpers
    We have a Windows server 2003 system with Active Directory and all of our users have roaming profiles. One of the users let someone login with his username and password on a different computer (2) while he was working on his own computer (1). Now when this user logs in on his own computer (1), the profile that is loaded is one that dates back many months (i think from the last time he logged on to computer 2). My suspicion is that the profile that was cached on computer 2 from many months back when this user last logged on on this computer, on logoff, synced over the newer profile on the server. so that now when he logs in, he gets this old profile. Now my questions: Is it possible to retrieve te newer profile? Is it possible to keep this from happening in the future?

    Read the article

  • LDAP authentication: Windows Server2k3 vs. 2k8

    - by wolfgangsz
    We have around 70% linux users, all of which are configured to authenticate against Active Directory through LDAP. In order for this to work, we used the "Windows Services for Unix" under Windows Server 2003, and it all works fine. We are now at a point where the server running this contraption is getting a bit tired and will be replaced with a newer machine, running Windows Server 2008 (where the relevant services such as user name mapping and password changes, etc., are integrated with the OS). And here's the rub: If a new user is configured through the Win2k3 server, then it all works fine. If the same thing is done through the Win2k8 server, then : The ADS plugin on the 2k3 server does not recognize it and behaves as if the UNIX attributes were never set. The user cannot authenticate against ADS using LDAP. Has anybody encountered this problem? If so, how did you overcome this? If you need any additional information to provide further help, just ask and I shall provide it.

    Read the article

< Previous Page | 77 78 79 80 81 82 83 84 85 86 87 88  | Next Page >