Search Results

Search found 4220 results on 169 pages for 'generating passwords'.

Page 81/169 | < Previous Page | 77 78 79 80 81 82 83 84 85 86 87 88  | Next Page >

  • Deny users in a certain group access to dovecot

    - by celil
    I installed the dovecot-imapd package in Ubuntu, and my setup is as follows: $ sudo dovecot -n # 1.2.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-27-generic-pae i686 Ubuntu 10.04.1 LTS log_timestamp: %Y-%m-%d %H:%M:%S protocols: imaps login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_privileged_group: mail mail_location: maildir:~/Maildir mbox_write_locks: fcntl dotlock auth default: passdb: driver: pam userdb: driver: passwd For security reasons I would like to deny all users that are in the admin group ability to do imap login via dovecot. This is done in order to prevent a brute force attacker from discovering the admin passwords, and obtaining administrator privileges on the system. How can this be achieved? Presumably, I will have to modify some settings in /etc/dovecot/dovecot.conf, but I am hesitant to change the default settings lest I create other security vulnerabilities.

    Read the article

  • backup software that ignores user rights

    - by Chris
    Hi, As a computer technician I have to reinstall systems allmost daily (when it can't be repaired ;-)) My problem is that I recover user files by hand and a external mounting device. Most of the time it works fine, but also weekly I have systems with passwords and personal files which are often not sucessfull recovered. I know you can change owner, but when people have 30 GB's af data, my backup computer works for ages to change the rights. Can anyone think of software (commercial is no problem) which does the following: * backup user data without having user rights troubles * have a option to choose what to backup (email accounts, documents, etc, etc) even when it's externaly mounted, in short, it reconizes the folder structure) * Works on different OS's like XP, Vista, W7

    Read the article

  • Windows 2003 Server on a domain, XP client PCs on a workgroup - file share without authentication?

    - by Zach
    I have a windows 2003 server on a domain and client PCs running XP on a workgroup. I have created a file share on the server that should be accessible by the client PCs. I even set the security and sharing to 'Everyone' just to test. When I try to access the file share from any of the XP machines, I get an authentication prompt that displays asking for credentials, even though 'Everyone' has full control currently (just for testing purposes). Why is it asking to authenticate? I need it to where it doesn't ask to authenticate. I also made sure passwords were set on all XP machines since I found this could be one possible issue and they all were. Any ideas? Thanks!

    Read the article

  • Immediate Propagation in Active Directory

    - by squillman
    It's been a while since I've done any large-scale AD administration so I'm reaching back a bit here. I remember that there are certain security related attributes on a user account object that, due to their nature, are flagged for immediate propagation to other sites. I have a case where passwords resets are not being propagated until scheduled replication happens. I had thought that was a case of immediate propagation. Am I just remembering incorrectly? Domain function level is 2003.

    Read the article

  • Copy files between two windows machines on seperate domains

    - by Simon
    I need to copy several database backups between two computers. The source computer initiates the copy and is a Windows 2000 pc and is a member of domain1. The destination machine is running Windows Server 2000 and is a member of domain2. The machines are on separate networks physically connected via a firewall. The files are currently copied via ssh with http://sshwindows.sourceforge.net/ installed on the destination machine. There is no need to encrypt the contents during the copy, however the passwords should not be sent in the clear. I am looking for a way to copy the files without having to install a server on the destination. I specifically need help with how to set up the permissions and what ports would need to be opened on the firewall.

    Read the article

  • How to get access to console to reset Cisco 3750?

    - by genehack
    I acquired two Cisco 3750 switches from another part of my organization. I was able to complete the standard password/config reset procedure on one without any issues -- boot it, put it into express config mode, telnet in, reset the passwords, etc. The second one doesn't ever boot to the point where it displays anything on the console. When power cycled, the 'SYST' light flashes green a few times, then comes on a solid green and stays lit. None of the other lights ever flash or light up. Holding down the 'MODE' button for up to 30 seconds produces no noticeable effects. Nothing ever comes out on the console. Since I was able to configure the first one without any problems, I know my connectinon is good -- console port configured right, good cable, etc. Is this just a hardware problem with the switch? Is there any way I can recover from this and get the switch back into a state where I can configure it?

    Read the article

  • Plesk 9.2.1 reporting much more SMTP traffic than the logs indicate

    - by Eric3
    Plesk is reporting nearly 7GB of SMTP traffic so far this month on one domain, most of it outgoing. However, after running qmail's mail logs (which only go back to May 8) through Sawmill, only about 900MB of traffic on that domain is accounted for. What I know so far: Email sent via PHP's mail() function is sent through sendmail, which has been logging its output via syslog to the same logs that qmail uses, at /usr/local/psa/var/log/ Messages sent by logging in directly via Telnet are logged as well I verified that Plesk is reporting totals correctly by creating a new domain, sending some large emails through it, running Plesk's statistics calculation script, and comparing its reported totals to the actual size of the emails sent The problem domain did have three mail accounts with blank or insecure passwords, which I corrected Does anyone know how Plesk calculates SMTP traffic statistics? Are there some log files elsewhere that I'm missing? What kind of SMTP traffic would Plesk know about that isn't being logged?

    Read the article

  • Password Expired Server 2008 R2

    - by Shaharyar
    Hello everybody, We're facing some trouble with our Server 2008 R2 installation. The passwords expired and we're prompted to change the password. After changing it, we get following error message: Configuration Information could no be read from the domain controller, either because the machine is unavailable, or access has been denied. But we aren't even using a domain controller. So we tried running the server in Safe Mode where we get following message after changing the password: An attempt was made to logon, but the network logon service was not started. Are there any other things I could try? All help is more than appreciated!

    Read the article

  • Password Expired on Server 2008 R2

    - by Shaharyar
    Hello everybody, We're facing some trouble with our Windows Server 2008 R2 installation. The passwords expired and we're prompted to change the password. After changing it, we get following error message: Configuration Information could no be read from the domain controller, either because the machine is unavailable, or access has been denied. But we aren't even using a domain controller. So we tried running the server in Safe Mode where we get following message after changing the password: An attempt was made to logon, but the network logon service was not started. Are there any other things I could try? All help is more than appreciated!

    Read the article

  • How to perform fresh linux install while preserving software raid and user accounts

    - by slayton
    I have a system with two software raid arrays. The OS is Ubuntu 9.04 and is no longer receiving updates. I'd like to update the system to 12.04 rather than trying to do the automatic update from 9.04-> 9.10-> ... -> 12.04. My main drive has 2 partitions that are mounted at / and /home. Is it possible to do a fresh install of linux to the partition where / is mounted while preserving user accounts and preferences (such as passwords, home dir locations, etc...)? Additionally what do I need to do to keep my software raid array intact following the OS re-install?

    Read the article

  • How secure is a bluetooth keyboard against password sniffing?

    - by jhs
    In a situation where an admin will enter sensitive information into a keyboard (the root password), what is the risk that a bluetooth keyboard (ship by default with Mac systems these days) would put those passwords at risk? Another way of asking would be: what security and encryption protocols are used, if any, to establish a bluetooth connection between a keyboard and host system? Edit: Final Summary All answers are excellent. I accepted that which links to the most directly applicable information however I also encourage you to read Nathan Adams's response and discussion about security trade-offs.

    Read the article

  • Multiple email accounts from the same server in Emacs Gnus

    - by docgnome
    I'm trying to set up Gnus to use both my gmail accounts but I can only ever get one at a time to show up in the list of folders. (setq gnus-select-method '(nnimap "[email protected]" (nnimap-address "secure.emailsrvr.com") (nnimap-server-port 993) (nnimap-stream ssl))) (setq gnus-secondary-select-methods '((nnimap "[email protected]" (nnimap-address "imap.gmail.com") (nnimap-server-port 993) (nnimap-stream ssl)) (nnimap "[email protected]" (nnimap-address "imap.gmail.com") (nnimap-server-port 993) (nnimap-stream ssl)))) That is the relevant portions of my .gnus file. It prompts me for three username passwords on startup. After I enter all three, I can access my work account and the gmail account that I enter the creds for second. This is really annoying! Any ideas?

    Read the article

  • Automatically mount a remote folder on boot

    - by Andrew
    I'm trying to mount a Windows folder on my Ubuntu machine on start up. I've tried following this page here, modifying /etc/fstab and appending sshfs#my_user@remote_host:/path/to/directory <local_mount_point> fuse user 0 0 to it, but it fails; on start up, I get an error saying that the mounting failed, and I can press S to skip or M to recover manually. I also tried following this page here, appending /usr/bin/sshfs -o idmap=user my_user@remote_host:/path/to/directory <local_mount_point> to the /etc/rc.local file, but this doesn't help either; Ubuntu just boots up normally without mounting. I have Cygwin installed on my Windows machine, and I can run everything smoothly, such as sshing without passwords, and mounting it manually. I've also tried to run the modified rc.local file $ /etc/rc.local, and it works perfectly, but I just can't seem to get the folder mounted on start up. Can someone help me?

    Read the article

  • What would you use to keep track of all the random information about your LAN/Enviroment?

    - by agnul
    Say you work in your average anarchy... no appointed IT guy, no Office-Manager whatsoever, just developers working in free-for-all mode and a couple of non technical people around for admin (non IT) stuff. What would you use to keep track of Hardware / Software inventory Backups of OS images, Drivers, and all that LAN configuration information Passwords for all the systems Currently I'm thinking of having some sort of wiki + web server on our only ''server-class'' machine, but then I fear I'd be the only one who would go through the hassle of adding information in the wiki... So, have you been through that? What would you suggest?

    Read the article

  • How to detect when a user copies files from a server over the network?

    - by Mr. Graves
    I have a few virtual servers + desktops that are used for shared development with remote users, including some consultants. Each user has an account with access to most aspects of the server. I don't want to prevent people from being productive, or track passwords or read emails, but I do want to know when and what files they copy from the virtual server or what they upload from the server to a remote site, and what if any applications they install. This will help make sure my IP is protected, that no one is installing tools they shouldn't, and that things are licensed appropriately. What is the simplest way to do this? In order of importance I would say detecting file transfers off the machine to be most critical. Thanks

    Read the article

  • Putting a Windows DC, Exchange in a DMZ

    - by blsub6
    I have one guy at my company telling me that I should put FF:TMG in between my main Internet-facing firewall (Cisco 5510) and put my Exchange server and DC on the internal network. I have another guy telling me that I should put the Exchange server and DC in a DMZ I don't particularly like the idea of having my mailboxes and DC's usernames/passwords in a DMZ and I think that Windows authentication would require me opening up so many ports between my DMZ and my internal network that it would be a moot point to have it out there anyways. What are some thoughts? How do you have it set up?

    Read the article

  • Windows XP: Consequences of setting a password for an account

    - by sleske
    I do not quite understand how Windows (specifically Windows XP) handles accounts with/without passwords. As far as I can see, on a fresh Windows XP install I have one default account which has admin rights does not have a password will auto-login (without password prompt) when the computer boots What happens if I set a password for this account? Will it still auto-login? Or will it always prompt for the PW? And generally, what consequences does it have if I set a password? I noted that Scheduled Tasks apparently cannot run under an account w/o password (creating a scheduled task will prompt for the account PW). Is there anything that will not work with a password set? Why is it even possible to have accounts without a password? I have some Unix/Linux background, but the concepts appear a little different under Windows.

    Read the article

  • Top ten security tips for non-technical users

    - by Justin
    I'm giving a presentation later this week to the staff at the company where I work. The goal of the presentation is to serve as a refresher/remidner of good practices that can help keep our network secure. The audience is made up of both programmers and non-technical staff, so the presentation is geared for non-technical users. I want part of this presentation to be a top list of "tips". The list needs to be short (to encourage memory) and be specific and relevant to the user. I have the following five items so far: Never open an attachment you didn't expect Only download software from a trusted source, like download.com Do not distribute passwords when requested via phone or email Be wary of social engineering Do not store sensitive data on an FTP server I have two questions: Do you suggest any additional items? Do you suggest any changes to existing items?

    Read the article

  • Debian: SSH: "PermitRootLogin=forced-commands-only" stopped working

    - by Brent
    I have several servers running Debian Lenny. Just recently I discovered the PermitRootLogin=forced-commands-only directive for ssh, which allows me to run a scripted rsync as root with an ssl key, without enabling more generalized root ssh access. However, last week this stopped working - it appears on all of my servers - and I can't figure out why. Everything continues to work fine with PermitRootLogin=yes, but I would prefer to block root logins - especially via passwords. The day it stopped working, we reconfigured some of the ports on one of our switches (which we later reverted), but I can't see that affecting this, since it still works with PermitRootLogin set to yes. How can I diagnose why the forced-commands-only directive has apparently stopped working?

    Read the article

  • System user authentication via web interface [closed]

    - by donodarazao
    Background: We have one pretty slow and expensive satellite Internet connection that is shared in a network with 5-50 users. To limit traffic, users shall pay a certain sum of money per hour. Routing and traffic accounting on user basis is done by a opensuse 10.3 server. Login is done via pppoe, and for each connection, username, bytes_sent, bytes_rcvd, start_time, end_time,etc are written into a mysql database. Now it was decided that we want to change from time-based to volume-based pricing. As the original developer who installed the system a couple of years ago isn't available, I'm trying to do the changes. Although I'm absolutely new to all this, there is some progress. However, there's one point I'm absolutely stuck. Up to now, only administrators can access connection details and billing information via a web interface. But as volume-based prices are less transparent to users than time-based prices, it is essential that users themselves can check their connections and how much they cost via the web interface. For this, we need some kind of user authentication. Actual question: How to develop such a user authentication? Every user has a linux system user account. With this user name and password, connection to the pppoe-server is made by the client machines. I thought about two possibles ways to authenticate users: First possibility: Users type username and password in a form. This is then somehow checked. We already have to possibilities to change passwords via the web interface. Here are parts of the code: Part of the Perl script the homepage is linked to: #!/usr/bin/perl use CGI; use CGI::Carp qw(fatalsToBrowser); use lib '../lib'; use own_perl_module; my @error; my $data; $query = new CGI; $username = $query->param('username') || ''; $oldpasswd = $query->param('oldpasswd') || ''; $passwd = $query->param('passwd') || ''; $passwd2 = $query->param('passwd2') || ''; own_perl_module::connect(); if ($query->param('submit')) { my $benutzer = own_perl_module::select_benutzer(username => $username) or push @error, "user not exists"; push @error, "your password?!?" unless $passwd; unless (@error) { own_perl_module::update_benutzer($benutzer->{id}, { oldpasswd => $oldpasswd, passwd => $passwd, passwd2 => $passwd2 }, error => \@error) and push @error, "Password changed."; } } Here's part of the sub update_benutzer in the own_perl_module: if ($dat-{passwd} ne '') { my $username = $dat-{username} || $select-{username}; my $system = "./chpasswd.pl '$username' '$dat-{passwd}'" . (defined($dat-{oldpasswd}) ? " '$dat-{oldpasswd}'" : undef); my $answer = $system; if ($? != 0) { chomp($answer); push @$error, $answer || "error changing password ($?)"; Here's chpasswd.pl: #!/usr/bin/perl use FileHandle; use IPC::Open3; local $username = shift; local $passwd = shift; local $oldpasswd = shift; local $chat = { 'Old Password: $' => sub { print POUT "$oldpasswd\n"; }, 'New password: $' => sub { print POUT "$passwd\n"; }, 'Re-enter new password: $' => sub { print POUT "$passwd\n"; }, '(.*)\n$' => sub { print "$1\n"; exit 1; } }; local $/ = \1; my $command; if (defined($oldpasswd)) { $command = "sudo -u '$username' /usr/bin/passwd"; } else { $command = "sudo /usr/bin/passwd '$username'"; } $pid = open3(\*POUT, \*PIN, \*PERR, $command) or die; my $buffer; LOOP: while($_ = <PERR>) { $buffer .= $_; foreach (keys(%$chat)) { if ($buffer =~ /$_/i) { $buffer = undef; &{$chat->{$_}}; } } } exit; Could this somehow be adjusted to verify users, but not changing user passwords? The second possibility I see: all pppoe connections are logged in the mysql database. If I could somehow retrieve the username (or uid) of the user connected by pppoe, this could be used to authenticate users. Users could only check their internet connections and costs when they are online (and thus paying money), but this could be tolerated. Here's a line of the script that inserts connections into the database: my $username = $ENV{PEERNAME}; I thought it would be easy to use this variable, but $username seems to be always empty in test-scripts (print $username). Any idea how to retrieve the user connected to the pppoe server? Sorry for the long question! Any help would be very much appreciated. :)

    Read the article

  • Is there a specific name for the ".\" (dot-slash) shorthand used to log onto a Windows machine?

    - by HopelessN00b
    I guess the title just about says it all. And yes, .\, not that obsolete \. thing. :) For those who don't know, .\ is a shorthand way of saying "this computer" in Windows at a logon screen, which comes in very handy when you don't know or care about the local computer name but need to authenticate against it anyway, such as through RDP or scripting against a set of shared local users and passwords or even locally, if you're unlucky enough to have to physically go to a machine. Anyway, does this have an actual name, and if so, what is it? I feel kind of stupid saying the dot-slash thing, which is how I've been referring to this.

    Read the article

  • How to Set "<options>" in fstab - Manual Mounting is Successfull

    - by nicorellius
    I am not real familiar with fstab yet, so I have a couple questions. When I use this command to mount devices: sudo mount -t cifs -o username=admin //192.168.1.134/share_name /mnt/share_name With passwords: sudo="local user password" password="password for device" How do I translate that into an fstab entry? So far, I have tried this in the fstab and mounting fails: //192.168.1.134/share_name /mnt/share_name cifs default 0 0 This is where the question comes in. Where I have default, should there be something instead, indicating username=admin, etc?

    Read the article

  • How to configure auto-logon in Active Directory

    - by Jonas Stensved
    I need to improve our account management (using Active Directory) for a customer support site with 50+ computers. The default "AD"-way is to give each user their own account. This adds up with a lot of administration with adding/disabling/enabling user accounts. To avoid this supervisors have started to use shared "general" accounts like domain\callcenter2 etc and I don't like the idea of everyone knowing and sharing accounts and passwords. Our ideal solution would be to create a group with computers which requires no login by the user. I.e. the users just have to start the computer. Should I configure auto-logon with a single user account like domain\agentAccount? Is there anything else to consider if I use the same account for all users? How do I configure the actual auto-logon with a GPO on the group? Is there a "Microsoft way" without 3rd party plugins? Or is there a better solution?

    Read the article

  • Taking over and Moving a PHP site

    - by KCavon
    I have a internal use PHP site at my new position. It only runs a few days a year off site so we keep it on laptops. The hardware it has been on, a 8 year IBM Thinkpad running Fedora, is dying. I have new Lenovo Thinkpad's running latest and greatest Ubuntu. I have copied the contents of var to a shared drive, renamed the old www folder in var on the new machine and copied over the old www folder. I can get to the login page and into the site, but when I look something up it returns Cannot Open. I know I cannot get to the MySQL in the new machine because users and passwords dont match. The version of the PHP from the old machine is before the setup script was included. I know very little about PHP. I am looking for input on the proper way to link the old PHP files to my mysql instance. Any help, much appreciated.

    Read the article

  • How to create a new public AMI for windows?

    - by user67081
    I am trying to make a windows 2008 AMI that is a nice clean 64bit starter pack (IIS, SQL express, ASP.NET MVC, etc...) I would like to make it a public AMI when its done. There in lies the problem. I can make an AMI from my image no problem. But I can't seen to get new instances to generate their own passwords.. The results are that I have a new instance that works great with my password. So what is the process of making my EBS backed Instances convert into an AMI that will auto-generate its password and do all the other setup steps that amazon wants to go thru when a new instance starts up? Thanks in advance.

    Read the article

< Previous Page | 77 78 79 80 81 82 83 84 85 86 87 88  | Next Page >