Search Results

Search found 12376 results on 496 pages for 'active pattern'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 83/496 | < Previous Page | 79 80 81 82 83 84 85 86 87 88 89 90  | Next Page >

  • How do I integrate a OpenSolaris NAS with AD?

    - by Neo
    I basically want a OpenSolaris NAS (ZFS goodies) but I'd like to integrate it with AD, so that when I create a new user in AD, his roaming profile is created in the NAS. That means all his ACLs have to work (I know they're compatible), etc. The tutorials I found don't actually work, so any help would be much appreciated.

    Read the article

  • Disable the user of Internet explorer through policies when called from HTML help

    - by Stephane
    Hello, I have a locked down environment where users are prohibited from doing, well, basically anything but run the specific programs we specify. We just switched a program from using the venerable "WinHELP" help format to HTML help (CHM) but that seem to have an unwanted and rather dangerous side effect: when a user click on a hyperlink inside the HTML help, a new internet explorer window is opened and the user is free to browse and do terrible things to my server (well, not that much, but still...) I have checked the session in this case and the IE window is actually hosted within the help engine: there is no iexplore.exe process running in the user session (and it cannot: it's explicitly prohibited). We have disable all help right now until we find a solution. I'm working with the help team to have all external URLs removed from the help file but that is going to be a long and error-prone task. Meanwhile, I've checked all the group policies option but I have to say that I was unable to find anything that would prevent a standalone IE window hosted in a random process from running. I don't want to disable WinHTTP or the IE rendering engine or anything of the sort. But I need to prevent all users members of a specific AD user group from ever having an IE window displayed to them. The servers are running Windows 2003 and Citrix metaframe 4.5. Thanks in advance

    Read the article

  • Determine logged on user on Windows computer from Linux

    - by Justin
    How can I determine who is logged on to a remote Windows XP computer from Linux? I do not have administrator access on the domain or on the remote computer. I can do it from a separate Windows computer using PsLoggedOn -L \\computer from PsTools I've tried using nmblookup -A remotecomputer, but I only see entries for the computer and the domain, not a <03> entry for the user. I've also tried running PsLoggedOn under wine; I get an error: Connecting to Registry of \\computer.company.com... fixme:reg:RegConnectRegistryW Connect to L"computer.company.com" is not supported. I started looking into winexe, but it looks like I would need administrative rights on the remote computer to get it working.

    Read the article

  • RSH between servers not working

    - by churnd
    I have two servers: one CentOS 5.8 & one Solaris 10. Both are joined to my workplace AD domain via PBIS-Open. A user will log into the linux server & run an application which issues commands over RSH to the solaris server. Some commands are also run on the linux server, so both are needed. Due to the application these servers are being used for (proprietary GE software), the software on the linux server needs to be able to issue rsh commands to the solaris server on behalf of the user (the user just runs a script & the rest is automatic). However, rsh is not working for the domain users. It does work for a local user, so I believe I have the necessary trust settings between the two servers correct. However, I can rlogin as a domain user from the linux server to the solaris server. SSH works too (how I wish I could use it). Some relevant info: via rlogin: [user@linux~]$ rlogin solaris connect to address 192.168.1.2 port 543: Connection refused Trying krb4 rlogin... connect to address 192.168.1.2 port 543: Connection refused trying normal rlogin (/usr/bin/rlogin) Sun Microsystems Inc. SunOS 5.10 Generic January 2005 solaris% via rsh: [user@linux ~]$ rsh solaris ls connect to address 192.168.1.2 port 544: Connection refused Trying krb4 rsh... connect to address 192.168.1.2 port 544: Connection refused trying normal rsh (/usr/bin/rsh) permission denied. [user@linux ~]$ relevant snippet from /etc/pam.conf on solaris: # # rlogin service (explicit because of pam_rhost_auth) # rlogin auth sufficient pam_rhosts_auth.so.1 rlogin auth requisite pam_lsass.so set_default_repository rlogin auth requisite pam_lsass.so smartcard_prompt try_first_pass rlogin auth requisite pam_authtok_get.so.1 try_first_pass rlogin auth sufficient pam_lsass.so try_first_pass rlogin auth required pam_dhkeys.so.1 rlogin auth required pam_unix_cred.so.1 rlogin auth required pam_unix_auth.so.1 # # Kerberized rlogin service # krlogin auth required pam_unix_cred.so.1 krlogin auth required pam_krb5.so.1 # # rsh service (explicit because of pam_rhost_auth, # and pam_unix_auth for meaningful pam_setcred) # rsh auth sufficient pam_rhosts_auth.so.1 rsh auth required pam_unix_cred.so.1 # # Kerberized rsh service # krsh auth required pam_unix_cred.so.1 krsh auth required pam_krb5.so.1 # I have not really seen anything useful in either system log that seem to be directly related to the failed login attempt. I've tail -f'd /var/adm/messages on solaris & /var/log/messages on linux during the failed attempts & nothing shows up. Maybe I need to be doing something else?

    Read the article

  • There are currently no logon servers available to service the logon request

    - by Adriaan
    I am the guy that was closest to the server :( and am actually a developer. I am getting this error, There are currently no logon servers available to service the logon request, when a machine on the domain is trying to be accessed from other machines from the network. Accessing other machines from this machine works as expected. How should I go about to fix this? We are running a Windows Server 2003 and XP Pro clients.

    Read the article

  • Powershell BitLocker Recovery Key

    - by TheNoobofNoobs
    I'm trying to get a list of all computers that have a bit locker recovery key (or information for that matter) populated in their respective fields in AD. I am unable to even start on a script as I don't know where to begin. I did find this online but it doesn't appear to be working. foreach($comp in get-adcomputer -filter *) { get-adobject -filter 'objectclass -eq "msFVE-RecoveryInformation"' - searchbase $comp.distinguishedname -properties msfve-recoverypassword,whencreated | sort whencreated | select msfve-recoverypassword -last 1 } Export-Csv "FilePath.csv" Any ideas as to how I can go about this. Running Windows 7, Powershell 3.0, Windows Server 2008 R2.

    Read the article

  • How to recover files from a non-booting windows server?

    - by edude05
    I'm having a problem with a windows server 2008 server. After it was demoted from a AD domain controller, it is unable to get to the login screen (it reboots after applying user settings). Is there a way to recover files from this system via something like a windows live CD, or of course fix this issue?

    Read the article

  • How to make network drives appear even if disconnected?

    - by Jake
    I have the same problem as many others: network and home drives set by group policy and AD are not connected on windows startup. The prime suspect is that the LAN or wireless does not connect until after user log in. I have already given up on that. Now, I just want the disconnected drives to continue to list in My Computer so that if the user goes in and double click the drive, it will connect again. However, on some machines the drive is completely missing from My Computer. If I right click My Computer Map Network Drive again, it does work. But it's very troublesome to do it all the time. And I don't want to use a script to map the drives because I don't want to appear to be using a hacky solution to the users. The drives listed as disconnected will look more like a "built-in feature", and gives users more confidence. How can I keep the disconnected drives in My Computer? I am using Windows 7 Professional and Win2k8.

    Read the article

  • Group policy applied to AD OU attributes

    - by Eric Smith
    I'm not well-versed in AD, so would like to resolve a question I have with regards to AD information. I understand that it is possible to apply group policy to OU's, thereby restricting access. What I'd like to know is, is it possible to do the same with OU attributes. Some context would help. There's a requirement to store address information in AD (IMO, a natural fit), but for various reasons, although obviously things like name should be globally accessible, access restrictions are desired on the address. In this case, is it possible to apply security to the address portion of the OU attributes, or does each address have to be broken into a separate OU (a solution that feels smelly given that address doesn't have identity)?

    Read the article

  • Account to read AD, join machine to domain, delete computer accounts and move computers to OUs

    - by Ben
    I want to create an account that will perform the following: Join computers to a domain (not restricted to 10, like a normal user) Check for computer accounts in AD Delete computers from AD Move computers between OUs I don't want to allow it to do anything else, so don't want a domain admin account. Can anyone guide me in the right direction in terms of permissions? Not sure if I should be using delegation of control wizard? Cheers, Ben

    Read the article

  • Any issues with computer on one domain in a separate forest and user account in another domain/forest?

    - by TheCleaner
    I have a few of my sites with a trust relationship among two different forests with a single domain in each AD forest. I'll skip all the politics and details that don't matter and just ask the question: Will having a machine with a computer account in one domain and their user account in another cause any issues? (besides GPO behavior that would need to be understood such as their computer getting a GPO applied from the computer's domain, and their user account getting a GPO applied from their user domain)

    Read the article

  • ActiveDirectory machine accounts: same SID after machine rebuild?

    - by Max
    When a new Windows server machine joins a domain, AD seems to create a machine account "DOMAIN\MACHINENAME$" for that machine with a SID. If the machine gets reimaged (with another OS, here: W2K8 instead of W2K3) and then rejoins the domin, will AD re-use the existing domain account with the same SID? (Reason I'm asking is that we use some machine accounts as logins in SQL2008 databases..) Thanks Max

    Read the article

  • Can't Connect w/ SQL Management Studio After Domain Change

    - by Sam
    Our old Small Business Server 2003 (acting as our domain controller) was on the fritz, so we replaced it with a new Windows Server 2008 box and set the server up as our new domain controller. In hindsight, it may have been a mistake, but we set up the new server as a replacement and tried to keep as much the same as possible, including the DOMAIN name. The problem was, that even though the domain name was the same, the guest computers somehow still realized it was not the exact same domain. We had to unjoin and rejoin the domain and port over everyone's documents and settings. This morning, when I attempted to connect to my local SQL Server Instance, it was saying that my login failed. When I tried to use the SQL Management Studio, it throws the error "Package 'Microsoft SQL Management Studio Package' failed to load" on startup, then exits without giving me a chance to change the login. I am using Mixed Authentication and have an administrative account as a backup. Ideas? If there is a more appropriate stack, please let me know where to put it.

    Read the article

  • Migrating SBS 2003 to 2012 standard

    - by AryaW
    My company is currently trying to migrate a Windows Small Business Server 2003 to Windows Server 2012. We know the general procedure, but we want to make sure we aren't going to mess anything up tremendously. Here's the steps we were planning on taking: 1. Uninstall exchange 2. Remove legacy GPO's 3. Demote the domain controller 4. Promote the new server to the primary domain controller. We have no mail servers to worry about. My question is, will the above method work or will we need to make a complete new domain? Thanks!

    Read the article

  • Win2008 DC in a Windows 2000 domain: can I keep the old DC?

    - by gravyface
    Will be putting a new Windows 2008 SE Server into a single domain network with two domain controllers, both running Windows 2000 Server. The functional level of the domain is mixed mode/2000. Until a second 2008 DC can be purchased, I'd like to leave the current Win2k operational master DC as a backup DC as the other member servers running 2003 have either accounting/SQL or Exchange on them. Eventually all the w2k servers will be decommissioned, but until then, I need another DC for redundancy. Following the standard process for adding a new DC, can I leave the old operational master DC (or the other backup DC) running after I transfer the FSMO roles to the new server? Will this cause any issues?

    Read the article

  • Deploying Windows Service through group policy fails with Event ID 102

    - by Sören Kuklau
    I'm trying to deploy a custom Windows Service (written in C#; installed through a VS setup project) using a group policy. To help debug this, I also have two additional MSIs in the same policy. All three packages are deployed as a machine policy, not a user one. On one machine (runs Windows Server 2008; no UAC), all three deploy fine. The service is set to Automatic, as expected. On two machines (run Windows 7; UAC), the two other MSIs deploy fine, but my service fails to install. The event log gives an event ID of 102, which appears to be a permissions problem: The install of application "Package Name" from policy "Policy Name" failed. The error was The installation source for this product is not available. Verify that the source exists and that you can access it. However, all three packages come from the same share linked through UNC, so this is unlikely. My guess is that UAC is the problem; that the service requires additional permissions. Do I need to alter the MSI somehow?

    Read the article

  • Reset local Certificate Revocation List (CRL) manual

    - by Sasha
    How can I reset local CRL (in OS local cash) in Windows OS (XP, Windows 7) manual? We need to reset local CRL because otherwise the OS will use local CRL until "next update" period. As described in "Manually publish the CRL": Clients that have a cached copy of the previously-published CRL or delta CRL will continue using it until its validity period has expired, even though a new CRL has been published. Manually publishing a CRL does not affect cached copies of CRLs that are still valid; it only makes a new CRL available for systems that do not have a valid CRL.

    Read the article

  • Cannot resolve Hostname to IP, but IP to hostname works

    - by blade
    Hi, I have deployed a bunch of windows server VMs on a cloud hosting service. These machines are all joined to a domain controller on the same service, which also hosts DNS. All of the domain-joined machines have dynamic IP (along with the DC). If I try to resolve any of the hostnames remotely, it fails. For example, I am in SQL Server Reporting Services and I need to connect to a remote server. I provide the hostname of the desired target server and this fails, but then if I provide the IP, this works. How can I pass the hostname and have this resolve to IP? Is there anything I need to look for in the DNS server? It has records of the hostnames (in forward lookup I think), but reverse is empty. Isn't it the case that forward lookup resolves ip to hostname and reverse resolves hostname to ip? Also, I don't know what he subnet mask because this is not in my control, so the machines may not be in the same subnet - can this be a cause of the problem? Where is the problem? Thanks

    Read the article

  • unable to join domain using virtualbox

    - by FreshPrinceOfSO
    I'm in the process of setting up a VM environment for a MS certification exam (70-462). Following the training kit's instructions, I've set up a domain controller (DC) and two members (SQL-A, SQL-B) thus far. I can't figure out why I can't join the domain. DC IPv4 Address . . . : 10.10.10.10(Preferred) Subnet Mask. . . . : 255.0.0.0 DNS Servers. . . . : ::1 127.0.0.1 SQL-A IPv4 Address . . . : 10.10.10.20(Preferred) Subnet Mask. . . . : 255.0.0.0 DNS Servers. . . . : 10.10.10.10 SQL-B IPv4 Address . . . : 10.10.10.30(Preferred) Subnet Mask. . . . : 255.0.0.0 DNS Servers. . . . : 10.10.10.10 I've read how to do networking between virtual machines in virtualbox and the documentation. After trying various network adapter configurations, I can't get them to communicate in order to have the two members join the domain. When I ping from .30 to .10, I get: ping 10.10.10.10 Pinging 10.10.10.10 with 32 bytes of data: Reply from 10.10.10.20: Destination host unreachable. Reply from 10.10.10.20: Destination host unreachable. Reply from 10.10.10.20: Destination host unreachable. Reply from 10.10.10.20: Destination host unreachable. Trying to join the domain: netdom join SQL-A /domain:contso.com The specified domain either does not exist or could not be contacted. The command failed to complete successfully. Within VirtualBox, I've tried the following combinations for network adapter: Attached to - Promiscuous Mode ------------------------------- NAT Bridged Adapter - Deny Bridged Adapter - Allow VMs Bridged Adapter - Allow All Internal Network - Deny Internal Network - Allow VMs Internal Network - Allow All Host-only Adapter - Deny Host-only Adapter - Allow VMs Host-only Adapter - Allow All Edit ipconfig /all of DC ipconfig /all of SQL-A

    Read the article

  • NTFS Permission Structure to allow Traversal but no Modification except in Leaf Nodes?

    - by pepoluan
    Assume there's this folder structure: D:\ --+-- Acctg --+-- Payable | +-- Receivable | +-- Fin --+-- Inv | +-- Tax | +-- Treas | +-- Mrktg --+-- Ads +-- Promo Users are not allowed to change the structure, but they are free to create & delete files & folders in the leaf nodes (i.e., the rightmost folders). AGDLP principle said that I should assign permissions on the above folders to DL-Groups. Let's say I have a G-Group of users, G-Accounting-Payable, containing users that have access to the D:\Acctg\Payable folder. The way I see it, I have two strategies: - Strategy 1 Create three DL-Groups and assign them permissions: DL-D-Acctg_T -- allowed traversal of D:\Acctg folder DL-D-Acctg-Pay_LF -- allowed listing of D:\Acctg\Payable folder contents DL-D-Acctg-Pay__RW -- allowed full permissions to the contents of D:\Acctg\Payable folder Add G-Accounting-Payable as member to all the above DL-Groups - Strategy 2 Create just one DL-Group DL-D-Acctg-Pay__RW, and assign it the proper permissions for each level of the folder. Then, add G-Accounting-Payable as member to that DL-Group. - Which strategy is the Recommended Best Practice, and why?

    Read the article

  • How to create a password-less service account in AD?

    - by Andrew White
    Is it possible to create domain accounts that can only be accessed via a domain administrator or similar access? The goal is to create domain users that have certain network access based on their task but these users are only meant for automated jobs. As such, they don't need passwords and a domain admin can always do a run-as to drop down to the correct user to run the job. No password means no chance of someone guessing it or it being written down or lost. This may belong on SuperUser ServerFault but I am going to try here first since it's on the fuzzy border to me. I am also open to constructive alternatives.

    Read the article

  • Is it safe to delete "Account Unknown" entries from Windows ACLs in a domain environment?

    - by Graeme Donaldson
    It's not uncommon to see entries in Windows ACLs (NTFS files/folders, registry, AD objects, etc.) with the name "Account Unknown (SID)". Obviously these are because of old AD users or groups which at some point had permissions manually configured on the relevant object and have since been deleted. Does anyone know if it is safe to remove these "Account Unknown" ACEs? My gut feeling is that it should be just fine, but I'm wondering if anyone has any past experiences where doing this has caused trouble? Normally I just ignore these, but the company I'm working at now seems to have an abnormal number of these, most likely due to past admins' inexperience with AD/Windows and assigning permissions to user accounts rather than groups in all sorts of weird places. FWIW, our environment is not complex, a single domain forest, 4 DCs in 3 sites, with all network connectivity and replication healthy, so I'm certain that these "Account Unknown" entries are really old accounts, and not just because of some failure to resolve the SID to a human-readable name.

    Read the article

  • Installing Domain Controller on Hyper-V Host

    - by MichaelGG
    Given a resource limited setup consisting of 2 host machines (HyperV-01 and HyperV-02), is it OK to put the domain controllers in parent partition, instead of their own VM? The main reason is that if the DCs go into a child partition, starting from cold on both machines could lead to a bit of an issue, as there'd be no DCs around until well after both parents have booted. I'm guessing this might cause undesirable effects. Am I correct to be worried about joining the host systems to a domain that's only on VMs? The biggest drawback I've heard so far is that if AD gets heavily used, its resources could cut into HyperV's. I'm not concerned about that for this deployment. Any other suggestions? (Besides finding a 3rd machine and running AD on it.)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 79 80 81 82 83 84 85 86 87 88 89 90  | Next Page >