Allow anonymous SID/Name translation - Setting via registry instead of the Local Security Policy (or GPO)

Similar Messages

• How do you ALLOW SSL through 8080 Proxy set via the browser?

  1) I installed Sun Proxy Server
  2) Requested Verisign Certificate
  3) Installed the Certificate
  4) I enabled the Security to use the Certificate server-cert (Configure HTTP Client)
  5) Set up the browser to use the proxy server and port 8080
  6) I am unable to access our https:// application.
  7) Now, the question is, how do I use it. The help procedures do not tell you how you use it. Using Etheral and it shows the following errors:
  CONNECT w2k3-interop:8443 HTTP/1.0
  Server: Sun-Java-System-Web-Proxy-Server/4.0.2
  Date: Mon, 06 Mar 2006 22:46:03 GMT
  Content-length: 194
  Content-type: text/html
  Connection: close
  HTTP/1.1 403 Proxy denies fulfilling the request
  Server: Sun-Java-System-Web-Proxy-Server/4.0.2
  Proxy denies fulfilling the request
  Your client is not allowed to access the requested object.
  8) What I'm I missing?
  9) What do I have to configure in order to get it working?

  Try adding this line to your obj.conf.
  what it does is to allow ssl traffic to 8443 port for any webserver.
  <Object ppath="connect://.*:8443">
  Service fn="connect" method="CONNECT"
  </Object>

• Weblogic Server 9.2 by default allows anonymous modification to JNDI tree

  We found out that Weblogic Server 9.2 by default allows anonymous modification to JNDI tree.
  This is definitely a big security hole. But Oracle support said this is Work By Design conforming to JNDI Specification.
  So we thought this might be overlooked by lots of Weblogic Administrators and would like to share this finding.
  We were told that the solution is to create a policy for jndi.
  We are still checking if there are other resources that are open to anonymous access.
  Hope this will help.
  thanks!

  Yes the only way to secure the JNDI is applying the policies..
  But the catch is, even if your code is executing within the container, it has to pass the credentials..
  Dont knw wether its a good behavior or bad, but that is how it works :)

• Network access: Do not allow anonymous enumeration of SAM accounts and shares

  Hi guys,
  What will happen if I enable "Network access: Do not allow anonymous enumeration on SAM accounts and shares" ?
  Does the users (everyone) would not be able to list all shared folders on that computer?
  What is the impact of this one?
  Been searching for the effect of this but I cannot find precise answer.
  Thank you in advance for your help!

  Hi whitesql,
  It’s difficult to talk about when a policy disable effect if we know how it works right? You can refer the following KB to realize the enumeration mainly work for first:
  The effects of removing null sessions from the Microsoft Windows 2000 and Microsoft Windows NT environment
  http://support.microsoft.com/kb/890161/EN-US
  Network access: Do not allow anonymous enumeration of SAM accounts
  https://msdn.microsoft.com/en-us/subscriptions/downloads/jj852230(v=ws.10).aspx
  Restricting Anonymous Access
  https://msdn.microsoft.com/zh-cn/library/cc785670(v=ws.10).aspx
  I’m glad to be of help to you!
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• How to lock the PDF toolbar via Registry Settings

  I have just taken over administering about 300 off-site Windows XP PCs using Adobe Reader 8.0  One of our webpages that these off-site locations use generates a label for them via Adobe Reader with an option to print the label if needed.  When the pdf comes up onscreen, they have a single toolbar across the top with the icons for printing, zoom in/zoom out, percentage of label, etc.  Found that this toolbar is not locked down because two of our offsite locations managed to drag the print icon button out of that toolbar and then close it with no way to bring that button back to the toolbar.  Since they are fairly locked down, they don't have the "File Edit View" options above that toolbar, so it's not something they can go to File > Print to get around that.  We're actually having to send them a new PC for now.
  I was curious if you know of a way to lock that toolbar via Registry Settings by the user so that in the future they won't accidentally remove and close their print icon again?  And/or whether there's a way to put that Print icon back in the toolbar also via Registry Settings?
  Thank you

  If when you installed Rh10 you had selected the PDF Add-on, you likely would not have Acrobat 9 still installed. See Using RoboHelp 10 on my site.
  The fact that you say Acrobat 9 is functioning correctly suggests that you did not select the add-on. I suspect that is why the settings option is not enabled.
  That does not stop you generating a PDF. First, it may work without changing any settings. If not, generate to Word and then generate to PDF from there. That is what RoboHelp is doing behind the scenes.
  Typically and document generated from any HTML program needs some cleaning up in Word first, if only to tidy up page breaks.
  See www.grainge.org for RoboHelp and Authoring tips
  @petergrainge

• I have a number of apps on my Ipad2 that no longer have sound. I have checked setting on my ipad and the settings on the apps that have a settings and the sound and volume are ok. Do I have a virus in some apps?

  I have a number of apps on my ipad2 tha no longer have sound.  I have checked the ipad settings and the apps that have settings and all sound and volume are ok.  Do I have a virus?  Pandora sound is ok. It seems mostly to be games...angry birds, tap tap, and educational games for little ones. Any suggestions?

  There aren't any viruses for iOS devices. Have you got notifications muted ? Only notifications (including games) get muted, so the iPod and Videos apps, and headphones, still get sound.
  Depending on what you've got Settings > General > Use Side Switch To set to (mute or rotation lock), then you can mute notifications by the switch on the right hand side of the iPad, or via the taskbar : double-click the home button; slide from the left; and it's the icon far left; press home again to exit the taskbar. The function that isn't on the side switch is set via the taskbar instead : http://support.apple.com/kb/HT4085

• IPSEC tunnel via hostname instead of IP address

  Hi there,
  Is it possible on an ASA 5500 device to connect an IPSEC tunnel via hostname instead of the IP address?  I have a site without a static IP address that is currently connected via Easy VPN but I want to change one of the sites to a regular IPSEC site to site as one side, the one with the dynamic IP, is being changed to SonicWALL.  I will have DDNS setup on the site with the SonicWALL so I want to know if I can point the ASA device to the hostname instead of the IP.
  Thanks ahead of time for anybody with the knowledge to help!

  Hi
  Locally on the firewall you can configure the remote destination ip with a namel-list, is this what you were after?
  name 46.46.2.2 site-to-site
  tunnel-group site-to-site type ipsec-l2l
  tunnel-group site-to-site ipsec-attributes
  pre-shared-key cisco
  Regards
  Nouraj

• AppV 5.0 SP2 HF4 - Registry not applying when set via DynamicConfig.xml

  I have an AppV 5.0 package of VMWare and have tweaked the dynamicconfig.xml file to add a registry key.  I am applying the package with the AppV 5.0 management and publishing server globally.  This is what my dynamicconfig.xml looks like, pulled
  from the C:\ProgramData\Microsoft... folder (my apologies if it doesn't format well, it does validate):
  <?xml version="1.0"?>
  <DeploymentConfiguration PackageId="7817a78f-feed-4070-8be5-
  <Registry Enabled="true">
  <Include>
  <Key Path="\REGISTRY\USER\[{AppVCurrentUserSID}]\Software\VMware\VMware Infrastructure Client\Preferences">
  <Value Type="REG_SZ" Name="RecentConnections" Data="wsvcenter20.healthy.bewell.ca,wsvcenter01.healthy.bewell.ca,wsvcenter40.healthy.bewell.ca,wsvcenteribm01.healthy.bewell.ca">
  </Value>
  </Key>
  <Key Path="\REGISTRY\USER\[{AppVCurrentUserSID}]\Software\Foo"><Value Type="REG_SZ" Name="Bar" Data="NewValue"></Value></Key><Key Path="\REGISTRY\USER\[{AppVCurrentUserSID}]\Software\EmptyKey">
  </Key>
  </Include>
  </Registry>
  <FileSystem Enabled="true">
  </UserConfiguration>
  <MachineConfiguration>
  <ProductSourceURLOptOut Enabled="true"> </ProductSourceURLOptOut>
  <Subsystems>
  <Registry>
  <Include>
  <Key Path="\REGISTRY\Machine\Software\Foo"><Value Type="REG_SZ" Name="Bar" Data="Baz">
  </Value>
  </Key>
  <Key Path="\REGISTRY\Machine\Software\EmptyKey">
  </Key>
  </Include>
  </Registry>
  </Subsystems>
  </MachineConfiguration>
  </DeploymentConfiguration>
  I left in the example Foo registry just to see if it works.  When I launch vSphere I do not get all the drop downs in the "RecentConnection" keys, opening the AppV 5 package in cmd.exe with the /appvve switch and opening regedit shows the
  registry keys with the sequenced application, but not the registry keys in the dynamic config.xml.  I should also note I'm trying to replace existing keys that already have the "RecentConnection" that are in the manifest.xml.  So I'm not
  sure if "Include" is "Replace" and errors out if those keys already exist...?  I don't see any errors in the event log.  I'm not sure of any other way that the event log reports if dynamicconfig.xml is being applied.  
  Lastly, this is what my get-appvclientconfiguration looks like:
  PS C:\Users\trententtye> Get-AppvClientConfiguration
  Name Value
  PackageInstallationRoot D:\AppVData\PackageInst...
  PackageSourceRoot
  LocationProvider
  AutoLoad 2
  EnablePackageScripts 1
  ReestablishmentInterval 5
  ReestablishmentRetries 3
  CertFilterForClientSsl LOCAL_MACHINE\MY\1.3.6....
  SupportBranchCache 0
  VerifyCertificateRevoca... 1
  SharedContentStoreMode 1
  MigrationMode 1
  RoamingFileExclusions
  RoamingRegistryExclusions SOFTWARE\CLASSES
  AllowHighCostLaunch 0
  PackageStoreAccessControl 0
  IntegrationRootUser %LOCALAPPDATA%\Microsof...
  IntegrationRootGlobal %ALLUSERSPROFILE%\Micro...
  VirtualizableExtensions exe,com,bat,cmd,vbs,ps1...
  IgnoreLocationProvider 0
  ReportingEnabled 0
  ReportingStartTime
  ReportingRandomDelay
  ReportingInterval
  ReportingServerURL
  ReportingDataCacheLimit
  ReportingDataBlockSize
  ExperienceImprovementOptIn 0
  EnablePublishingRefreshUI 0
  ProcessesUsingVirtualCo... {%SystemRoot%\explorer....
  EnableDynamicVirtualiza... 1
  TLDR; My dynamicconfig.xml registry values are not applying.  Help!

  Hi Ral,
  I did as you described, exporting my default config.xml and I can see my modification is present in the exported file.
  <?xml version="1.0"?>
  <DeploymentConfiguration PackageId="7817a78f-feed-4070-8be5-bdf9447a1539" DisplayName="vSphere_Client_50U3_51U2_55U1" xmlns="http://schemas.microsoft.com/appv/2010/deploymentconfiguration"><UserConfiguration><Subsystems><Shortcuts Enabled="true"><Extensions><Extension Category="AppV.Shortcut"><Shortcut><File>[{Desktop}]\MyApps\VMware\VMware vSphere Client.lnk</File><Target>[{AppVPackageRoot}]\Virtual Infrastructure Client\Launcher\VpxClient.exe</Target><Icon>[{Windows}]\Installer\{4CFB0494-2E96-4631-8364-538E2AA91324}\arpIcon.exe.0.ico</Icon><Arguments></Arguments><WorkingDirectory>[{AppVPackageRoot}]\Virtual Infrastructure Client\Launcher\</WorkingDirectory><ShowCommand>1</ShowCommand><ApplicationId>[{AppVPackageRoot}]\Virtual Infrastructure Client\Launcher\VpxClient.exe</ApplicationId></Shortcut></Extension><Extension Category="AppV.Shortcut"><Shortcut><File>[{Programs}]\MyApps\VMware\VMware vSphere Client.lnk</File><Target>[{AppVPackageRoot}]\Virtual Infrastructure Client\Launcher\VpxClient.exe</Target><Icon>[{Windows}]\Installer\{4CFB0494-2E96-4631-8364-538E2AA91324}\arpIcon.exe.0.ico</Icon><Arguments></Arguments><WorkingDirectory>[{AppVPackageRoot}]\Virtual Infrastructure Client\Launcher\</WorkingDirectory><ShowCommand>1</ShowCommand><ApplicationId>[{AppVPackageRoot}]\Virtual Infrastructure Client\Launcher\VpxClient.exe</ApplicationId></Shortcut></Extension></Extensions></Shortcuts><FileTypeAssociations Enabled="true"><Extensions></Extensions></FileTypeAssociations><URLProtocols Enabled="true"><Extensions><Extension Category="AppV.URLProtocol"><URLProtocol><Name>VpxClient</Name><ApplicationURLProtocol><Description>URL:VpxClient</Description><DefaultIcon>[{AppVPackageRoot}]\Virtual Infrastructure Client\Launcher\VpxClient.exe</DefaultIcon><ShellCommands><ShellCommand><ApplicationId>[{AppVPackageRoot}]\Virtual Infrastructure Client\Launcher\VpxClient.exe</ApplicationId><Name>open</Name><CommandLine>"[{AppVPackageRoot}]\Virtual Infrastructure Client\Launcher\VpxClient.exe" -e "%1"</CommandLine></ShellCommand></ShellCommands></ApplicationURLProtocol></URLProtocol></Extension></Extensions></URLProtocols><COM Mode="Isolated"><IntegratedCOMAttributes InProcessEnabled="false" OutOfProcessEnabled="true"></IntegratedCOMAttributes></COM><Objects Enabled="true"></Objects><Registry Enabled="true"><Include><Key Path="\REGISTRY\USER\[{AppVCurrentUserSID}]"></Key><Key Path="\REGISTRY\USER\[{AppVCurrentUserSID}]\Software"></Key><Key Path="\REGISTRY\USER\[{AppVCurrentUserSID}]\Software\EmptyKey"></Key><Key Path="\REGISTRY\USER\[{AppVCurrentUserSID}]\Software\Foo"><Value Type="REG_SZ" Name="Bar" Data="NewValue"></Value></Key><Key Path="\REGISTRY\USER\[{AppVCurrentUserSID}]\Software\VMware"></Key><Key Path="\REGISTRY\USER\[{AppVCurrentUserSID}]\Software\VMware\VMware Infrastructure Client"></Key><Key Path="\REGISTRY\USER\[{AppVCurrentUserSID}]\Software\VMware\VMware Infrastructure Client\Preferences"><Value Type="REG_SZ" Name="RecentConnections" Data="wsvcenter20.healthy.bewell.ca,wsvcenter01.healthy.bewell.ca,wsvcenter40.healthy.bewell.ca,wsvcenteribm01.healthy.bewell.ca"></Value></Key></Include></Registry><FileSystem Enabled="true"></FileSystem><Fonts Enabled="true"></Fonts><Services Enabled="true"></Services></Subsystems><Applications><Application Id="[{AppVPackageRoot}]\Virtual Infrastructure Client\Launcher\VpxClient.exe" Enabled="true"><VisualElements><Name>VMware vSphere Client</Name><Icon></Icon><Description></Description></VisualElements></Application></Applications><UserScripts></UserScripts></UserConfiguration><MachineConfiguration><ProductSourceURLOptOut Enabled="true"></ProductSourceURLOptOut><Subsystems><Registry></Registry></Subsystems><MachineScripts></MachineScripts><TerminateChildProcesses></TerminateChildProcesses></MachineConfiguration></DeploymentConfiguration>
  but the registry value's still do not exist when I launch VPXClient.exe or open regedit.exe with the /appvve: command switch.

• Set Word 2013 Track Changes settings via Registry edits or Group Policy?

  Hi
  Would anyone know if there is a way of changing Track Changes settings via registry edits or Group Policy (e.g. changing Simple Markup All Markup)? I've had a look in Group Policy Admin Templates and the Registry but cant see relevant
  Thanks!

  Hi,
  The All Markup/Simple Markup selection is controlled by the RevModeShowSimpleMarkup value within the following registry key:
  HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Word\Options
  The value is 0 (zero) for All Markup or 1 (one) for Simple Markup.
  If we close all Word instances, and change the value to 1, then start Word, the All Markup option should be selected.
  In addition, some track change settings can also be controlled by the GPO settings in the following location:
  Administrative Templates > Microsoft Word 2013 > Word Options > Track changes and compare
  If you still need further assistance on this issue, please feel free to let me know.
  Regards,
  Steve Fan
  TechNet Community Support
  It's recommended to download and install
  Configuration Analyzer Tool (OffCAT), which is developed by Microsoft Support teams. Once the tool is installed, you can run it at any time to scan for hundreds of known issues in Office
  programs.

• How to Export local security setting all filed name & value against filed.

  HI all,
  I am trying to export local security setting from local policy using bellow scrip. but it is showing only these are configured. I need expert help which allowed me to export all filed with value where it is configure or not. Please give me.
  $output=@()
  $temp = "c:\"
  $file = "$temp\privs.txt"
  [string] $readableNames
  $process = [diagnostics.process]::Start("secedit.exe", "/export /cfg $file /areas USER_RIGHTS")
  $process.WaitForExit()
  $in = get-content $file
  foreach ($line in $in) {
  if ($line.StartsWith("Se")) {
  $privilege = $line.substring(0,$line.IndexOf("=") - 1)
  switch ($privilege){
  "SeCreateTokenPrivilege " {$privilege = "Create a token object"}
  "SeAssignPrimaryTokenPrivilege" {$privilege = "Replace a process-level token"}
  "SeLockMemoryPrivilege" {$privilege = "Lock pages in memory"}
  "SeIncreaseQuotaPrivilege" {$privilege = "Adjust memory quotas for a process"}
  "SeUnsolicitedInputPrivilege" {$privilege = "Load and unload device drivers"}
  "SeMachineAccountPrivilege" {$privilege = "Add workstations to domain"}
  "SeTcbPrivilege" {$privilege = "Act as part of the operating system"}
  "SeSecurityPrivilege" {$privilege = "Manage auditing and the security log"}
  "SeTakeOwnershipPrivilege" {$privilege = "Take ownership of files or other objects"}
  "SeLoadDriverPrivilege" {$privilege = "Load and unload device drivers"}
  "SeSystemProfilePrivilege" {$privilege = "Profile system performance"}
  "SeSystemtimePrivilege" {$privilege = "Change the system time"}
  "SeProfileSingleProcessPrivilege" {$privilege = "Profile single process"}
  "SeCreatePagefilePrivilege" {$privilege = "Create a pagefile"}
  "SeCreatePermanentPrivilege" {$privilege = "Create permanent shared objects"}
  "SeBackupPrivilege" {$privilege = "Back up files and directories"}
  "SeRestorePrivilege" {$privilege = "Restore files and directories"}
  "SeShutdownPrivilege" {$privilege = "Shut down the system"}
  "SeDebugPrivilege" {$privilege = "Debug programs"}
  "SeAuditPrivilege" {$privilege = "Generate security audit"}
  "SeSystemEnvironmentPrivilege" {$privilege = "Modify firmware environment values"}
  "SeChangeNotifyPrivilege" {$privilege = "Bypass traverse checking"}
  "SeRemoteShutdownPrivilege" {$privilege = "Force shutdown from a remote system"}
  "SeUndockPrivilege" {$privilege = "Remove computer from docking station"}
  "SeSyncAgentPrivilege" {$privilege = "Synchronize directory service data"}
  "SeEnableDelegationPrivilege" {$privilege = "Enable computer and user accounts to be trusted for delegation"}
  "SeManageVolumePrivilege" {$privilege = "Manage the files on a volume"}
  "SeImpersonatePrivilege" {$privilege = "Impersonate a client after authentication"}
  "SeCreateGlobalPrivilege" {$privilege = "Create global objects"}
  "SeTrustedCredManAccessPrivilege" {$privilege = "Access Credential Manager as a trusted caller"}
  "SeRelabelPrivilege" {$privilege = "Modify an object label"}
  "SeIncreaseWorkingSetPrivilege" {$privilege = "Increase a process working set"}
  "SeTimeZonePrivilege" {$privilege = "Change the time zone"}
  "SeCreateSymbolicLinkPrivilege" {$privilege = "Create symbolic links"}
  "SeDenyInteractiveLogonRight" {$privilege = "Deny local logon"}
  "SeRemoteInteractiveLogonRight" {$privilege = "Allow logon through Terminal Services"}
  "SeServiceLogonRight" {$privilege = "Logon as a service"}
  "SeIncreaseBasePriorityPrivilege" {$privilege = "Increase scheduling priority"}
  "SeBatchLogonRight" {$privilege = "Log on as a batch job"}
  "SeInteractiveLogonRight" {$privilege = "Log on locally"}
  "SeDenyNetworkLogonRight" {$privilege = "Deny Access to this computer from the network"}
  "SeNetworkLogonRight" {$privilege = "Access this Computer from the Network"}
    $sids = $line.substring($line.IndexOf("=") + 1,$line.Length - ($line.IndexOf("=") + 1))
    $sids =  $sids.Trim() -split ","
    $readableNames = ""
    foreach ($str in $sids){
      $str = $str.substring(1)
      $sid = new-object System.Security.Principal.SecurityIdentifier($str)
      $readableName = $sid.Translate([System.Security.Principal.NTAccount])
      $readableNames = $readableNames + $readableName.Value + ", "
  $output += New-Object PSObject -Property @{            
          privilege       = $privilege               
          readableNames   = $readableNames.substring(0,($readableNames.Length - 1))
          #else            = $line."property" 
  $output  

  As an alternate approach wee can preset the hash and just update it.  This version also deal with trapping the errors.
  function Get-UserRights{
  Param(
  [string]$tempfile="$env:TEMP\secedit.ini"
  $p=Start-Process 'secedit.exe' -ArgumentList "/export /cfg $tempfile /areas USER_RIGHTS" -NoNewWindow -Wait -PassThru
  if($p.ExitCode -ne 0){
  Write-Error "SECEDIT exited with error:$($p.ExitCode)"
  return
  $selines=get-content $tempfile|?{$_ -match '^Se'}
  Remove-Item $tempfile -EA 0
  $dct=$selines | ConvertFrom-StringData
  $hash=@{
  SeCreateTokenPrivilege =$null
  SeAssignPrimaryTokenPrivilege=$null
  SeLockMemoryPrivilege=$null
  SeIncreaseQuotaPrivilege=$null
  SeUnsolicitedInputPrivilege=$null
  SeMachineAccountPrivilege=$null
  SeTcbPrivilege=$null
  SeSecurityPrivilege=$null
  SeTakeOwnershipPrivilege=$null
  SeLoadDriverPrivilege=$null
  SeSystemProfilePrivilege=$null
  SeSystemtimePrivilege=$null
  SeProfileSingleProcessPrivilege=$null
  SeCreatePagefilePrivilege=$null
  SeCreatePermanentPrivilege=$null
  SeBackupPrivilege=$null
  SeRestorePrivilege=$null
  SeShutdownPrivilege=$null
  SeDebugPrivilege=$null
  SeAuditPrivilege=$null
  SeSystemEnvironmentPrivilege=$null
  SeChangeNotifyPrivilege=$null
  SeRemoteShutdownPrivilege=$null
  SeUndockPrivilege=$null
  SeSyncAgentPrivilege=$null
  SeEnableDelegationPrivilege=$null
  SeManageVolumePrivilege=$null
  SeImpersonatePrivilege=$null
  SeCreateGlobalPrivilege=$null
  SeTrustedCredManAccessPrivilege=$null
  SeRelabelPrivilege=$null
  SeIncreaseWorkingSetPrivilege=$null
  SeTimeZonePrivilege=$null
  SeCreateSymbolicLinkPrivilege=$null
  SeDenyInteractiveLogonRight=$null
  SeRemoteInteractiveLogonRight=$null
  SeServiceLogonRight=$null
  SeIncreaseBasePriorityPrivilege=$null
  SeBatchLogonRight=$null
  SeInteractiveLogonRight=$null
  SeDenyNetworkLogonRight=$null
  SeNetworkLogonRight=$null
  for($i=0;$i -lt $dct.Count;$i++){
  $hash[$dct.keys[$i]]=$dct.Values[$i].Split(',')
  $privileges=New-Object PsObject -Property $hash
  $privileges
  Get-UserRights
  A full version would be pipelined and remoted or, perhaps use a workflow to access remote machines in parallel.
  ¯\_(ツ)_/¯

• Allow Anonymous Access to the Password Reset Portal

  How do I go about enabling Anonymous Access to the Password Reset Portal?
  The following instructions don't seem accurate anymore.  Has this setting changed with Sharepoint Services 3.0 SP2?
  When I click on "Settings" in Step 4 the only option displayed is "Permission Levels".
  Allow Anonymous Access to the password reset portal
  In this procedure you will configure the portal to allow Anonymous Access to users who need to reset their passwords.
  To allow anonymous access to the password reset portal
  Log on to the password portal (http://<portal hostname/PasswordPortal) as an administrator.
  On the top right hand side of the portal homepage click Site Actions, and then click Site Settings.
  Under Users and Permissions click Advanced Permissions.
  On the Permissions page, click Settings, and then select Anonymous Access.
  Under Anonymous users can access, select Entire Web site, and then click OK.

  Yes, that was very helpful.  Thanks! 
  Just in case that site dissapears and someone else needs this info, here it is:
  If you don’t see the “Anonymous Access” menu option in the “Settings” menu, it might not be turned on in Central Admin/IIS. You can manually navigate to “_layouts/setanon.aspx” if you want, but the options will be grayed out if it hasn’t been enabled in IIS
  First get to your portal. Then under “My Links” look for “Central Administration” and select it.
  In the Central Administration site select “Application Management” either in the Quick Launch or across the top tabs
  Select “Authentication Providers” in the “Application Security” section
  Click on the “Default” zone (or whatever zone you want to enable anonymous access for)
  Under “Anonymous Access” click the check box to enable it and click “Save”
  NOTE: Make sure the “Web Application” in the menu at the top right is your portal/site and not the admin site.
  You can confirm that anonymous access is enabled by going back into the IIS console and checking the Directory Security properties.
  Now the second part is to enable anonymous access in the site.
  Return to your sites home page and navigate to the site settings page. In MOSS, this is under Site Actions – Site Settings – Modify All Site Settings. In WSS it’s under Site Actions – Site Settings.
  Under the “Users and Permissions” section click on “Advanced permissions”
  On the “Settings” drop down menu (on the toolbar) select “Anonymous Access”
  Select the option you want anonymous users to have (full access or documents and lists only)
  Now users without logging in will get whatever option you allowed them.
  A couple of notes about anonymous access:
  You will need to set up the 2nd part for all sites unless you have permission inheritance turned on
  You must do both setups to enable anonymous access for users, one in IIS and the other in each site

• My iphone 4 back side names and logo light how to change panel

  my iphone 4 back side names and logo light how to change panel

  The first time an iPhone is connected to iTunes that is used to sync with another iPhone or iOS device, you are prompted to transfer the backup for the other iPhone or iOS device or to set up the iPhone as a new iPhone.
  The former does as provided - it transfers the backup for the other iPhone or iOS device to the iPhone replacing all data on the iPhone that is included with the backup being transferred. The latter does nothing allowing you to make your various selections for the iPhone sync preferences with iTunes.
  This is designed to be done right away with a new iPhone.
  If you don't have a backup for the iPhone with iTunes on your computer and don't have an iCloud backup that hasn't been updated since choosing to transfer the backup for your iPod Touch to the iPhone, the data that was on the iPhone is gone.

• Alert Rule Setting via Tcode

  Hi Experts,
  Is there any Tcode to set Alert Rules after defining the Alert Category.
  RWB is not opening. is there any Tcode for setting the Alert Rule??
  Please suggest.
  Regards,
  Sushama

  Hi,
  Step1:
  1. Start the Exchange Profile via: http://<j2ee-host>:<http-port>/exchangeProfile
  2. Select the section "RuntimeWorkbench" on the left frame.
  a. check for parameter com.sap.aii.rwb.server.centralmonitoring.httpsport, if not existingu2026..
  3. Click on "New Paramter" on the right frame.
  4. Insert the parameter name: com.sap.aii.rwb.server.centralmonitoring.httpsport
  5. Insert the https port of the Central Monitoring Server into the value field. You find the value of this parameter when you start the tcode SICF on the Central Monitoring Server. From the Menu "Goto" choose the entry "Port Information". Select the value from "Service" column of the row "HTTPS".
  6. Click on "Save".
  Step2:
  Initiate RWB using URL - http://<j2ee-host>:<http-port>/rwb/rtc?op=init
  Step3:
  You may perform full CPA Cache Refresh only If you were allowed to perform.
  i faced similar issue after adding Fully qualified domain name in Exchange profile my issue got resolved,
  what is the error are you getting while accesing RWB.
  Regards,
  raj

• I was told of an application that will allow the use of a second screen to view my data and files, but I forgot its name. I'd like to make the connection because my LCD is broken.

  I was told of an application that will allow the use of a second screen to view my data and files, but I forgot its name. I'd like to make the connection because my LCD is broken.

  You don't need an application, just plug a compaitble monitor into the display port of your MacBook Pro, set the screen up in System Preferences>Displays

• HT2497 I just purchased the 2TB TC and set it up on bridge mode to my att verse which is connected via ethernet cable.  The TC is continually blinking amber and an error message states that a wireless network cannot be found but the uverse is functioning

  I just purchased the 2TB TC and set it up on bridge mode to my att verse which is connected via ethernet cable.  The TC is continually blinking amber and an error message states that a wireless network cannot be found but the uverse is functioning great.  The network name I assigned to the TC is also not appearing among available networks.  How do I remedy this, please?

  What OS on the computer you are using to setup the TC?
  Did you turn on ipv6 for wireless to link-local... this is essential for network access now??
  Try power cycling the network.. start up in correct order.. uverse.. 2min wait.. TC.. 2min wait.. computer.
  No luck factory reset and start over. Use ethernet cable as well to the computer to help it.
  No luck I can show you manual method.