Domain Shares for Local user with matching credentials?

Similar Messages

• Mail not working for local users

  I have sunOS 5.9 running on sun sparc
  mail is not working on this system even for local users.
  I have tried from the command prompt
  mail username
  Test email
  ^D
  nothing happens after control D, I don't get command prompt.
  I also tried
  mail username
  Test email
  nothing happens
  sendmail daemon is not running on this system but my understanding is that sendmail is not required. I need mail to work only for local users to receive emails for failed cron jobs etc, it is not required for this system to send or receive emails to/from outside world.
  Can someone guide or point in right direction to fix mail functionlality for local users?

  Actually, with recent versions of sendmail, you do need sendmail running to be able to send mail.
  You never used to, but since they made sendmail no longer setuid root, you do.
  Sendmail has essentially been split into 2 daemons a local queue runner with handles sending sent by local users.
  And a listener daemon with listens for remote connections.
  If you want to be able to send mails but not have sendmail listening, you have a couple of options.
  You can either run only the local queue runner and not run the listener. In this case you have to configure the local queue runner to send mails onto a external mail host for processing. This requires editing /etc/mail/submit.cf
  Alternately, you need to configure the local listener to only bind to the localhost port so it can't be contacted from external sources.
  This requires editing sendmail.mc and regenerating a new sendmail.cf
  I tend to favour the latter option as the former limits your ability to do things like local aliases of root: [email protected] to send all your root mail to a central account.
  This is the sendmail.mc you will need
  divert(0)dnl
  VERSIONID(`@(#)main.mc 1.5 (Sun) 08/10/00')
  OSTYPE(`solaris8')dnl
  DOMAIN(`solaris-generic')dnl
  DAEMON_OPTIONS(``Port=smtp, Addr=127.0.0.1, Name=MTA'')dnl
  FEATURE(`no_default_msa')dnl
  MAILER(`local')dnl
  MAILER(`smtp')dnl

• Need MBAM 2.5 Helpdesk and selfservice sites to open for authenticated users with no password prompt

  I Need MBAM 2.5 Helpdesk and self service sites to open for authenticated users with no password prompt. I just cant seem to get this to work. The account used in the application pool has its SPN registered and delegation set. I can use that account to login
  to the sites but am prompted for a password. That said anyone I add into the helpdesk users group cannot negotiate the sites. Only the account I have set in the application pool can. I want domain authenticated users that have been added to the MBAM Help Desk
  Users group to negotiate the site with NO password challenge at all.
  tconners

  This generally means that your SPN is not set up correctly.  Let's say the web server you installed the SSP on is lance.contoso.com and your app pool creds are corp\lance.  You should set an SPN similar to setspn -s http/lance.contoso.com
  corp\lance.  In your browser, you should now be able to access the SSP without prompts.  However, if you still get prompted, generally that means that your local intranet zone in IE does not have an entry for *.contoso.com.  Since you are entering
  an FQDN in your browser, IE interprets the "." to mean "on the internet" which breaks Kerberos authentication.  By adding *.contoso.com to your local intranet zone, you are telling it that lance.contoso.com is on the intranet, so use
  Kerberos.
  I can confirm, that I have exact configuration and I always get the password promt for the very first time. We have 2 server (1xIIS and 1xSQL) infrastructure in production with SPN set like it should and I get the password prompt.

• Default User Template for AD users with Win home dirs

  Hi all,
  Can anyone tell me if it's possible for AD users with Windows based home directories to get a default user template given to them the first time they login to a Mac bound to AD?
  I can give local users and users with home dirs on our Xserve my default user settings via the English.lproj template, but I cannot for the life of me get this to work for those users with Windows based home directories.
  This is a biggie since my boss has mandated that ALL our student home directories are to be hosted under Windows from now on...
  Thanks in advance.

  So you are using roaming profiles on AD and when they log into a Mac you want to setup their default, is that what I am hearing?
  You will need to modify the English.lproj on the local machine to setup the default template. Since the mac server is not involved in the authentication and hosting of a roaming AD account with windows home folder, the client creates the home folder initially. Modify the default English.lproj on the clients.

• MM01 tcode for SD user with restriction to SD related codes only

  Dear Experts
  How can we assign MM01 Authorisation for SD user with a restriction that he can access only <b><u>SD RELATED MATERIAL ONLY</u></b> ?,     Why because the material master is same for   <u>MM Module</u>   and   <u>SD Module Product Master</u> also.
  There is no listing for Material Group parameter in the Material Object
  Material Type Object : M_MATE_MAR
  Material         Object : M_MATE_MAT
  Thanks in advance
  Please advise me.
  Regards
  PS Prasad

  Dear Corinne Müller 
  First of all, let me say Sorry for the late reply to your post.
  I have gone through the objects you have told to that particular SD User.
  He have been already assigned those objects.    But one thing I have observer
  here is the authorisation object you have given    M_MATE_WGR
  contains 2 parameters those are
  (01) Activity                       01, 02, 03
  (02) Authorization Group
  The above said (02) parameter does not contains any data to select in its dropdown box.   I think functional people does not created material groups
  while doing configuration part.
  So, here I can not distinguish the material whether it related to SD Module OR MM Module. And can not restrict user's to access TCode MM01 basing on their module related material only. Am I right ????
  Any further suggetions ?????
  Thanks for your reply.
  I am just learner in BASIS.   Kindly be in touch with my e-mail id.
  My E-Mail id : [email protected]
  Thanks once again
  PS Prasad

• For iphone users with att, can you block incoming texts all together? After paying $20 for data i dont want to pay as i go/pay more for texts

  For iphone users with att, can you block incoming texts all together? After paying $20 for data i dont want to pay as i go/pay more for texts

  SMS is exchanged over the same network as calls - no data involved.
  MMS requires data.
  iMessage requires the same as email - internet access via an available wi-fi network or via your carrier's cellular data network.
  You can disable SMS/MMS altogther with your account by requesting this with AT&T. You can turn iMessage off unless your iPhone is connected to an available wi-fi network.

• Connect to a cube with Integrated WIndows Sercurity for Windows user with computer outside the domain

  Hello,I am trying to connect to an MSSAS cube with a windows user ( and i need this user to be the end user that connect to the cube) from outside the domain.It will be .Net application.I use msmdpump.dll before but the thing is it impersonate the connection
  so the user that connect to the Cube is not the real client user with is a problem for me because i like to manage the security throw roles.
  SSRS is able to do what i am trying to achieve ( it ask you your domain user and password) then connect to the cube with these credential which is great,but i do that ?
  With ADOMD.Net how do you provide windows user/password in the connection string ?
  I tryed to only active windows security access with IIS and MSSAS but it's not working with a computer outside the domain even if in excel i provide a windows user/password.
  Vincent

  With ADOMD.Net how do you provide windows user/password in the connection string ?
  Hello Vincent,
  See MSDN Connection String Properties (Analysis Services) for all available properties; addtitional: AdomdConnection.ConnectionString
  Property  =>
  Olaf Helper
  [ Blog] [ Xing] [ MVP]

• How to use smb share for home directory with AD account

  I have extended the schema of our AD and bound a macbook pro running 10.6.8 to the domain. AD users are able to logon, and if I select the option to use their AD homedirectory attribute then this smb share is used as a network drive. My question is though, I need users to logon to MAC using a different smb share for their home drive than the path set in the home directory attribute. Does anyone know how I can achieve this?
  Cheers
  Paul.

  But this method cannot use Regular Expression because my searching target is more than one line.Yes it can!
  Like you said, first you list all the files in the folder.
  For each file, use a BufferedReader to read the first lines, then you may use a StringBuffer to append the lines into it (don't forget to append the '\n' to each line).
  Finally, compile your pattern ( "^November.*\nDecember" ) with the DOTALL flag,
  verify that the string (from StringBuffer) matches the pattern and there you have it!

• CUC 8 - converting local users with VM's to LDAP users - what is the best method?

  Evening all
  We are running a new Unity Connect 8.0 environment. Initially the users were either manually imported and created individually. The standard naming convention for the Alias names are first initial + surname.
  I have integrated LDAP synch so now I can see all the users in the users OU. I want to be able to utilise the LDAP synch to its full potential. I want to create new users from LDAP. But my primary objective is to convert all local users to domain users. The only main issue which we identified is that domain users Alias length is set to 8 characters max in length whereas the local accounts are full length.
  What would be the best way to migrate the users to LDAP, preserve the voicemails and update Alias names to be the same length as domain users?
  I was thinking of the following:
  Backup up system using COBRAS
  Delete all local users from CUC
  Do a bulk import of all users from LDAP into CUC as fresh accounts
  Use COBRAS import tool to load backup
  Amend the alias names manually to the correct length (8 letters)
  Import all users and VM's back in
  Pray it works!
  Any more efficient suggestions welcome
  Thanks in advance
  Mus

  There is a far easier way to do this using the Bulk Administration Tool in Connection.
  Perform an export operation to get everything into a CSV file.
  Delete all the columns except Alias, EmailAddress, MailName, and LdapCcmUserId.
  Populate the LdapCcmUserId to match the user's sAMAccountName attribute from AD.
  NOTE: Spot-check to be sure that you can find this user's account using the Import Users section. The account must have a Last Name value populated, be within the search base, and satisfy any filters you have applied to the syncrhoization agreement.
  Update the MailName to match the LdapCcmUserId. If you are using VMO or Single Inbox also set the EmailAddress to match the user's real email address. When you do the Update operation the Alias should get corrected to match the LdapCcmUserId if memory serves [read: test this!].
  NOTE: If you are setting the EmailAddress you also want the CreateSmtpProxyFromCorp column to be set to 1. This will ensure that the value is copied to the SMTP Proxy Address and can be utilized by the Unified Messaging integration.
  Save your modified CSV file and run an update operation. I suggest starting with a batch of only a few accounts at first to get comfortable with the process. Be sure to specify a filename for failed objects; you almost always have a few and this will give you a little guidence on what failed.

• Hidden shares for specific users

  Hi,
  I've been computer admin for years but please forgive my ignorance because I'm new to Mac Server. I am using 10.5.6 server on a PPC dual G5. All clients are 10.5.6.
  I am trying to setup hidden network folders that only specific users can access.
  On a local slave drive I have created share points within ServerAdmin. One of these is a folder called "NetUserStorage" and within this folder I have a folder called TestUserFolder. I did NOT set up NetUserStorage as a sharepoint. I did set up a TestUserFolder as a sharepoint via only SMB (guest access off) and made the TestUser (which i created in WGM) have Full Control, localadmin has RW, Others has none.
  FYI, the server doesn't do DNS, DHCP, or anything, it's just a file server.
  The client is only bound to server via the application "Directory", and I log into the client as a local user. When I connect to server and enter the correct path (smb://IP.x.x.x/Volumes/HD/NetUserStorage/TestUserFolder/) with the correct TestUser and password, I get an error message that says "You do not have permission to access this server." Yet I can connect to the server as guest and access all the public shares fine.
  Could anyone offer some advice? I'm reading and learning as quickly as possible and have already done some great stuff but I can't seem to do this simple task.
  Thanks.

  Steve thank you for helping me. You've helped me answer this question but I now have another (of course right?).
  I finally got it to work by typing just the IP of MyMacServer and then choosing the share. Previously, I was typing the whole path to the hidden share I was trying to mount (smb://IP.ip.ip.ip/Volumes/HD/HiddenFOlder/TestUserStorage/). Now, when I simply type smb://IP and hit enter, authenticate as TestUser, I am presented with shares to choose from including the hidden folder I have been trying to mount. I can also confirm when connecting as a different user that the hidden TestUserStorage folder is not an option to mount, and is not even listed - which of course is what I want.
  So now I have a question about logging into the client computer using network accounts.
  On the client computer, I had been logging into a local account, LocalUser. I bound the client computer to the server using "Directory Utility" and the TestUser account (TestUser is a network account found in OD on MyMacServer). I have software update looking to the MyMacServer and pulling updates from it, and at the logon screen on the client computer, I can select the "other" account and login as MyNetAdminUser (a user located in OD as TestUser is), but when trying to logon as TestUser I am not able to.
  Thank you for all your help so far, hate to be such a noob, but got any ideas on why I can't login to the local client using the TestUser account?
  Thanks again.

• Anyone has experience combining local users with managed user?

  I thought this would be pretty common. We started with each user being a local admin user (12 mac systems in the office). We now got a snow leopard server and wanted to migrate everyone to a Open Directory user. We did hours and hours of research and found a few supported way to do this but having some problems....One way was to send out an invitation email from Server Preferences. When the user receives the email he can automatically convert current user into a managed user. However, the feature is suppose to synchronize password between these two users but it didn't for us, so now the user is left with a different password for the local account and OD account. What is going on? Any tips?
  This is taken from a book that I am reading:
  From a Mac OS X Server email invitation—If your network directory service is being hosted from a local Mac OS X Server that is being managed via Server Preferences, then you can bind it automatically from an email invitation sent by the server’s administrator. Clicking the “Automatically Configure My Mac” button in this email will open the Accounts preferences and bind your Mac to the Mac OS X Server and tie your local account to the server account. Again, this process will synchronize the account passwords and can automatically configure client services. Further, the invi- tation email can have clickable links to other services hosted from the server like file and web services.

  I too was thinking about this, but punted after realizing it was too messy. My current solution is to make a local user called 'localadmin' and make this same user on every machine, give it admin privileges, etc. That way, if someone wants to install some software, they can fast-user-switch to localadmin, do the install, and then reset to their actual login. Once the logins are tied to an OD server and you become a 'managed' user, the individual can change their password locally and it will indeed update the OD master.

• Voice mail for one user with two extensions

  Environment:
  Cisco Unified CM Administration System version: 7.1.3.30000-1
  Cisco Unity Connection Administration Version 7.1.3.10000-68
  We have a user this year that will be wearing two hats and will have offices in two different locations. I have both extensions as a line on each phone. Now I just need to point both extensions to the same voicemail box or give the user two mail boxes. It seems that CM Administration only supports one voicemail box per user. I think it would be easier for the user to only have to check one mail box by having both extensions point to the same VM. How can I accomplish this?

  Hi Andy,
  Let's say the user has numbers 7005 & 8450 but we want only one mailbox
  @ 7005. There are a couple of ways to do this.
  In CUCM go to> Feature> Voicemail> Voicemail Profile and  create a new Profile called XXXX (whatever name you want) with a  Description called "XXXX username Mailbox" the Voice Mail Box Mask will be 7005> Save
  Then  via CUCM go to the Users Phones> under Directory Number Config for 8450> Voicemail Profile and change to XXXX (created previously in  above steps)>Update>Reset
  Now when a call routes via forward to Unity Connection it will reach the Mailbox @ 7005.
  Or in Unity Connection set up Alternate Extension so that 8450 is an Alternate Extension for 7005 etc.
  Cheers!
  Rob
  "I don't know how, I don't know when
  But you and I will meet again " 
  - Tom Petty

• How to grey out Intel Graphic Media for local users?

  does anyone know how to grey out the options to stop local users changing graphics options from Intel media graphics for Mobile?
  As well if anyone know what is different in BIOS updates, any option to cancel booting devices (not only change order)

  Hi
  Sorry but something like this is not known to me. You can disable a lot of different functions but display properties and settings are always available.
  BTW: I do not see some problem there is someone change resolution or whatever if the resolution is high and symbols to small.
  As far as I know it is not possible to cancel booting devices.

• How to provision an app for all users with all dependencies?

  I have created an app package with VS that I want to provision for all users of a target system using
  DISM /Online /Add-ProvisionedAppxPackage /FolderPath:".\%package%" /SkipLicense
  The path contains the content of the *Test folders VS creates when creating store packages. However DISM expects a ".main" file in this folder to work (0xc1570102).
  What's the correct way to provision an app with all its dependency packages? (Using the PackagePath option?)

  After some further testing in Profile Manager I found that adding the applescript to items that open at logon seems to work. No need for the plist, unless of course I decide not to use Profile Manager at all.

• Port 5900, how to open for local USER?

  I'm having the same problem as many on this ARD forum - we canot Observe & Control some Macs. I've noticed that the ones we cannot access are running AppleVNCS through port 5900 via 'root', but those we can access are running AppleVNCS via 'user'.
  Is there any way I can force the faulty systems to access through 'user'?
  I have tried various tricks through System Preferences, but I'm not getting the desired result.

  That's an interesting correlation between the user the server process runs as and whether you can successfully initiate a session, however, it shouldn't matter. AppleVNCServer appears to run as the user that is currently logged into the console. Only if there is no console user (machine is at the real login window, not FUS login window popup) does the server runs as root.
  Are you able to connect via screen control if you log a user into the console of one of these machines?
  Is the user for AppleVNCServer tracking with the console user ID? Are there more than one copy of AppleVNCServer running?