Issue Password-less SSH: Sun OpenDS 2.0 as Naming Service
We are in the final phase of a proof of concept for Sun OpenDS as the Naming service for an important customer and facing problem with password-less ssh. We narrowed the problem down to password policy specifying a value for password maximum age. SSH succeeds with ?0? (zero) but requires password if the value is different from 0.
Any help in getting a resolution is greatly appreciated, as this is a road block now.
The following information is gathered.
The test is performed from a host thud which is setup as an ldapclient.
thud 275 ssh thud -i .ssh/thud
Password:
Last login: Tue Oct 13 06:57:01 2009 from xxx
Apparent reason (trimmed):
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying public key: .ssh/thud
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-dss blen 434 lastkey 1166d0 hint 0
debug2: input_userauth_pk_ok: fp 07:15:b3:07:8d:da:b3:c8:34:d0:34:91:60:77:e0:39
debug3: sign_and_send_pubkey
debug1: read PEM private key done: type DSA
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
Password:
Corresponding debug info from server (thud):
Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.debug] debug1: userauth-request for user doejohn service ssh-connection method publickey
Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.debug] debug1: attempt 1 initial attempt 0 failures 1 initial failures 0
Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.debug] debug1: test whether pkalg/pkblob are acceptable
Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.debug] debug1: temporarily_use_uid: 6147/150 (e=0/1)
Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.debug] debug1: trying public key file /home/doejohn/.ssh/authorized_keys
Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.debug] debug1: matching key found: file /home/doejohn/.ssh/authorized_keys,
line 2Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.info] Found matching DSA key: 07:15:b3:07:8d:da:b3:c8:34:d0:34:91:60:77:e0:39
Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.debug] debug1: restore_uid: 0/1
Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.debug] debug1: userauth-request for user doejohn service ssh-connection method publickey
Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.debug] debug1: attempt 2 initial attempt 0 failures 1 initial failures 0
Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.debug] debug1: temporarily_use_uid: 6147/150 (e=0/1)
Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.debug] debug1: trying public key file /home/doejohn/.ssh/authorized_keys
Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.debug] debug1: matching key found: file /home/doejohn/.ssh/authorized_keys, line 2
Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.info] Found matching DSA key: 07:15:b3:07:8d:da:b3:c8:34:d0:34:91:60:77:e0:39
Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.debug] debug1: restore_uid: 0/1
Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.debug] debug1: ssh_dss_verify: signature correct
Oct 13 07:29:36 thud sshd[21187]: [ID 966290 auth.debug] PAM[21187]: pam_start(sshd-pubkey,doejohn,0:179560) - debug = 1
Oct 13 07:29:36 thud sshd[21187]: [ID 390116 auth.debug] PAM[21187]: pam_set_item(179560:service)
Oct 13 07:29:36 thud sshd[21187]: [ID 390116 auth.debug] PAM[21187]: pam_set_item(179560:user)
Oct 13 07:29:36 thud sshd[21187]: [ID 390116 auth.debug] PAM[21187]: pam_set_item(179560:conv)
Oct 13 07:29:36 thud sshd[21187]: [ID 390116 auth.debug] PAM[21187]: pam_set_item(179560:rhost)
Oct 13 07:29:36 thud sshd[21187]: [ID 390116 auth.debug] PAM[21187]: pam_set_item(179560:tty)
Oct 13 07:29:36 thud sshd[21187]: [ID 665327 auth.debug] PAM[21187]: pam_acct_mgmt(179560, 0)
Oct 13 07:29:36 thud sshd[21187]: [ID 118111 auth.debug] PAM[21187]: load_modules(179560, pam_sm_acct_mgmt)=/usr/lib/security/pam_roles.so.1
Oct 13 07:29:36 thud sshd[21187]: [ID 143372 auth.debug] PAM[21187]: load_function: successful load of pam_sm_acct_mgmt
Oct 13 07:29:36 thud sshd[21187]: [ID 118111 auth.debug] PAM[21187]: load_modules(179560, pam_sm_acct_mgmt)=/usr/lib/security/pam_projects.so.1
Oct 13 07:29:36 thud sshd[21187]: [ID 143372 auth.debug] PAM[21187]: load_function: successful load of pam_sm_acct_mgmt
Oct 13 07:29:36 thud sshd[21187]: [ID 118111 auth.debug] PAM[21187]: load_modules(179560, pam_sm_acct_mgmt)=/usr/lib/security/pam_unix_account.so.1
Oct 13 07:29:36 thud sshd[21187]: [ID 143372 auth.debug] PAM[21187]: load_function: successful load of pam_sm_acct_mgmt
Oct 13 07:29:36 thud sshd[21187]: [ID 118111 auth.debug] PAM[21187]: load_modules(179560, pam_sm_acct_mgmt)=/usr/lib/security/pam_ldap.so.1
Oct 13 07:29:36 thud sshd[21187]: [ID 143372 auth.debug] PAM[21187]: load_function: successful load of pam_sm_acct_mgmt
Oct 13 07:29:36 thud sshd[21187]: [ID 579461 auth.debug] pam_unix_account: entering pam_sm_acct_mgmt()
Oct 13 07:29:36 thud sshd[21187]: [ID 267958 auth.debug] pam_unix_account: doejohn: Ignore module
Oct 13 07:29:36 thud sshd[21187]: [ID 545954 auth.debug] libsldap: more_info is empty, using default values
Oct 13 07:29:36 thud sshd[21187]: [ID 340006 auth.debug] PAM[21187]: pam_acct_mgmt(179560, 0): error Authentication failed
Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.notice] Failed publickey for doejohn from 172.16.1.207 port 44363 ssh2
Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.debug] debug1: userauth-request for user doejohn service ssh-connection method keyboard-interactive
Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.debug] debug1: attempt 3 initial attempt 0 failures 3 initial failures 0
Oct 13 07:29:36 thud sshd[21187]: [ID 800047 auth.debug] debug1: keyboard-interactive devs
Oct 13 07:29:36 thud sshd[21187]: [ID 390116 auth.debug] PAM[21187]: pam_set_item(179560:conv)
Oct 13 07:29:36 thud sshd[21187]: [ID 873394 auth.debug] PAM[21187]: pam_end(179560): status = Authentication failed
Sending the Account Usability control on the server returns:
?The account is not usable?
solaris-z1 487 # ldapsearch -D 'cn=directory manager' -w xxx -b 'dc=texas,dc=net' -J "accountUsability:true" uid=doejohn
# Account Usability Response Control
# The account is not usable
dn: uid=doejohn,ou=eng,ou=People,dc=texas,dc=net
uid: doejohn
shadowLastChange: 14480
loginShell: /bin/ksh
userPassword: {CRYPT}GOUlmnz01bJbwcY69Btp2sIRJrLf+5RtAj4oug==
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: shadowAccount
objectClass: IEEPerson
objectClass: posixAccount
objectClass: top
givenName: John
cn: John Doe
sn: Doe
telephoneNumber: ...
gecos: ...
homeDirectory: /home/doejohn
mail: [email protected]
uidNumber: 6147
gidNumber: 150
manager: ...
For someone with a different password policy (max age is 0) the account is usable.
Ldapclient is running on a SPARC, Solaris 9 system; the Sun OpenDS 2.0 is running on Solaris 10 Sparc.
Password-less ssh works as expected when using a system not using LDAP.
See https://opends.dev.java.net/servlets/ProjectForumMessageView?messageID=31827&forumID=3292.
Regards,
Ludovic.
Similar Messages
-
Prompting for passwords even i configured ssh password less authentication
There are two servers :
1. Site
2. Testing
from site server i want to connect testing server with ssh password less authentication.
i generated public and private keys with ssh-keygen -t rsa on site server.
cat id_rsa >> authorized_keys
cat id_rsa.pub >> authorized_keys
i appended id_rsa.pub ( public key site server ) to authorized_keys ( testing server ) with below command .
ssh [email protected] "cat >> ~/.ssh/authorized_keys" < ~/.ssh/id_rsa.pub
am i missing some point in performing procedure for ssh password less authentication ?
because it prompts for passwords agaian and again
Edited by: user13376823 on Oct 9, 2012 9:30 AMuser13376823 wrote:
There are two servers :
1. Site
2. Testing
from site server i want to connect testing server with ssh password less authentication.
i generated public and private keys with ssh-keygen -t rsa on site server.
cat id_rsa >> authorized_keys
cat id_rsa.pub >> authorized_keysI don't think you should be doing this. I can't see the point of adding the private key and adding the public key means the "Site" can ssh to itself without needing a password!
>
i appended id_rsa.pub ( public key site server ) to authorized_keys ( testing server ) with below command .
ssh [email protected] "cat >> ~/.ssh/authorized_keys" < ~/.ssh/id_rsa.pub
I would expect you to add the RSA public key to the "authorized_keys2" file and not the "authorized_keys" file.
>
>
am i missing some point in performing procedure for ssh password less authentication ?
because it prompts for passwords agaian and again
Edited by: user13376823 on Oct 9, 2012 9:30 AM -
Ssh connectivity(password less) for oracle unix account in 11gR2 RAC
DB : 11.2.0.2
OS : Unix
While installiation of RAC, password less connectivity setup is required between two nodes to copying files and to run commands. This is mandatory before installation.
But after installation, is it require to have password less connectivity ( SSH) between two nodes ? By locking "oracle" unix account breaks ssh connectivity between two nodes. Even though it's not breaking cluster, but do we really need ssh connectivity once RAC db is up and running ?it is also used when you apply patches but not for everyday 'normal' operation
http://download.oracle.com/docs/cd/B19306_01/install.102/b14203/prelinux.htm#BABJBAEB
Oracle Universal Installer uses the ssh and scp commands during installation to run remote commands on and copy files to the other cluster nodes. You must configure SSH so that these commands do not prompt for a password.
Source:-SSH for 10g RAC -
Irregular failure to authenticate OpenDirectory users via password-based ssh
TL;DR - my Yosemite Open Directory server irregularly fails to properly authenticate users (via password-based ssh).
I recently moved an Open Directory server from an Xserve running 10.6 to a new Mini running 10.10. I archived the OD config on the Xserve and then took it offline. Then I brought the Mini online using the same hostname/IP address, created a new OD master using the archived configuration. Everything seemed to work well, however sometimes the server will not authenticate users via password when logging in with ssh/sftp/scp. This is also true of a few OS X machines that bind to the OD server (i.e. they usually authenticate users properly, but sometimes fail for no discernable reason).
The failures are only for password authentication using ssh. Other mechanisms do not exhibit the auth failures. For instance, AFP and SMB user auth never fails (with proper credentials). Nor do users to a FileMaker Server machine that authenticate via the OD server have problems. Public key based ssh authentication never fails. Local accounts (non-OD, aka "Local Network Accounts") also do not fail using password-based authentication.
The failures are irregular. The only pattern that I can find at all is that sometimes when the failures start happening, they keep happening continuously until...at some point they work properly again. That is, they may fail from 11:15 am to 2:01 pm, and if so, then all of them fail in that time range. Sometimes that time range lasts seconds, sometimes it lasts hours.
The time range failure pattern is host specific. For instance, if password authentication is failing on the main OD server, authentication may be fine on the other bound machines. If authentication is failing on one of the bound machines, then it may be fine on all others and fine on the OD server itself.
The failure pattern does not seem to correlate to any other events or activity on the server (even remotely). CPU utilization never gets above about 15%. Memory utilization is similarly very low. Network traffic is occasionally high, but it does not seem in any way related to the auth failures. There are not other log messages that occur before or after the failures with any consistency.
I've been monitoring the auth failures by attempting to login to the OD server and two other bound hosts once per minute so that I can tell when the auth is failing (before getting calls from the users).
The adaptive firewall is not running on the OD server. Nor is any other firewall.
Below are a comparison of the system.log entries for a failed and successful auth (I've stripped out those lines that are identical in both instances). The log entries have been sanatized as described.
Rebooting the OD server does not affect the bound clients' authentication. Rebooting the OD server is problematic, and I cannot do it often. When I do, sometimes failures start soon after reboot, and sometimes that don't come back for many hours - again, no discernable pattern.
If anyone has any ideas what I can do to discover the source of this problem and come up with a solution, I'd very much appreciate it. Note that I'm aware that I can export all users and group and reconstruct a new, clean OD master, but without the ability to save the passwords, this becomes a large logisitcal problem, and I'm saving it as a last resort (particularly since if it doesn't solve my problem, I will have inconvenienced many users and be right back in the same place).
Thanks for reading.
First failure:
Feb 11 00:00:20 odserver.myorg.gov kdc[67]: TGS-REQ [email protected] from 127.0.0.1:65373 for host/[email protected] [canonicalize, forwardable]
Feb 11 00:00:20 odserver.myorg.gov opendirectoryd[67268]: GSSAPI Error: Miscellaneous failure (see text (unable to reach any KDC in realm ODSERVER.MYORG.GOV, tried 2 KDCs (negative cache))
Feb 11 00:00:20 odserver.myorg.gov sshd[72974]: error: PAM: authentication error for myusername from clienthost.myorg.gov via 10.50.50.50
Feb 11 00:00:20 odserver.myorg.gov sshd[72974]: Connection closed by 10.50.50.99 [preauth]
Now successful auth:
Feb 11 01:03:20 odserver.myorg.gov kdc[67]: TGS-REQ [email protected] from 127.0.0.1:63978 for host/[email protected] [canonicalize, forwardable]
Feb 11 01:03:20 odserver.myorg.gov kdc[67]: TGS-REQ [email protected] from 127.0.0.1:62346 for ldap/[email protected] [canonicalize, forwardable]
Feb 11 01:03:20 odserver.myorg.gov sshd[73786]: Accepted keyboard-interactive/pam for myusername from 10.50.50.99 port 53361 ssh2
Feb 11 01:03:20 odserver.myorg.gov NetAuthSysAgent[73789]: GetStatus: connecting to self not allowed
Feb 11 01:03:20 odserver.myorg.gov NetAuthSysAgent[73789]: ERROR: AFP_GetServerInfo - connect failed 62
I've sanitized the entries as follows, replacing...
My username by myusername
The ssh source host IP address by 10.50.50.99
The ssh source hostname by clienthost.myorg.gov
The server hostname by odserver.myorg.gov
The server hostname (in caps) by ODSERVER.MYORG.GOV
The server IP address by 10.50.50.50Hello James,
I have not had a chance to look for the Router configuration document, however, for one of my certificate exams I did configure Authentication Proxy on an IOS router. The config for that lab was:
aaa new-model
aaa authentication login default group tacacs+ local
aaa authorization auth-proxy default group tacacs+ local
aaa session-id common
ip auth-proxy name AUTHPROXY http inactivity-time 60
interface FastEthernet0/0
ip address 192.168.250.19 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
interface FastEthernet0/1
ip address 192.168.200.120 255.255.255.0
ip access-group 110 in
ip nat inside
ip virtual-reassembly
ip auth-proxy AUTHPROXY
duplex auto
speed auto
ip route 0.0.0.0 0.0.0.0 192.168.250.1
ip http server
ip http authentication aaa
no ip http secure-server
ip nat inside source list nat interface FastEthernet0/0 overload
ip access-list extended nat
permit ip 192.168.200.0 0.0.0.255 any
access-list 110 permit ip any any
tacacs-server host 192.168.250.20
tacacs-server key cisco123
end
Please check if the commands are supported on your router as well.
If this ws helpful please rate.
Regards. -
Encoding issue with " " Less than sign
Hello Experts,
I am working on Receiver Webservice scenario where I am facing issue with "<" less than sign. SAP XI system automatically replace it with "<" sign. I can see the changed value in Audit log of communication channel.
Web service is not able to accept the data and I can see error message in audit log
SOAP: response message contains an error XIAdapter/PARSING/ADAPTER.SOAPEXCEPTION - soap fault: Server was unable to read request. ---> There is an error in XML document (1, 573). ---> The specified node cannot be inserted as the valid child of this node, because the specified node is the wrong type._
When I check the payload in audit log I can see the XML structure properly but as I open it in Notepad I can see character code "<" instead of u201Cless than <u201D symbol.
Audit log XML file is as given below
<?xml version="1.0" encoding="utf-8" ?>
- <ns1:TurnaroundDetail xmlns:ns1="http://isotrak.com/webservices">
<ns1:sessionid>3f2f2592-39d5-456e-8cf2-5d7ee81402c8</ns1:sessionid>
<ns1:data><Request xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><TurnaroundDetail><PlannedJobDepartureDatesFrom="2011-03-01T12:01:23.00" To="2011-03-01T12:07:10.00"/><DepotReference DepotReference="EASTLEIGH"/><DepotReference DepotReference="CHANDLERS"/></TurnaroundDetail></Request></ns1:data>
</ns1:TurnaroundDetail>
When I open it in notepad I can see converted value
<?xml version='1.0' encoding='utf-8'?>
<TurnaroundDetail xmlns='http://isotrak.com/webservices'><sessionid>dcc4adcd-ce8f-403d-a1cf-01fcc5aab066</sessionid><data><Request xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><TurnaroundDetail><PlannedJobDepartureDatesFrom="2011-03-02T08:28:29.00" To="2011-03-02T08:38:09.00"/><DepotReference DepotReference="EASTLEIGH"/><DepotReference DepotReference="CHANDLERS"/></TurnaroundDetail></Request></data></TurnaroundDetail>
I hope this is not caused due to AnonymizerBean configured in receiver SOAP comm channel.
anonymizer.acceptNamespaces http://isotrak.com/webservices ''
anonymizer.encoding ISO-8859-1 (also tried utf-8)
anonymizer.quote ''
Could you please suggest if I can get rid of "<" character and get < less than sign? Or it is obvious behaviour by SAP XI system w.r.t Encoding and Receiver end needs to decode this character?
Note: As per Web service requirement whole XML data to be processed by webservice is populated in single Data field. As here we are populating whole XML data file in one field named data
Thanks in advance.
Vinit.Simply typing "Test <test> test" into a frame and exporting that yields
<ParaStyle:Body>Test \<test\> test
and reading it back into ID gives the expected result. -
Please help me to change the password policy in Sun Directory Server 6.0
Hi,
Please help me to change the password policy in Sun Directory Server 6.0What are you trying to accomplish? Have you at least read the manual?
http://docs.oracle.com/cd/E19693-01/819-0995/fhkrj/index.html
As reported in earlier threads on this forum, DSEE 6.0 IS NOT a release you should use in your production environment, specially if you're starting new projects; consider moving at least to the latest 6.x release which is 6.3.1.1.1
thanks,
Marco -
I Would like to Enter My Password Less Often
I would like to enter my password less often. I am running the Hello Kitty OS (a.k.a. iOS 7).
Previously, I was able to set iPhone so it only required a password every 15 min. Now, after 5 min. I must reenter the password.
ThanksIf you are connected to a corporate IT mail server (Exchange) Your IT staff may be controlling the security options of the device. Speak with Them.
I.T. department is anti-Apple. I'm on my own.
look at, Settings>TouchID&Passcode>Require Immediately
THANKS, that may have done it. -
Hi,
it's possible to pass password into ssh-add? If it is, how? I want to unlock key automatically after reboot.Thanks of answers ^_^
graysky wrote:Which greeter are you using (lxdm, lightdm, gdm, etc)? Check the wiki for this topic.
I am using autologin via systemd with XServer autostart
https://wiki.archlinux.org/index.php/Au … al_console
https://wiki.archlinux.org/index.php/Start_X_at_Login
jasonwryan wrote:That sort of undermines the whole point of having a passphrase in the first place.
No, it doesn't. I don't wan't to input password every time I restarted my laptop, but I don't want to keep my key unprotected for cases
when someone copies it.
jasonwryan wrote:This sounds like an XY Problem. What are you trying to achieve?
Possibly it is. I am trying to achieve:
After autologin my ssh key is in keychain (https://wiki.archlinux.org/index.php/SSH_Keys#Keychain), gnome-keyring and others seems
just to heavy and I can use it without writing my password. Writing my password for the key once is accetable, however need to manually
write ssh-add is not.
So if key will be added automatically on "ssh host" and I must input password first time I connect somewhere, I am fine with it..
I hope I made clear what I need. -
[Unknowingly Solved] Bash, passing password to ssh-add
Hey guys,
I'm working on a script to add my ssh key to my ssh-agent using pam_exec.so. pam_exec passes the password to my script over STDIN, which is fine. But I can't for the life of me figure out how to pass the password to ssh-add.
I've already seen this question, but would really perfer not to have to install extra/expects just for this on script.
Any ideas?
Last edited by EvanPurkhiser (2013-08-14 05:40:34)Wow.. Ok. So I feel dumb. I was way over thinking this one.
Since pam_exec passes the password to the script over STDIN (WITH a trailing null character) I actually just have to add the ssh-add command somewhere in the script and it will read from STDIN.
I was actually stuck on this for awhile and had already tried
echo "myPassword" | add-pass
which obviously didn't work. And even now, trying something like this
printf "MyPassword\x00" | ssh-add
still doesn't work.
I'm actually a little perplexed as to WHY this worked.
Here's the full script
#!/bin/sh
# Takes a password from STDIN, starts the ssh-agent as a systemd user service,
# and decrypts the ssh key using the provided password, adding it to the agent.
# Handle inital checks as root
if [ $(id -u) = 0 ]
then
# Don't execute if the user-session isn't running
systemctl -q is-active user-session@${PAM_USER} || exit 0
# Re-execute this script as the user to add their key (while piping STDIN)
cat | exec su ${PAM_USER} -c $(realpath ${BASH_SOURCE[0]})
# Handle adding the key as the user
else
# We need to specify the XDG_RUNTIME_DIR because pam_systemd won't have run
export XDG_RUNTIME_DIR=/run/user/$(id -u)
# Get the SSH_AUTH_SOCK variable from the user session
export $(systemctl --user show-environment | grep SSH_AUTH_SOCK)
# Ensure the ssh-agent service is started
systemctl --user start ssh-agent
ssh-add
fi
... Marking as unknowingly solved
Last edited by EvanPurkhiser (2013-08-14 05:40:58) -
Sun One Web Server 6.0 Service Pack 5
I installed Windows 2000 SP3, Coldfusion MX Updater 1, and Sun One Web Server 6.0 Service Pack 5. In 2 separate instances I had the Sun One Web Server Stop serving all html pages immediately after I set automatic access log rotation in the web server administrator. I had the access log rotate every 1440 minutes at 12:00 AM. Although the web server instance appeared to be started, no html pages could be served. In addition, I was not able to undo the changes through the web server administrator. I finally tried to edit the magnus.conf file to remove the new log settings. However, nothing could bring back the web server into a working state. Web Server restarts and entire server reboots did not resolve this issue. I was wondering if anybody else has seen this issue and if so, how did you resolve it? I was forced to completely uninstall the web server and reinstall it. This makes me hesitant to put Sun One Web Server 6.0 SP5 into production. Any other thoughts or experiences with SP5 in a Windows/ColdfusionMX environment? Thanks for any help?
Since removing the log settings from magnus.conf failed to fix the problem, the log settings are probably not the source of the problem.
Did anything else - e.g. ColdFusion configuration changes - occur at about the same time you changed the log settings? -
How to fix this error "this iPad is not able to complete the activation process. Please press Home and start over. If the issue persists, please visit your nearest Apple Store or Authorized service provider for more information or replacement"? When I plugged in my iPad this popped up!
Hi csreddy,
If you are receiving a message to contact an Apple Retail Store or Authorized Service Provider for help updating from iOS 3, click on the link below to initiate that support:
Update the iOS software on your iPhone, iPad, and iPod touch - Apple Support
http://support.apple.com/en-us/HT204204
Update your device using iTunes
If you can’t update wirelessly, or if you want to update with iTunes, follow these steps:
Install the latest version of iTunes on your computer.
Plug in your device to your computer.
In iTunes, select your device.
In the Summary pane, click Check for Update.
Click Download and Update.
If you don't have enough free space to update using iTunes, you'll need to delete content manually from your device.
Find out what to do if you get other error messages while updating your device.
Last Modified: Jan 12, 2015
Apple - Find Locations
https://locate.apple.com
Contact Apple for support and service - Apple Support
http://support.apple.com/en-us/HT201232
Regards,
- Judy -
Good morning all,
I took over as IT director for the school district in my town about 2 years ago, and we've had some techs come and go, all of which have had the domain administrator password (not my call, but my fault for not changing it by now). I am about to change
it, but before doing so I want to know how I can make sure what all this will break so I can quickly change the cached/saved password on whatever supporting services use this user/pass.
Can anyone help here?
Thank you!Hello,
In my point of view if I were in this situation I would Change the domain administrator password. By
Resetting the domain administrators all the services which use domain administrator as their logon user, will lose their functionality. I had this experience and I did change the domain administrator password with no problem. However do not
forget to have a account lockout tool or script for locating the place where the account was locked out.
But to keep it short most of the time. lockout problems are arise from mapped drives, credential manager and saved RDP sessions and etc.
Regards.
Mahdi Tehrani |
|
www.mahditehrani.ir
Please click on Propose As Answer or to mark this post as
and helpful for other people.
This posting is provided AS-IS with no warranties, and confers no rights.
How to query members of 'Local Administrators' group in all computers? -
Help on Sun Certified Developer for Java Web Services (CX-310-220) exam
Hi,
I am planing for Sun Certified Developer for Java Web Services (CX-310-220) certification. Can anyone provide me the links for resouces? can anyone provide me books/publications/author best preparation material to score good marks in exam? can anyone provide me the download resources available over internet?
thanks in advance..!!!
regards
gaveeshayes, that's the only decent book covering most of the exam curiculum (but NOT all of it, check the exam specs versus the book content to know what you are missing).
I'm working on the same material, and boy is it a lot...
Dry, boring stuff most of it. -
Sun Certified Developer for Java Web Services (CX-310-220)
Hello All,
I'm planning to study for Sun Certified Developer for Java Web Services (CX-310-220). I really appreciate any help in suggesting the books and the material requiered for the above certification.
Thanks,
Greeshma...yes, that's the only decent book covering most of the exam curiculum (but NOT all of it, check the exam specs versus the book content to know what you are missing).
I'm working on the same material, and boy is it a lot...
Dry, boring stuff most of it. -
Issue while starting Named service
HI All,
I an in process of upgrading cluster from 1.2.0.5 to 11gr2.My OS is Redhat linux 5.3 For the same i am trying to configure DNS and scan .As i dont' have much idea about network so
I followed the link for configuring DNS Oracle 11gR2 2-node RAC on VMWare Workstation 8 – Part VII | The Gruff DBA . As per link i installed below rpms
[root@nod1 log]# rpm -qa bind*
bind-libs-9.3.4-10.P1.el5
bind-utils-9.3.4-10.P1.el5
bind-chroot-9.3.4-10.P1.el5
bind-9.3.4-10.P1.el5
[root@nod1 log]#
root@nod1 log]# rpm -qa cach*
caching-nameserver-9.3.4-10.P1.el5
[root@nod2 named]# more /etc/named.conf---> Named.conf file from nod2
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
forwarders { 192.168.1.1; };
include "/etc/rndc.key";
zone "mydomain" IN {
type master;
file "mydomain.zone";
allow-update { none; };
[root@nod1 named]# pwd
/var/named
[root@nod1 named]# more mydomain.zone
$TTL 86400
@ IN SOA mydomain. mydomain.(
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
nod1. IN NS 192.168.56.2
localhost IN A 127.0.0.1
nod2.mydomain IN A 192.168.56.5
nod1.mydomain IN A 192.168.56.2
nod2-vip.mydoamin. IN A 192.168.56.7
nod1-vip.mydoamin.. IN A 192.168.56.4
underworld-scan.mydomain. IN A 192.168.56.20
underworld-scan.mydomain. IN A 192.168.56.21
[root@nod2 named]# more /etc/resolv.conf
nameserver 192.168.56.5 # nod2 DNS server
nameserver 192.168.56.2 # nod1 DNS server
nameserver 192.168.1.1 # Primary DNS in the domain
search mydomain # Local Domain
But i am hitting issue when i am starting named service:
[root@nod1 log]# service named start
Starting named:
Error in named configuration:
zone mydomain/IN: loading master file mydomain.zone: file not found
_default/mydomain/IN: file not found
[FAILED]
[root@nod1 log]# Can anyone please help me out .. as its really hitting me badly . Thanks in advanceHi
To configure the SCAN , this SCAN IP should be resolve through DNS or /etc/hosts file .Please follow the below link to configure the DNS.
If you face any problem , then please let me know .
shivenracdba: configure DNS for Installtion of Oracle Grid Infrastructure RAC cluster
warm regards
Shivendra Narain Nirala
Maybe you are looking for
-
I am interested in purchasing a new Mac Mini to use with my two VGA monitors. I understand that one monitor can come out of the thunderbolt port with a converter cable; no problem. Can the other one come out of the HDMI port? If so, what cables ar
-
Album frames don't display properly: Since .MAC converted to MobileME help?
ORIGINAL MESSAGE POSTED TO APPLE SUPPORT Ever since .MAC was recently down - and converted to Mobile Me - I have been having problems with my iWEB site: 1. Frames around Photo Albums no longer display (on mac or win web browsers) - On Windows Compute
-
Safari keeps crashing, Need help!
Safari keeps crashing and not sure what is causing it, I have Google Chrome and it works fine. I tried opening Safari on Safe Mode and it works put keeps flickering. Any help would be greatly appreciated! Here is the code that it keeps giving me. Pro
-
Hi, I am creating the survey part using JSF as front end, basically survey has to create dynamic content like radio button, check box,text area etc., I am able to do this and also sucess in displaying , so what I did for displaying purpose I used the
-
if a table consists of records like 1 upendra 100 1 upendra 100 1 upendra 100 2 upen 200 2 upen 200 3 upend 300 3 upend 300 with a query i want to make the records in the above table like 1 upendra 100 2 upen 200 3 upend 300 i.e., i need only unique