Local Groups Membership on All Servers in the Network

Similar Messages

• Program that finds all servers on the net 76-lines

  Hi Guys and Birds,
  Here's a small program written by the dear brothers Asger (hjerl.dk) and Morten (www.mycgiserver.com/~game) which finds all servers on the net in a couple of hours. Good luck
  package com.hjerl;
  import javax.swing.*;
  import java.io.*;
  import java.net.*;
  import java.awt.*;
  import java.util.*;
  public class Browser extends JFrame {
  int counterwww = 0;
  ArrayList visitedUrls = new ArrayList();
  ArrayList links = new ArrayList();
  public static void main(String[] args) {
       Browser b = new Browser();
  public Browser() {
       fetchLinesInPageAsArrayList("www.jp.dk");
       System.out.println("Number of links found: " + counterwww);
  private void fetchLinesInPageAsArrayList(String str) {
       ArrayList al = new ArrayList();
       try {
            URL url = new URL("http://"+str);
            URLConnection uc = url.openConnection();
            uc.connect();
            InputStream is = uc.getInputStream();
            BufferedReader br = new BufferedReader(new InputStreamReader(is));
            int c = 0;
            while (br.ready()) {
                 al.add(br.readLine());
            findLinksFromLineArrayList(al);
       catch(Exception ex) {
            ex.printStackTrace();
  private void findLinksFromLineArrayList(ArrayList al) {
       for (int c = 0; c < al.size(); c++) {
            String s = ((String) al.get(c)).toLowerCase();
            //int a = s.indexOf("http://");
            int b = s.indexOf("www.");
            int d = s.indexOf("/", b+4);
            if (b == -1 | d == -1)
                 continue;
            String link = s.substring(b,d);
            //fjerner evt.""
            int e = link.indexOf("\"");
            if (e != -1) {
                 link = link.substring(0, e);
            if (links.contains(link) == false)
                 System.out.println("New link found: " + link);
                 links.add(link);
                 counterwww++;
                 fetchLinesInPageAsArrayList(link);
            else
                 System.out.println(" Old link found: " + link);
  }

  Well, apart from the "finds all servers" bit and the "in a couple of hours" bit, that sounds quite plausible...

• Why can't I see all servers on my network with Lion?

  Why can't I see all servers on my network with Lion, but I can with Snow Leopard? Am I missing a setting somewhere? This is really frustrating and I'll have to go back to snow leopard if it can't be fixed. I can see other macs fine, but network servers and PC servers are missing. Sometimes they do appear in 'Shared All' and I can connect OK, but then they disappear again. Is this a bug with Lion, or am I missing something really simple? I can't work properly at the moment, so Lion has been a disaster for me. Any help really appreciated. Thanks

  Please update to the most recent version of Firefox:
  *[[Update Firefox to the latest version]]

• Sonicwall E5500 Local Group Membership Question

  In Users > Local Groups open any group and click on the members tab. In the non-member users and groups list box there is an entry that looks like this: ------
  Example membership list:
  Sonicwall Admins
  Sonicwall read only admins
  All LDAP Users
  Does anyone know what the ------ entry means? We are using integrated LDAP security. Thanks.

  I recently acquired a SuperMicro chassis that has a SAS2 expander backplane. It has SFF-8087 ports on it.http://www.supermicro.com/manuals/other/BPN-SAS2-846EL.pdfI made a post on another forum and someone mentioned that the card couldn't be used with that backplane since it's a SATA controller, however, the backplane is both SAS and SATA device compliant, it's only the RAID controller, as far as I know, that is a "SATA II" controller, and not a SAS controller.So, I couldn't find anything in the official documentation of this controller on whether or not it was able to control SAS devices. The card itself has a 3 SFF-8087 ports though, couldn't this theoretically still be used with a SFF-8087 to SFF-8087 cable(seen below)since the backplane is a SAS/SATA backplane?...

• ADFS server in NLB cluster unable to reach all servers in the same subnet

  I have 2 ADFS (3.0) virtual servers (server 2012 R2 on VMware) in an NLB cluster (setup for Office 365 initially) and want to be able to use the SAML to connect to a couple of Linux servers in the same network to allow SSO to the Linux boxes.
  It was working then stopped and now the primary FS server (FS1) cannot ping either Linux box or one of our WS08R2 file and print servers. It can ping all other servers in the same network.
  I tried to get a packet capture with MS NetMon 3.4 but it only picked up the successful ping requests.
  Firewall is disabled but that made no difference.
  NLB cluster configured in Unicast mode as I found Office 365 and another outside service didn't want to work using Multicast or IGMP Multicast.
  The really bizarre thing is the secondary FS vm can ping the other boxes even with "ping server -S clusteraddress"
  Any suggestions as to where to look to track this down will be most welcome.
  Cheers
  David
  Cheers, David

  Hi,
  I am trying to involve someone familiar with this topic to further look at this issue. There might be some time delay. Appreciate your patience.
  Thanks for your understanding and support.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Changing Local Group Memberships

  As administrator, I added a certain user as a member to a Local Group.  I used my admin tools to see that he was in fact in the group.  The user checked that he was in the group by the command  "net user xxxxxx"  which showed
  he was in the group.  But the user did not have the privileges of the group.  The user had to log out then log back in, then he had the new privileges.
  Is there a way to make the new privileges take effect without the user logging out and logging in?
  Am running Windows XP Pro.

  Yes, log out and log in is required for these changes. Or you may reboot. 
  Arnav Sharma | http://arnavsharma.net/ Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading
  the thread.

• How i can export and distribute setting; network.automatic-ntlm-auth.trusted-uris" to all computers in the network (With Folder Rederiction enabled)?

  Hi,
  We are about to enable SSO in our environment. As a result, I need to modify the value for user_pref("network.automatic-ntlm-auth.trusted-uris", "my domain");>>prefs.js.
  I created a simple .bat file to make the necessary mod and add the line to pref.js. When I run the file it outputs the prefs.js to the same location, not the Mozilla AppData folder. We are a Win7 environment with folder redirection enabled. Therefore, our user's Mozilla AppData folder is located at \\my domain\dfs\XenDesktop\Profiles\username\AppData\Mozilla\Firefox\Profiles\default (random default profile name). My question is what is the best course of action to add this pref. to all PC user's pref.js file? keep in mind the pref.js is located on the hidden network path I included above. I apologize if my question is not easy to understand.

  cor-el, thanks for you reply.
  Yesterday, prior to my post, I did try the mozilla.cfg method. I read your reply to another FF user's, similar question. Here are my complete steps.
  1. created a txt file with the following info: defaultPref("network.automatic-ntlm-auth.trusted-uris", "ngs.org"); // set new default value
  2. saved the file as mozilla.cfg
  3. dropped the file in C:\Program Files (x86)\Mozilla Firefox
  4. Created local-settings.js with the following info:
  pref("general.config.filename", "mozilla.cfg");
  pref("general.config.obscure_value", 0); // use this to disable the byte-shift
  5. dropped the file in C:\Program Files (x86)\Mozilla Firefox\defaults\pref
  When I launch Firefox the network.automatic-ntlm-auth.trusted-uris should say ngs.org, but the value is still blank.
  Any help is greatly appreciated.

• Set date and time for all macs in the network

  Hi,
  I need to set the time and date for all of our Macs in the network, I have tried to have a look at Workgroup manager but I can not see anything.
  Any ideas?
  Thanks in advance,

  Once the ntp setting is initially loaded, it should not need to be changed.  But you know that, of course.
  If you're looking to automate ntp configuration as part of system imaging (SIU, InstaDMG, etc) and client set-up, then that's certainly possible; that sort of discussion is regular fodder on the Mac Enterprise mailing list.  (Check the archives over there for some interesting discussions.)  Here are some related discussions that might interest you, too:
  http://www.afp548.com/forum/viewtopic.php?showtopic=21477
  http://www.afp548.com/forum/viewtopic.php?showtopic=20328
  Also see man systemsetup for some details.
  $ /usr/sbin/systemsetup -getnetworktimeserver
  Network Time Server: time.apple.com
  $
  And here's a slightly-dated intro to client management.

• Download iOS 8 once and use it to upgrade all iPads in the network

  Is it possible to download iOS8 only once and use it to upgrade all iPads in the same LAN? 
  I tried the following methods and they are just not working:
  1. Connect an iPads Mini with Retina Display to the iTunes on Mac.  I chose Download Only. Once downloaded the iPad Software Upgrade, I upgraded the connected iPad to iOS8.  Then I connect another iPad (used to be on another Mac) to the same iTunes.  I had to download iOS 8 again.  It's not using the same downloaded iOS 8 file.
  2. I turned on the Caching Service (not Software Upgrade Service, i.e. for Mac Software) on the Mac Mini Server from the Server app.  I then repeat step 1 above and got the same result.  It seems that the Caching Service does not cache the iOS 8  Software Upgrade like what it does for other apps.  (I think I may need to use some Apple Scripts but I have no such experience.)

  Ivan H wrote:
  It's for the family.  Every member has 2-3 iOS devices to upgrade.
  I agree with Csound on that, a family, even with a lot of devices will have to individually update.  There are enough nuances in the iOS for different devices that you need to download for each.  If you had 200 iPad 2's then there might be an enterprise way...but not a family with a mix of devices.

• Findind a list of MySQL servers in the network

  I'm thinking about this idea and I'd really appreciate some directions.
  I have a Java App that connects to a MySQL server in the internal network. Depending on where I'm running the application, the server may be in different addresses. I'd like the application to scan the network for servers and ask the user which server should it connect too, instead of requiring the user to input technical data like the ip address and port.
  I'm guessing this would involve sending a broadcast and testing the servers that reply but I'm not too familiar with these issues. Any information about how I should go about doing this would be greatly appreciated.

  Well step 1 would be to go read the MySQL documentation and see if it actually supports something like this. If it doesn't then you're basically already done.
  Me - I'd take control myself. If you want to know where things live, create a central repository that keeps track of the information and then the clients can connect to this one repository and fetch the details from it.

• When I connect imac to network via airport all devices on the network lose internet connectivity

  Every device stays connected to the network but the internet stops working. Usually the network will continue to function normally for about five minutes when the imac connects, but then every device loses internet access via the network, NOT just the imac. As soon as I turn off the imac's airport they get internet connectivity back. A wired network connection to the imac seems to work OK.
  The airport is configured as "Using DHCP"
  Mac OS X 10.6.8
  As far as I know, no changes have been made to the computer recently (but it is not my machine and the owner isn't here atm)
  I found one other resource with the same problem here:
  http://www.mac-forums.com/forums/internet-networking-wireless/183185-turning-my- macbook-airport-breaks-internet-connection-entire-network.html
  but the solution didn't work. When I deleted the three files mentioned in the solution in that thread, my problem is not solved.
  If you have any ideas or need more information I would love to hear from you.
  Thanks guys.

  Yes it is possible that the two machines are creating a Computer-to-Computer network and are not going through the Express.
  To delete the Alias you may need to login with the Admin User.
  Will
  1GHz G4, 15" PowerBook, Airport Network, 1G iPod Mini   Mac OS X (10.4.5)   Updated - Get Started with iWeb (WillG4PB.com)

• How to Open Ports for HP Printers for all computers within the network (router)

  Hi,
  I have the EA6700 router and a few HP printers and Multi purpose printers/scanner/fax ...
  When installing the print drivers, they are ok.  Sending to printers are not a problem.  However, the problem comes with scanning.
  The HP Software ask to open a port for it...     How do I do that?   I checked, it seems other computers are affected by it too after changing to this new router.
  I read that it can be done on the "App and gaming" section at the Security page.  Do I go to the port forwarding section?   But it only forward to one computer.  that doesn't work...    
   I'd like to open a port and a lot of other IPs can print and scan from it.
  Thanks

  Ports are not needed to be opened on the LAN side of the router for Printers and Scanners. I recommed that tiy contact hp for help and information regarding setup and configuration of those devices. Also the addition of a external Gb network switch for these devices is recommended as well. Would help eliminate any un-necessary router configuration or processing. 

• Kindly advise how i can export and distribute settings done on "about:config == network.automatic-ntlm-auth.trusted-uris" to all computers in the network. What is the best way to effect this changes on all Machines?

  I want user to access sharepoint on Mozilla without being prompted for credentials instead it should use logged on credentials

  Hi Meshackl, there is a very simple way with the distribution.ini file. Mike Kaply describes how to do that here:
  http://mike.kaply.com/2012/03/26/customizing-firefox-distribution-ini/

• Managing membership of local group - Domain Local groups not permitted?

  Hi all
  I would like to populate the membership of the local Administrators group on certain member servers using the "Local users and groups" feature of GPP.  The object picker does not let me choose groups with Domain Local scope. 
  Does anyone know the reason for this?  Is there any workaround?
  I can add domain local groups to the membership of the Adminstrators group manually, so it seems strange I can't do it via GPO.
  Alexei

  > I would like to populate the membership of the local Administrators
  > group on certain member servers using the "Local users and groups"
  > feature of GPP.  The object picker does not let me choose groups with
  > Domain Local scope.
  I cannot confirm. I can add both DL and GG. What OS are you using? Here:
  Win 7 Enterprise 32 bit.
  Martin
  Mal ein
  GUTES Buch über GPOs lesen?
  NO THEY ARE NOT EVIL, if you know what you are doing:
  Good or bad GPOs?
  And if IT bothers me - coke bottle design refreshment :))

• AD Group Membership with User From Domain Outside of Forest

  Here's one to twist your brain around -
  I have kerberos authentication using Active Directory working between a client's web browser and my web-app hosted in JBoss. I also have limited authorization working by checking group memberships using LDAP. This currently only works if all users are in the same domain. The ever-helpful adler_steven has detailed in another thread (http://forum.java.sun.com/thread.jspa?threadID=603815&tstart=15) how to do a group membership check for all Users/Groups in a single forest using the Global Context.
  I need to go beyond the domain and even beyond the forest and try to authorize a user from a trusted domain by checking if the user is a member of a group in my domain. Authentication works fine using kerberos. It's the authorization by group check I am having trouble with. I believe there are two ways to approach this:
  Approach #1
  Access the MS-specific PAC in the kerberos token from the client to get the group SIDs. The structure of the PAC is nicely defined in this article: http://appliedcrypto.com/spnego/pac/ms_kerberos_pac.html. However, I have no idea how to access the decrypted token. I pass the encrypted token that I receive from the browser to myGssContext.acceptSecContext(...) to complete the authentication.
  Question: Does anyone know how to get the decrypted kerberos ticket from there, specifically the authorization-data field?
  Approach #2
  Try to walk through the Active Directory structures in both domains using LDAP. In the domain group that I am checking, I can see a member attribute that references a foreignSecurityPrincipal object. The CN of this object happens to be the objectSID of the user I am looking for in the remote domain. Unfortunately, I have to check the remote domain server directly to verify that. The foreignSecurityPrincipal object itself does not contain any hint about what user it refers to aside from the SID (no originalDomainName attribute or something similar). It is feasible that I could walk the chain of references back to the remote domain AD server. That would require that my configuration include a list of remote domain servers to check (since I could have users from multiple trusted domains) and that my JBoss server have access to those servers.
  Question: Does anyone know of some other LDAP-related way of finding information about a user from a remote, trusted domain without having to hit the server for that domain directly?
  adTHANKSvance
  Eric

  You should be able to work back from the foreignSecurityPrincipal object :-) He says with a wry smile..
  This post prompts me to think whether one day someone will draw the entity relationship diagram for AD. Oh well, I've been procrastinating for years, a few more won't hurt !
  If it was a user from within the same forest, you should just be able to perform a search against a GC using the objectSID as the search filter. I've forgotten, but I don't think they will be represented as foreign security principals.
  Have a look at the post titled JNDI, Active Directory and SID's (Security Identifiers) available at
  http://forum.java.sun.com/thread.jspa?threadID=585031&tstart=150 that describes how to search for an object based on their SID.
  Now if it is a user from another forest, with which you have a trust relationship, then we begin the navigation excercise.
  You'll need obtain the user's SID (either from the cn or from the objectSID attributes) from the foreignSecurityPrincipal object. For example CN=S-1-5-21-3771862615-1804478405-1612909269-2143,CN=ForeignSecurityPrincipals,DC=antipodes,DC=com
  objectSID=S-S-1-5-21-3771862615-1804478405-1612909269-2143Then obtain the domain RID, eg.S-1-5-21-3771862615-1804478405-1612909269Next you will have to recurse each of the crossRef objects in the Partitions container, in the configuration naming context (which you will find listed in the RootDSE). The crossref objects that represent trusted domains or forests will have values for their trustParent attributes. A sample query would be something like//specify the LDAP search filter
  String searchFilter = "(&(objectClass=crossRef)(trustParent=*))";
  //Specify the Base for the search
  String searchBase = "CN=Partitions,CN=Configuration,DC=antipodes,DC=com";For each crossRef object, you can then use the dnsRoot attribute to determine the dns domain name of the forest/domain (if you want to later use dns to search for the dns name,ip address of the domain controllers in the trusted domains/forests), and then use the nCName attribute to determine the distinguished name of the trusted forest/domain.dnsRoot = contoso.com
  ncName = dc=contoso,dc=comPerform another bind to the ncName for the trusted domain/forest and retrieve the objectSID attribute, which will be the domain's RID. You may want to cache this information as a lookup table to match domain RID's with domain distingusihed names and dns names.String ldapURL = "ldap://contoso.com:389";
  Attributes attrs = ctx.getAttributes("dc=contoso,dc=com");
  System.out.println("Domain SID: " + attrs.get("objectSID").get());Once you find out which domain matches the RID for the foreignSecurityPrincipal, you can then perform a search for the "real user" .And then finally you should have the user object that represents the foreign security principal !
  Just one thing to note. Assume that CONTOSO and ANTIPODES are two separate forests. If you bind as CONTOSO\cdarwin against the CONTOSO domain, the tokenGroups attribute (which represents teh process token) will contain all of the group memberships of Charles Darwin in the CONTOSO domain/forest. It will not contain his memberships if any, of groups in the ANTIPODES forest. If Charles Darwin accesses a resource in ANTIPODES, then his process token used by the ANTIPODES resource will be updated with his group memberships of the ANTIPODES forest. Also you can have "orphaned foreignn security principal", where the original user object has been deleted !
  BTW, If I was doing this purely on Windows, IIRC, you just use one API call DsCrackNames, to get the "real user", and then the appropriate ImpersonateUser calls to update the process token etc..
  Good luck.