Vsftpd: How to mix virtual and local users for pam?

Similar Messages

• How to use different (not local) user for NTLM auth in Authenticator?

  Hi All,
  I use custom authenticator to provide user / passwords to connect to .NET Web Services. I overloaded function getPasswordAuthentication() that returns right user / password combination for the requested URL. It all works perfectly for many kinds of HTTP connections: basic, ntlm, ntlm-v2, through proxy, ssl, etc.
  My problem is that during NTLM authentication from Windows computers JVM uses credentials of the currently logged in domain user instead of calling Authenticator to get other user / password provided by the user. In case when local user credentials fail to authenticate, JVM calls my Authenticator but in case authentication is successful it does uses local domain user and never calls my Authenticator. The issue is when this local domain user does not have enough permissions but authenticated correctly there is no way to supply JVM with another user to begin with.
  What can I do to force JVM to ignore local domain user and to use Authenticator to collect credentials during NTLM authentication requested by the server in case the software runs on a Windows box with currently logged in domain user?
  I am looking for the answer for a long time already but found only questions and suggestions to switch server from NTLM authentication which is not an option for me. From the developer's view it has to be pretty simple change for Sun to do in Java networking API. Is there any way to escalate it to Sun support? Maybe there is some property in some JRE patch level that allows to do this?
  Thank you very much!
  Mark

  Thank you for the reply. I have kind of an opposite problem. I can perfectly connect from Linux computers to Microsoft IIS servers using NTLM or even NTLMv2 authentication. My problem is connecting from Windows client computer joined to the same domain as IIS server with the domain user logged in to this computer. In this case this user account will be used in any HTTP connections I initiate to this IIS server instead of the one that I want to supply in my custom Authenticator.
  I have graphical interactive application that connects to IIS Server. When user runs it and connects to IIS server I want to prompt for the user/password regardless whether JRE may correctly authenticate using current user account credentials. The current user may not have enough permissions in IIS application so I want to use different user to login to IIS application.
  Thank you anyway,
  Mark

• Difference between AD domain user and local user

  Hello, I think the title is self explanatory. I am trying to figure out difference between AD domain user and local user. SAP Help wasnt very helpful.
  Thanks.

  Hi,
  It's about where the user accounts are kept. Domain users are users that are entered into the domain users group on a domain controller. These domain users can be centrally managed at the server. Whereas the local users are the users created in the local system.
  In BPC, you can select users from either of them or in combination as well. However, If you want to make change in the local user credentials, you need to login to the system in which the user has been created and make the changes there. On the other hand, changes to domain users can be made from any domain connected machine with the right software and the necessary rights. The changes only need to be made once.
  Hope this helps.

• How to set upper and lower limit for service notification in SPRO

  Hello everyone,
  Good morning....!!
  I am new to SAP PM and to SCN as well.
  I have a question on Service notification user status.
  I  have notification profile configured in SAP as below:
  Status no      Status          Short text              Lower limit          Upper limit
  5                  REGD          Registered                1                          70
  10                PCKS            Pack sent                  1                          70
  20                APRC            Application received  1                        70
  etc..
  I want the statusesto be set as  navigation should only allow to go back one by one...like from APRC -->PCKS not to REGD.From PCKS -->REGD etc..not vice versa.
  Can enayone explain me to how to set lower and upper limits for these according ot the above requirement.
  for more details please check my attachment.
  Thanks in advance..!!
  Regards,
  Sudha.

  Once you change the status to previous status, just save the order. Then again open the order & try to change the user status.
  Just I made replica of your profile. I could able to change (even without saving the order).

• ? how to add page numbers in pages 5.2, starting with 2.  Pages '09 had an option to not show folio on page one.  Also any how to do left and right folios for a Tabloid?  Many trhanks

  ? how to add page numbers in pages 5.2, starting with page 2.  Pages '09 had an option to not show folio on page one.  Also any idea how to do left and right folios for a Tabloid?  Many thanks  . . .

  Hello jacquemac,
  Your first question:
  There might be a better way of achieving what you wish to do, but following these steps could help you out.
  You might want to blend in Thumbnails and Invisibles either with (cmd+shift+i and cmd+alt+p) or over the View section in the Menubar.
  1. go for Documents (right end of the Toolbar) -> Section
  2. place your cursor at the very top of your second page and click "Create new Section->Starting with this page" in the side bar on your right.
  (what you are actually doing next is setting the pagenumbers for each section you created. You can see your sections in the Thumbnail view.)
  3. click on your first page (the first and only page of your first section) and mark the checkbox "Hide on first page of section"
  4. click on your second page (the first page of your second section) and  "Insert page number" -> start at 1
  Your second question:
  Im not quite sure i understand what exactly you want to do here. One page, two columns, each column with another page number? As far as i know this is not possible.
  greetings jl

• How can I install and config Jolt for IIS so that I can call the services advertised by tuxedo?

  How can I install and config Jolt for IIS so that I can call the services advertised
  by tuxedo?

  It appears that you have apps that need updating that were pruchased from more than one account
  - Go to settings>Store and sign out and sign into your account.
  - Apps are locked to the account that purchased them.
  - To update apps you have to sign into the account that purchased the apps. If you have apps that need updating purchased from more than one account you have to update them one at a time until the remaining apps were purchased from one account.

• How can I use PowerShell 3.0 cmdlets or script to list all the local groups and local users of a server?

  Using PowerShell 3.0 (And if possible the CIM, not WMI cmdlet), how can I script with | out-file C:\<filename>.txt or .csv option to list all local user accounts & local groups
  on remote computers? 
  Thank You!

  I don't recall PowerShell V3 introducing anything new to handle local users and groups. You need to use PowerShell V1 methods, using the [ADSI] accelerator and the WinNT: provider. The scripts linked above show this. No need to use WMI (which would probably
  be slower).
  Here is a script I've used to enumerate all local groups and their members:
  $Computer
  = "MyServer"
  $Computer =
  [ADSI]"WinNT://$Computer"
  $Groups =
  $Computer.psbase.Children | Where {$_.psbase.schemaClassName
  -eq "group"}
  ForEach ($Group
  In $Groups)
      "Group: "
  + $Group.Name
      $Members
  = @($Group.psbase.Invoke("Members"))
      ForEach ($Member
  In $Members)
          $Class
  = $Member.GetType().InvokeMember("Class",
  'GetProperty', $Null,
  $Member, $Null)
          $Name
  = $Member.GetType().InvokeMember("Name",
  'GetProperty', $Null,
  $Member, $Null)
          "-- Member: $Name ($Class)"
  A similar script to enumerate all local users would be:
  $Computer
  = "MyServer"
  $Computer =
  [ADSI]"WinNT://$Computer"
  $Users =
  $Computer.psbase.Children | Where {$_.psbase.schemaClassName
  -eq "user"}
  ForEach ($User
  In $Users)
      "User: "
  + $User.Name
  Richard Mueller - MVP Directory Services

• Domain users and local users can't login to reporting service web environment

  Hello,
  We installed reporting services at one of our customers but aren't able to use domain users to login. We've tried to login with a domain user, a local user but both aren't working. We set the proper permissions for the users on the reports folders.
  We can only login with the buildin/administrator account on the local url: http://servername/reports
  How can we allow login with domain users on other report manager url's?

  Below link may be helpful,
  http://social.msdn.microsoft.com/Forums/sqlserver/en-US/623da309-21fa-42a8-905f-1424144a347d/setting-up-a-user-in-ssrs?forum=sqlreportingservices
  Regards, RSingh

• How to set SMB and FTP sharing for different users?

  In Tiger FTP and SMB sharing was different options with their own settings each other. In Leopard there if i enable user for sharing, it enables for all protocols together.
  Another problem. In file sharing i can add shared folder, but what's sens of it, if the whole filesystem is shared (at least FTP and AFP, not SMB, thanks god) and there's no way to remove this share. Just shortcut? How can i create ftp sharing, allowing user to see only his folder, not the whole filesystem?
  Any advices are pleased, except to get Leopard Server Thank you.

  OS X Client FTP implementation is not comprehensive at all. Apple does not make FTP serving a priority for OS X (on the general principle that it is not really necessary for most consumers). Thus, by default you can't enable/disable FTP for individual users. Nor can you create FTP only users.
  However, a useful product called [Pure-FTPd|http://www.pureftpd.org/project/pure-ftpd], provides the missing functionality for free to all UNIX based systems. Even better, [PureFTPd Manager|http://jeanmatthieu.free.fr/pureftpd> provides a GUI on OS X for managing it.
  This product is probably overkill for a single-user situation - but it is a great example of leveraging the UNIX platform of OS X to significantly enhance file sharing capabilities to server level.
  Cheers,
  Rodney

• How do I unbind a local user from an Open Directory user?

  I have a couple MacBook Pros running Leopard that successfully bound a local account to a corresponding Open Directory account using Directory Utility.
  I had to re-install Leopard Server (using Standard configuration) and re-create Open Directory accounts. Now these laptops are unable to bind to the new Open Directory accounts. They receive an error that the Open Directory user ID and password provided is incorrect. In addition the local user can no longer reset or change their password. I'm thinking this is because their local accounts are still bound to the old Open Directory accounts that no longer exist. Is there are way to unbind a local account in Leopard that has been bound to an Open Directory account via the Directory Utility.

  What account are you using to bind the machine? When binding you must authenticate using the OD admin login which is usually setup as diradmin or as the current client you are logged into the machine with, but this client needs to exist on the OD server.

• AAA and local user authentication

  Hi,
  I already have AAA authentication setup on my switch. And I can use local users to login when the AAA server is unreachable.
  But I want to know if it is possible to use local users even when the AAA server is reachable. Something like first it checks the local users databse and if the user does not exists then fallback to AAA or vice versa.
  Thanks.

  Ismail, the authentication method you define act as a service. So only when the service is not avilable the method fallback to the next methond you define.
  So in your case if the user account is not present in the local data base it will not fallback to aaa server.
  aaa authentication login default local group radius
  The same holds true if the user account is not there in the aaa server
  aaa authentication login default group radius local
  Only when the aaa server is not responding (service downe or not reachable) it will fallback to the local database.
  Hope this helps!

• How can address book and local folders stored on JunoInternet program be imported into Thunderbird?

  Have been using Juno for email for years. Juno Internet program on my PC locally stores address book and saved emails in local folders. Want to switch to Thunderbird for emails. Can address book and local folders stored via Juno program be copied to Thunderbird? If so, how, plz.

  If you are installing TB on the same computer as the Juno mail, the installation / start-up process offers the choice to import from another mail program.

• How to create groups and assign users thru program

  Hi,
  I am planning to create groups by program and assign users to them based on some condition.Once users are assigned to those groups we need to change the Language value for those users in User profile
  We are using Central User Administration.
  Please let me know the solution
  Thanks
  Bala Duvvuri

  probably you can use this code to create a group
  IGroupFactory groupFact = UMFactory.getGroupFactory();  
  IGroup group = groupFact.newGroup(wdContext.currentContextElement().getGroup()); 
     group.commit();
  for this required com.sap.security.api.jar

• How to set NTFS and share permissions for Users share for home directories in Server 2012

  I have a new Server 2012 server, and I want to set up a Users share, that will contain subfolders of each user's username and contain their home directory.  But what do I set the share and NTFS permissions as on the root level, lets call the folder
  Users? Is the following older article the correct permissions I need?
  https://support.microsoft.com/kb/274443

  Hi RJO22,
  You can choose configure the Folder Redirection, Folder Redirection enables you to redirect the location of specific folders within user profiles to a new location, such as
  a shared network location. Folder redirection is used in the process of administering user profiles and roaming user profiles. You can configure Folder Redirection using the Group Policy Management Console to redirect specific user profile folders, as well
  as edit Folder Redirection policy settings.
  The related KB:
  Folder Redirection Overview
  http://technet.microsoft.com/en-us/library/cc732275.aspx
  Specify the Location of Folders in a User Profile
  http://technet.microsoft.com/en-us/library/cc771969.aspx
  I’m glad to be of help to you!
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• How to create groups and add users?

  Hello,
  I have created 3 groups as Portal_Admin and added 2 users for each group.
  When I am trying to grant permissions to these groups to the Applications owned by Portal30( I have logged in as portal30 at this point), I am unable to see these groups but am able to see these individual users.
  I am trying to grant access to individual menu items/sub menus of a Portal Menu.
  Is it correct way to do things?
  Or am I wrong somewhere?
  My Idea:
  I would like to create 20 users 10 of each belong to particular Oracle schema and then organize these 20 as groups
  who will access certain application objects.
  I wanted to give Admin an option to add/del/modify users to and from a Group once initial setup is done.
  We really stopped here.
  Your help is appreciated.
  Thanks
  Madhav

  It's a bug.
  Type the name of the group you want to add the user to and click apply, if you typed it correctly the the group name will appear.
  We are building a fix for this.
  Portal PM