I am facing some issue with Active directory group policies,
The issue is i have many users working from home and all of them are using one SSL to connect to the company domain their file sharing is working fine, their group old group policy updating but i have setup few new group policy and they are not reflecting on remote users system,
For example there is one policy i have setup for deploying an application using GPO to remote users so when they restart the system the policy get applied to them and the MSi package should install to their system,
I tried GPUPDATE /force, /synch, normal mode and admin mode nothing helped
I am not sure why this is happening and how to fix that.
Thanks in advance.
It's normal cause software deployment via GPO is installed before user login, and your VPN connection is established after user login, non of computer installation GPO will work via VPN, there is other option to deploy software on VPN connection, Fog Project it's open source software deployment.
Related
Im a newb to AWS, so please go easy on me. We currently just spun up a custom Windows 10 instance in AWS. I was able to login via RDP successfully, but I'd like to create a new user within the instance so they can login with a different user account using RDP. Any thoughts would be much appreciated.
Okay, After your response to my first, I think I see what you are asking. Plase watch this video:
https://www.youtube.com/watch?v=rgk2w3dQGSo
Download the RDP. Save it. You can then Edit the .rdp and enter the user name and password you created in Windows.
You can create users in the User Management Console in Windows. Ensure they have the rights needed (Remote Desktop User, Administrator, etc).
Enjoy!
Once an Amazon EC2 Windows instance has been launched, it is just a normal Windows computer.
Therefore, you should use use the standard Admin tools to create the user on the Windows computer, with their own username and password.
It is also recommended that you change the random Administrator password after initial login, or (even better) connect the instance to Active Directory or whatever standard authentication system your company uses.
Technoob here. I just figured out why all of you are having trouble. You need to go to the security group the machine is a part of and open port 3389 to your public IP address (ipchicken.com works). Enjoy
If you are trying to connect from another computer then you have to change the inbound rules.
Go to the security groups of your instance. Go to the inbound rules. Add ipv4 and ipv6 as a new rule and apply it. Download the RDP File and try to connect again. It worked for me.
Running a rather large network with an MDT deployment server. I currently have another person who works with me registered as a 'Enterprise Administrator'. Part of his job is imaging machines. Currently I have it set so that devices that need imaging are set as 'Pending' until allowed within Windows Deployment Services.
When the EAdmin tries to open the 'pending devices' tab of WDS, he gets an access is denied message.
How do I go about delegating permissions to use WDS to this user?
(Server 2012)
Solved.
Needed to add the user in to the LOCAL administrator's group for the deployment server.
I've have added my domain account permissions to Windows AppFabric 1.1 Caching using the "grant" Powershell command. A sample app runs locally on the machine itself fine. Also, I'm able to telnet to the port 22233 from another box successfully (I'm pretty sure its not firewall issue).
Could this be IIS permissions somehow? I don't see a site created under IIS. Is there a log I can check to see specifically why the remote calls are getting rejected with a "ErrorCode:SubStatus:There is a temporary failure. Please retry later."
You granted permissions your account to AppFaric Cache, but are you sure that your app runs under this account ? If this is a WebSite, this another user (ApplicationPoolIdentity).
Try to grant your machine (by adding a $ at the end) or run your app under your granted user.
To be sure it is a problem in security, you can try to disable it at server side, just for testing purpose.
Set-CacheClusterSecurity -SecurityMode None -ProtectionLevel None
please find msdn here.
The Orchardcms Application works fine accept when trying to Install new modules using the module installer within the dashboard. I get this error below.
Install package failed
Package installation failed: There was an error installing the requested package. This can happen if the server does not have write access to the '~/Modules' or '~/Themes' folder of the web site. If the site is running in shared hosted environement, adding write access to these folders sometimes needs to be done manually through the Hoster control panel. Once Themes and Modules have been installed, it is recommended to remove write access to these folders.
It seems that the installed IIS 7 App Pool (Presumably installed with Orchard in Web Platform Installer) using ApplicationPoolIdentity. w3wp.exe runs with username orchardmain (this is what i named my application I could have left it to default orchard) Though the problem with this that I can't update my NTFS permissions for orchardmain as when trying to add a username in permissions it can't find any Users, Groups, or Built-in security principals with the name OrchardMain.
Is it best practise to change the App Pool to run under an User / Service Account that doesn't behave like this, or is there just a little thing i can do to get this working?
Try using IIS APPPOOL\OrchardMain as the object name when editing permissions.
See this blog post for details.
How can I configure Visual Studio remote debugging when:
My developer machine is a member of an AD domain, and my username is "DevelopersName".
The "remote" machine is on the same Ethernet segment, but is not part of the domain.
The "remote" machine must run software under "RemoteUserName".
Most documentation I can find suggests that you need have both machines in the same domain and with identical usernames. That's not possible here.
I could possibly add my username to "remote", but the software still needs to run under "RemoteUserName.
If it helps, I could add 2nd network card to my developer machine and directly connect the "remote" machine.
Using VS2008, but will be moving soon to VS2010.
Thank you.
Sorry, but I've just spent the last 10 hours trying to debug your exact problem. My findings are not good.
You need to get your accounts synced, especially if you are using your remote app to connect to other systems in your SOA environment, ie: Sharepoint, AD.
You can to some extent get remote debugging to work, if you create an account on your local machine with the same name as that of your remote machine (lets do it like this rather rather than working with the domain account).
You then need to make sure the remote service is running under this account, and its a member of the administrators group. And by this I mean hold down control, and right click run as - with the remote debugger, and select the user (not required if remote server is logged in as the required user).
Run the wizard it will open the required ports, use Authentication, because non authentication won't debug managed code. Breakpoints are never met, and there is nothing you can do about this.
On your local dev machine, log off your domain account, and log onto the local account with matching name as the account on server thats running the remote service.
Now you stand a change of remote debugging. If you can't do any of the above, sorry there is no workaround, its entirely dependent on the user account and having the right permissions.
If you don't want to create a local account, try starting our debugger via command prompt using the following command:
runas /user:[user#machinename] /netonly [debugger.exe]
E.g.:
runas /user:john#mypc123 /netonly devenv.exe
I assume it's managed debugging you're talking about (for native debugging there's a remote debugging solution with no authentication). In this case, I would suggest that you use a local user to launch the debugger on your machine. If this local user's name and password match "RemoteUserName"'s name and password, it should work.
(Note that this does not preclude you from using the AD account to log in to your workstation, you just need to set up another account and use runas to launch Visual Studio.)