I had a windows 7 enterprise client joining in my Active Directory. I found I can not start the iscsi initiator app when I login as a domain user. I also found the Microsft iSCSI Initiator Service is manual, and gray in my services. I can not start, stop, or modify the services.
So, I think this maybe a problem with AD, how can I found the solution?
BTW, my account login in to win7 is domain user in Administrators group.
Thanks.
I solved this problem. Because in default, domain account are not local administrators, just add them to local administrators group in domain policy will solve this.
Related
Im a newb to AWS, so please go easy on me. We currently just spun up a custom Windows 10 instance in AWS. I was able to login via RDP successfully, but I'd like to create a new user within the instance so they can login with a different user account using RDP. Any thoughts would be much appreciated.
Okay, After your response to my first, I think I see what you are asking. Plase watch this video:
https://www.youtube.com/watch?v=rgk2w3dQGSo
Download the RDP. Save it. You can then Edit the .rdp and enter the user name and password you created in Windows.
You can create users in the User Management Console in Windows. Ensure they have the rights needed (Remote Desktop User, Administrator, etc).
Enjoy!
Once an Amazon EC2 Windows instance has been launched, it is just a normal Windows computer.
Therefore, you should use use the standard Admin tools to create the user on the Windows computer, with their own username and password.
It is also recommended that you change the random Administrator password after initial login, or (even better) connect the instance to Active Directory or whatever standard authentication system your company uses.
Technoob here. I just figured out why all of you are having trouble. You need to go to the security group the machine is a part of and open port 3389 to your public IP address (ipchicken.com works). Enjoy
If you are trying to connect from another computer then you have to change the inbound rules.
Go to the security groups of your instance. Go to the inbound rules. Add ipv4 and ipv6 as a new rule and apply it. Download the RDP File and try to connect again. It worked for me.
Hopefully a simple one.
If I run powershell on my XP machine and run:
PS> get-childitem \\networkdrive\$share\folder\file.ext
the command successfully completes and returns the information I am looking for.
If I run the same command from team city it error with an Object-Not-Found. (The team city server and agent are running on the same machine that succeeds with the command)
I'm presuming that this is because Windows Services (what the agent is running as) cannot access network drives.
Does anyone have a simple workaround for this?
The problem is not that team city is running as an Windows Service. The problem is that the account used for that service do not have access to the network share.
There are two solutions to the problem:
1) Change the account of the service to an account which have access to the network share.
Open Services-> Find the team city services
Right click-> Properties -> Go to the Log On tab
Put in the name and password of an account with access
2) Grant the currently used account (most likely the Network Service Account) access to the share.
Use the above steps to figure out which account Team City is running under
On the share Grant access to that account
If it is the Network Service or System account, you need to add the Computer as an account instead of a user. So make sure you pick Computer as object type in the Add dialog.
I have problem with creating service that has access to files on network disk.
Service must have admin rights and it will be run by users that don't have admin privileges.
I send path as UNC
and file is seen by service but it return ACCES_DENIED errors when try to open or do anything on Network drive.
When I run my service as server , everything works fine.
I try to find answer but everywhere I can found only partial answers that do not help me at all.
========
I read that standard service logged as SYSTEM can't have access to network.
So i tried to log id as
NetworkService, LocalService
It didn't work. After run it as one of those user my service can't save files on c:
Some kind of admin account.But I didn't manage to success on that.
Actually logged user.
I don't know how to get password for current user.
Still this will not work for user without admin rights.
========
Please tell me what can I do?
There are plenty of Services that use somehow network resources. How do they do that?
You need to configure your service to run as a user which has sufficient rights. In this case you are looking for rights to network shares. Typically that's going to need a domain user with appropriate rights. Normally you'd ask your network manager to create a dedicated user account for the purpose.
You appear to be labouring under some false information as to how services work. You talk about running the service under the account of the logged on user. Remember that services run when there are no users logged on. And remember that there may be multiple logged users at any point in time.
For me, the port was getting blocked through firewall, I had to add a inbound rule and specify the port which i was using in my application. This way firewall did not blocked my port for outgoing connections.
References:
https://www.firehousesoftware.com/webhelp/FH/Content/FHEnterprise/FHEnterpriseInstallationGuide/24_StaticPort.htm
Merry Christmas everyone !
I've installed Team Foundation Server 2010 with advanced configuration but I left the settings as default (like Service Account: NT AUTHORITY\LOCAL SERVICE and others)...
All good until when I typed http://localhost:8080/tfs and there it asks me to provide username and password.
What is the default username and password ? I didn't provide any username and/or password during configuration.
I typed as my Windows account name but it doesn't work.
Help me please...
Thank you
EDIT: Please watch my short video capture: http://youtu.be/i8C5mp7fUsA
TFS uses Window's accounts for its permissions. If you're logging in on a workstation setup, rather than one linked to AD then remember you need to specify your machine name as part of the username, for example MACHINE\michaels.
In order to setup new projects you will need to first start off using an administrator account - if your normal username isn't a Windows administrator, then login using your admin username and password (you can then grant permissions to your normal account. You can also use the Windows security groups on the machine to add yourself - there will be a local group called "Team Foundation Administrators". MSDN has a list of the Windows groups you can configure.
it is the windows login , password and u can set it in the administration panel also .
UPDATE - mine was ashutosh-pc\ashutosh and my windows password
You have set your service account to LOCAL SERVICE. Please change this to NETWORK SERVICE. The login box you are getting is not to login TFS, but to get access to your machine resources. The LOCAL SERVICE account does not have enough permissions to operate TFS.
If you don't have NETWORK SERVICE, then use a regular windows account.
See for more information the TFS 2010 Install Guide.
Yeah definitely it works using your windows account, but in my case I have my hotmail email account linked to my windows.. so, I just used my email address and the password for this, I am sharing an screenshot, this is the firs default page after logged in.
My question is pretty much summed up in the subject.The context is a problem we are facing with the account getting locked our fairly often.
My setup uses this as the service acccount for clearcase application.
There is another account by the same name (but in a different domain - a trusted domain) that runs a monitoring sofftware under this account. For eg., my setup uses the accoundt DOMAINA/clearcase_albd, while this other trusted domain runs a batch file under TRUSTEDDOMAIN/clearcase_albd.
We are suspecting this account to be causing the locking out of our service account (but at this point have not yet figured out why!)
Have pored over event logs endlessly, to no avail and have now decided to start fresh from ground zero.Am following a thread of thought and the first thing I need confirmation on is this:
Should I be seeing DOMAINA/clearcase_albd account when i run clearlicense at all?
If not, then why would another account by SAME name but from a different domain lock out my domain account?
Would greatly appreciate any help in this regard,
Thanks in advance
According to the IBM ClearCase Manual, the Rational® ClearCase® albd_server program runs with the identity of a special user account known as the Rational ClearCase server process user.
This user is a member of the Rational ClearCase administrators group, which grants privileged user status.
That account should not directly uses a license, as it is related to the albd (Atria Location Broker) process which will execute operation on behalf other users.
When a client program needs access to a service (a VOB or view server, for example) on a Rational ClearCase server host, it uses a remote procedure call (RPC) to send a request to the albd_server process on that host.
The albd_server starts the requested service if it is not already started, and provides the service’s port number to the client. Thereafter, the client communicates directly with the service.
IBM does suggest two albd accounts, for central VOB/view servers and end-user workstations. This is primarily done to prevent albd account issues (account lockouts, etc) on the albd account from impacting the VOB servers themselves.
BUT: those accounts should be on the same domain.
Note: by typing
creds clearcase_albd
You will see its SID for the current Windows domain.
You will then be able to check if that SID pops up in the clearlicense command output.