Using witadmin I'm trying to delete a work item on a TFS in a different domain. I therefore use a login that is different from my Windows login, for which I'm asked when opening the web interface.
However, witadmin fails with the following message, not prompting for username and password:
Unable to destroy work item(s) 1. TF237090: Does not exist or access
is denied.
Is there a way to supply credentials as arguments or explicitly make witadmin prompt for credentials?
What solved my problem is the Credential Manager, which is in Control Panel > User Accounts > Manage Your Credentials. I added an item to Windows Credentials containing containing the username and password I need for the TFS.
It doesn't make witadmin ask, but it takes these credentials.
Related
I am working on the windows credential provider
We start our project based on this https://github.com/DavidWeiss2/windows-Credential-Provider-library
We want to make this authentication passwordless. Therefore we have a "database" in forms of external file that keep the password, username and domain pairs. Due to security reason we hashed it. (eg: C:\Temp\MyCredsDatabase.dat)
If the user change the password from window's Built-in GUI System -> Account -> Sign-in Option -> Change Password, the next login will be failed simply because the user already update their password but our database still using the old password
Well, if I decrypt the password directly from the Microsoft's SAM database it will be whether illegal or hard because Windows keep updating their security package to secure this database.
Is there any possibility that whenever user update the password, we get the password value, and update our "database"?
Or should I save our local database's content with another format?
Like, instead of using the user's information in a plain text for login using our Custom Credential Provider, can I use part of the SAM's value to login?
Your credential provider should implement the CPUS_CHANGE_PASSWORD scenario which is triggered in the change password GUI workflow.
At that point, in ICredentialProviderCredential::GetSerialization, you should have the raw non encrypted password value.
Then in ICredentialProviderCredential::ReportResult, if NTSTATUS == STATUS_SUCCESS you could do whatever you want, including updating your database.
I just created a GitLab account, I signed up by using the "Using google" option, and it just prompted me for my gmail credentials. The email in question is a company email I was given by my administrators.
When I wanted to use these credentials in Visual Studio, it asked me with this screen for my credentials:
I entered my company email and its password, but I received this error from Visual Studio:
Fetching from origin
Remote: HTTP Basic: Access denied
Error encountered while fetching: Git failed with a fatal error.
Authentication failed for 'https://gitlab.com/xxxxxxx/xxxxx/xxxxxxx.git/
I wanted to make sure the credentials were properly set, so I went to gitlab page and signed out. When trying to sign in, same thing happens. I am allowed to sign in to gitlab if I use "Using google" option, but not via email + password.
Is this a problem?, do you know any workaround I could use to sing into my gitlab account within Visual Studio?
When you created your account, it's bound to your google credentials. You can see it's connected by clicking on your profile icon in the upper right corner and clicking "Preferences > Account". Under Social Sign-in, you'll see that the google button now shows "Disconnect Google". When you do this, GitLab does not assign you a username by default (honestly, it may now, but it didn't when I created my account several years ago). However, you can change your username on that same "Preferences > Account" page under the "Change username" heading, so go ahead and assign yourself one if you don't have one there. If you already have one, go ahead and take note of that.
Once you have your username, you can likely authenticate using an access token instead of a password. Create an access token under "Preferences > Access Token" and assign the privileges you want depending on what you are going to do with VS.
If you really want to use a password instead (or if the VS plugin doesn't work with an access token), you can set a password under "Preferences > Password", and use that instead.
Hopefully this helps!
Go to https://gitlab.com/-/profile/personal_access_tokens
Result
Use this token as password for you enter to the form what you seen.
I am trying to change a password with active directory using cfexecute.
The only code on my page is this (username and the new password are filled in):
<cfexecute
name="c:\windows\system32\cmd.exe"
arguments="NET USER username password /domain"
outputfile="C:\Users\administrator\Desktop\test.txt"
timeout="90">
</cfexecute>
When I tried running this code through dreamweaver on my pc the tab in my browser just kept spinning even after 5 min... I closed the tab went to the server logged in and the text.txt was there empty. But I am unable to delete it because it says coldfusion.exe is using it???? Also it did not change the users password.
So then I opened up the command line on my pc and ran NET USER username password /domain it gave me a System error 5 has occured. Access is denied..
So then I went on to the server logged in as an administrator ran NET USER username password /domain and it worked.
How do I tell cfexecute to run as that administrator when it runs so that it works properly?
I looked up the docs of cfexecute and it is not like cfldap where you can choose a username and password.
Any help with this would be greatly appreciated!
Edit
Also checked log files in admin and it stated this:
Error occurred: coldfusion.tagext.lang.ExecuteTag$TimeoutException: Timeout period expired without completion of c:\windows\system32\cmd.exe
(It cant run that simple command within a 90 second timeout? But runs instantly when I run it in the command line?) Is there something wrong with using cfexecute?
EDIT IS IT POSSIBLE?
To Add a user it always runs as to change the password like so?:
"/c net user /user:domain\Administrator <admin-pwd> username password /domain"
ColdFusion is only able to access the domain and user account that is used by the ColdFusion service.
If you want to authenticate a username/domain against local system or Windows domain using any version of ColdFusion, consider using the CFX_EXEC tag.
http://adiabata.com/cfx_exec.cfm
<CFX_EXEC
CMD="NET USER username password /domain"
USER="Administrator"
PWD="pass"
DOMAIN="domain"
FILE="C:\Users\administrator\Desktop\test.txt">
I am unable to login inot WAS Admin console. So I am trying to reset the admin credential after disabling security(security.xml-enabled="false"), but unable to save the new password. Any idea what should I check and troubleshoot?
I tried entering the credentials on soap.clients.props, but no help. WAS version : 7.0
From
http://www-01.ibm.com/support/knowledgecenter/SS7JFU_7.0.0/com.ibm.websphere.messages.doc/com.ibm.ejs.resources.security.html?cp=SS7JFU_7.0.0%2F1-15-7-225
SECJ7342E: Failed to validate user/password
Explanation Failed to validate user password in WIM registry
Action None
The credentials that you entered do they exist in the WIM registry?
From the screen shot it appears that you are using the File Based registry. Check that the ID and passwords match the values in that File Registry.
If you disabled security, then restart your server, so it starts plain, unsecured and enable security again via console. There will be prompt to specify admin user and password (I'm assuming you are using default Federated repository with file based). Provide new password there and restart the server.
In the page you are showing now, leave Server user identity as default - Automatically generated. This is not page, where you change user password.
Settings in soap.clients.props are not related to password changing. Once you set new password via console, you can update that file, so you won't be prompted, when you stop server from the command line.
This technote is also helpful when forgetting your WAS Admin console password:
Forgot password and cannot access WebSphere Application Server administrative console
https://www.ibm.com/support/docview.wss?uid=swg21405302
I was setting up another user to use our SVN repository. He didn't have a username/password, so I logged in with my credentials. We now have a username/password for him.
How do I get TortoiseSVN to logout and forget the old password so I can enter the new username/password?
Open Windows Explorer.
Right-click anywhere in the window.
Click TortoiseSVN → Settings.
Click Saved Data.
Click Clear beside Authentication Data (see below).
Check the authentication items to clear.
Click OK.
All saved Authentication Data for all projects is deleted.
You will have to re-enter credentials to reconnect.
There are several ways to do it, through settings or by deleting the cache.
Deleting the cache is the most versatile method. First, locate it:
On XP, it was located here:
C:\Documents and Settings\%USER%\Application Data\Subversion\auth\svn.simple\
On Vista, it was located here:
C:\Users\%USER%\AppData\Roaming\Subversion\auth\svn.simple\
Then look in those files with Notepad, and delete the one with your credentials.
If you want to remove only one saved password, e.g. for "user1":
Go to the saved password directory (*c:\Users\USERNAME\AppData\Roaming\Subversion\auth\svn.simple\*)
You will find several files in this folder (named with hash value)
Find the file which contains the username "user1", which you want to change (open it with Notepad).
Remove the file.
Next time you will connect to your SVN server, Tortoise will prompt you for new username and password.
When you use Integrated Windows Authentication (i.e., Active Directory Single Sign-On), you authenticate to AD resources automatically with your AD credentials. You've are already signed in to AD and these credentials are reused automatically. Therefore if your server is IWA-enabled (e.g., VisualSVN Server), the server does not ask you to enter username and password, passing --username and --password does not work, and the SVN client does not cache your credentials on disk, too.
When you want to change the user account that's used to contact the server, you need use the Windows Credential Manager on client side. This is also helpful when your computer is not domain joined and you need to store your AD credentials to access your domain resources.
Follow these steps to save the user's domain credentials to Windows Credential Manager on the user's computer:
Start Control Panel | Credential Manager on the client computer.
Click Add a Windows Credential.
As Internet or network address enter the FQDN of the server machine (e.g., svn.example.com).
As Username enter your domain account's username in the DOMAIN\Username format.
Complete the password field and click OK.
Now when you will contact https://svn.example.com/svn/MyRepo or a similar URL, the client or web browser will use the credentials saved in the Credential Manager to authenticate to the server.
After struggling with this and trying all the answers on this page, I finally realized I had the incorrect credentials stored by windows for the server that hosts our subversion. I cleared this stored value from windows credentials and all is well.
https://web.archive.org/web/20160614002053/http://windows.microsoft.com/en-us/windows7/remove-stored-passwords-certificates-and-other-credentials
Replace the line in htpasswd file:
Go to: http://www.htaccesstools.com/htpasswd-generator-windows/
(If the link is expired, search another generator from google.com.)
Enter your username and password. The site will generate an encrypted line. Copy that line and replace it with the previous line in the file "repo/htpasswd".
You might also need to Clear the 'Authentication data' from TortoiseSVN → Settings → Saved Data.