Today a user wasn’t able to log in from his Windows machine to a shared folder in Samba. He was said that his user name (from Active Directory) was not found. The system log was logging the security kerberos event ID 14.
After some digging, I found out this thread with the solution:
This shows up a credentials manager window, where we can delete the problematic credentials. After doing this, the user logged in without problems.
When you have an Exchange server in your organization and you also use a Postfix server as gateway, you need the list of all valid recipients of your organization at your gateway. In this way, you can reject invalid emails at the gateway, and what’s more important, when the sender address is forged, you don’t spam innocent people with undeliverable emails.
I use this script in Exchange 2003 to generate all addresses.
En una máquina de pruebas de Windows 2012 me ha sucedido que no podía arrancar máquinas virtuales porque decía que el hypervisor no estaba corriendo. Después de comprobar que las extensiones de virtualización estaban habilitadas en la BIOS, he descubierto que hay que añadir un parámetro en el boot loader de Windows para que arranque automáticamente el hypervisor.
Para ello, usaremos el comando bcdedit.exe como administrador. Si lo ejecutamos sin parámetros, podemos ver la configuración actual, y para añadir la opción de autoarranque:
C:> bcdedit /set hypervisorlaunchtype auto
I have found that is not a trivial task to change the dial-in permission in an Active Directory user or computer because you must update the userParameters attribute at the same time that the msNPAllowDialin.
In the KB252398, Microsoft says to download the Active Directory Service Interface, so you can register adsras.dll, and use the ADSI interface it provides, but the download is no longer available.
I have managed to create a script to allow dial-in: first, I have allowed manually a user to dial-in, and then I pick those permissions and apply them to the rest.