We have implemented Apache 2.4 with IPV6 disable. I am getting "Internal Dummy connections" log entries inside access log.
The following is the snapshot of my error:
I tried searching for the solutions on Internet, everywhere it is mentioned that exclude these log entries from the access log. Reference:
https://knackforge.com/blog/sivaji/mitigating-apache-internal-dummy-connection-issue
I want solution for disabling or denying this kind of request on the server.
Related
When logging on to OWA using a browser, receive a 503 error. In the Fiddler trace will see a more detailed response status code:
503 Failed authentication on backend server: Unauthorized
On the Exchange Server, see the following System event log (intermittently):
Event 4 Security-Kerberos
The Kerberos client received a KRB_APP_ERR_MODIFIED error from the server exchangeserver$.
The target name used was HTTP/exchangeserver.ad.root.
This indicates that the target server failed to decrypt the ticket provided by the client.
I hope someone only receives this in a lab environment!
Here is a link to enable Kerberos logging, which could be helpful as well: https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/enable-kerberos-event-logging
After enabling Kerberos logging, would see the KRB_APP_ERR_MODIFIED error more frequently, whereas before would not be logged each time a logon attempt occurred.
The issue here (in the lab) was that a duplicate SPN for the Exchange Server in question was added erroneously to another server, causing a duplicate. This was due to trying to enable Kerberos delegation for a separate web application.
Although there could be a quicker way to do this, you can list the SPNs on each server to look for your erroneous exchangeserver record by running
setspn -l otherservername (this is a lower-case L)
And if you find that SPNs like http/exchangeserver or http/exchangeserver.ad.root are listed on another server (say 'otherservername'), you can carefully remove them by running
setspn -D http/exchangeserver otherservername
setspn -D http/exchangeserver.ad.root otherservername
I was able to logon to OWA immediately after the duplicate SPN was removed, without restarting any servers or services.
Check, if the bindings for Exchange Backend website in IIS is correctly configured. You can check this by visiting IIS console in the server and open bindings for Backend website for 443 port. See, if the certificate is assigned well
Also, check, if the Default website's binding is correct. It should have thirdparty SSL certificate assigned or the self signed certificate
If any of the bindings are incorrect, fix it and restart IIS (iisrest from cmd prompt). Check again
The service is running but I get a half corrupted page. I upgraded using the automatic update mechanism. Note that the teamcity is running behind an nginx server with the real service running at http://$hostname:8080/teamcity and nginx forwarding from http://$hostname/teamcity.
If I restart the service I get the following log in teamcity-server.log
https://gist.github.com/bradphelan/74ea8fa9c422c51a23820ee74cab72cc
linked as gist as SO will not allow pasting such a large file in.
Switch it off / switch it on. It works again. ( No idea why )
We have a SonarQube server which is by default running on HTTP and 9000 port. We decided to use SonarQube over HTTPS configured using IIS reverse proxy and disable HTTP.
Previously in sonar-scanner.properties,sonar.host.url is configured to run as mentioned below.
sonar.host.url=http://localhost:9000 and now we want to change it to sonar.host.url=https://localhost.
On the browser https://localhost works fine. However when I configure this url in sonar-scanner.properties and try to run the sonar analysis, it says url can not be reached. Could anyone give me some suggestions to fix this issue.
Regards,
Sharieff.
Assign a valid certificate to your website. Using localhost is not the best choice; you should use and configure a valid domain name (https:/mycompany.com for example). On the machine you use to analyse you must update the Java Runtime by registering the certificate associated with this name and maybe also other (root) certificates in the certificate chain. See this blog for all the details. After executing these steps you should be able to upload the analysis to you SonarQube instance.
I am using Apache camel 2.13.2 and am trying to connect to an FTP to retrieve files based on the file expression given in the include parameter. I can see that there are files in the folder in the ftp account, but camel doesn't pull the files. I can see in the log that the connection is successful, but the exchange is returned as null. The same code works for other ftp accounts. Could someone help to understand on where I am doing wrong, and things that I could try to get this fixed?
ftp://XXXXXXX#XXXXXXX.XXXXXXX.XXX:21/testfolder/testfold/test?password=RAW(XXXXXXX)&binary=true&pollStrategy=#xxxFTPPollingConsumerPollStrategy&throwExceptionOnConnectFailed=true&sendEmptyMessageWhenIdle=true&delay=15000&maxMessagesPerPoll=30&stepwise=false&consumer.bridgeErrorHandler=true&idempotent=true&idempotentKey=${file:name}-${file:size}-${file:modified}&readLock=changed&include=.*
first try without any filters to see if it is the problem.
In any case, depending on the server and client firewalls and linux vs windows encoding (for the file transfer) you should give a try to the following URI parameters:
binary=true
passiveMode=true
most of the times with the default passiveMode camel wont list any file and file transfer may fail with an ArrayOutOfBounds error.
To double check set the logging level of camel to debug and to trace for the ftp component:
logging.level.org.apache.camel=DEBUG
logging.level.org.apache.camel.component=TRACE
without passiveMode=true you will likely notice that the list file doesn't find any file.
more info about the FTP passive mode can be found here
I've got an odd problem.
I got my PC reimaged, and now it won't connect properly to the autodiscover service.
I cannot see free/busy information, cannot set my out of office, and don't get tooltips about other people who have out of office on when I am emailing them.
If I run the "Test email autoconfiguration" tool, it fails.
All of that used to work before my PC was reimaged.
Furthermore, if I log in to another PC (same OS, Win7) it does all work.
So I think the problem is specific to my PC, and not a problem with our Exchange setup.
If I browse to the url http://mail.mydomain/autodiscover/autodiscover.xml I get a 403 error.
Doing the above on the other PC works.
Weirdly, if I browse to https://mail.mydomain/autodiscover/autodiscover.xml on the PC with the problem it works OK.
So there's something configured wrong on my PC, but I don't know what. Maybe it's not passing my credentials properly.
Other sites that rely on my Windows credentials are working OK, so it's passing them correctly sometimes.
Any ideas, before I get them to reimage my PC again?
Thanks
When I run Test mail autoconfiguration, on the Results tab I get:
Autoconfiguration has started, this may take up to a minute
Autoconfiguration was unable to determine your settings!
The log is:
SMTP=my.email#my.domain
Attempting URL httpx://mail.my.domain/autodiscover/autodiscover.xml found through SCP
Autodiscover to httpx://mail.my.domain/autodiscover/autodiscover.xml starting
GetLastError=0; httpStatus=403
Autodiscover request completed with http status code 403
Autodiscover to httpx://mail.my.domain/autodiscover/autodiscover.xml failed (0x80004005)
Autodiscover to httpsx://mail.my.domain/autodiscover/autodiscover.xml starting
GetLastError=12007; httpStatus=0
Autodiscover to httpsx://mail.my.domain/autodiscover/autodiscover.xml failed (0x800C8203)
Autodiscover to httpsx://autodiscover.my.domain/autodiscover/autodiscover.xml starting
GetLastError=12007; httpStatus=0
Autodiscover to httpsx://autodiscover.my.domain/autodiscover/autodiscover.xml failed (0x800C8203)
Local autodiscover for my.domain starting
Local autodiscover for my.domain failed (0x8004010F)
Redirect check to httpx://autodiscover.my.domain/autodiscover/autodiscover.xml starting Redirect check to httpx://autodiscover.my.domain/autodiscover/autodiscover.xml starting
Srv Record lookup for httpx://my.domain starting
Srv Record lookup for my.domain Failed (0x8004010F)
Note I had to change http to httpx and https to httpsx to allow it to post.
Firstly, this is not a programming question. Secondly, try to run a test from https://testconnectivity.microsoft.com/