Edventures in Normalcy

ApplicationPoolIdentity user in Users & IIS_IUSRS

Posted by Rose Bush on May 19th, 2015

ApplicationPoolIdentity is assigned membership of the Users group as well as the IIS_IUSRS group.” Source: http://stackoverflow.com/questions/5437723/iis-apppoolidentity-and-file-system-write-access-permissions

I often need to add Users in particular to give the permissions needed.

Apache SetEnvIf Logical AND with Two Variables

Posted by Rose Bush on May 15th, 2015

In trying to adjust the method of logging in Apache, it was found logical to have the configuration perform an AND on two variables to validate one format vs another. I had not found much detail on this, until making my way to: http://stephane.lesimple.fr/blog/2010-01-28/apache-logical-or-and-conditions-with-setenvif.html. From the page archived, I had the following:

In my example, it was not able to work as shown above, but not of by much.  We quoted the last 0 in the lines we had written, giving us the following example:

When tested, requests coming from the LB IP are listed as trusted, and only trusted requests are adjusted and trusted as having been forwarded.  Other requests, we can assume (based on topology) with x-forwarded-for header are identified as falsified.

Command Line Add woff Mime Type

Posted by Rose Bush on May 14th, 2015

Easily add in the woff mime-type with the below command:

To note, the above placed the configuration within the applicationHost.config and not in a web.config. As desired in my scenario as I had wanted the configuration to be server wide.

Testing http header IP forwarding

Posted by Rose Bush on May 5th, 2015

I need to determine what the application sees versus what is being sent, these scripts helped me see the discrepancy and validate the change once resolved:

The above does allow you to force a post, as the original case was behind a caching server.

Find the Default File Paths for a Given SQL Instance

Posted by Rose Bush on May 4th, 2015

Method 1 of 1?

Create the alias with cliconfg.exe

Posted by Rose Bush on May 4th, 2015

Option 2: Create the alias with cliconfg.exe
Log into the Application and/or front-end Web servers
Got to Start > cliconfg.exe (Note: it’s c-l-i-c-o-n-f-g-dot-e-x-e)

Then click on “Alias”:

If you already have an alias set up, it will show up there. Otherwise…
Click “Add”

Specify the port number and give it a name. That’s it!
Test your SQL Alias:
To test your SQL alias, create a Microsoft Data Link (udl) file on your desktop:

From your desktop, right click on the desktop and choose New > Text file
A new file named New Text Document.txt appears in the directory.
Rename this file to “TestDBConnection.udl”, removing all spaces. Be sure to change its file extension to .udl.
Open the file and, under Connection, type either the SQL server name or, if you are testing an SQL alias, the alias name.
Under 2, chose “Windows Authenticated security”
Click “refresh”
If the connection was successful, list of databases should appear in the dropdown menu under #3.
I have a separate blog post that covers the same steps for creating a udl file here. http://smallcitydesign.com/how-to-test-a-database-connection-from-an-application-server/

I want all DB’s moved, from SQL Server/Instance A to SQL Server/Instance B.  The easiest way to do this of course, is scripted :D.  Oh how I love the idea of automation.

Generate export script:

Use the output to backup the databases.

Then run the following command to get the import commands you would run on the destination instance:

Error text:
An error occured.

Action: get_update_best_practice_rules_configuration

Exception: Invalid Response

Internet Information Services 7.5

Error Summary
HTTP Error 403.18 – Forbidden

The specified request cannot be processed in the application pool that is configured for this resource on the Web server.

Detailed Error Information

Module
IIS Web Core

Notification
BeginRequest

Handler
StaticFile

Error Code
0x00000000

Requested URL
http://127.0.0.1:80/Rejected-By-UrlScan?~/dotDefender/dotDefenderWS.exe

Physical Path
C:\inetpub\wwwroot\Rejected-By-UrlScan

Most likely causes: •An ISAPI filter or custom module changed the URL to run in a different application pool than the original URL.
•An ISAPI extension (or custom module) used ExecuteURL (or ExecuteRequest) to run in a different application pool than the original URL.
•You have a custom error page that is located in one application pool but is referenced by a Web site in another application pool. When the URL is processed, it is determined by IIS that that it should have been processed in the first application pool, not the other pool.
•The Web site has multiple applications configured. The application this request is configured to run in is set to run in an application pool that does not exist.

Things you can try: •If you have an application that is trying to process a URL in another application pool (such as trying to process a custom error), ensure that they both run in the same application pool if appropriate.
•If you are trying to process a custom error URL that is located in another application pool, enable the custom errors Redirect feature.
•Verify that the application pool for the application exists.
•Create a tracing rule to track failed requests for this HTTP status code and see if ExecuteURL is being called. For more information about creating a tracing rule for failed requests, click here.

Links and More InformationThis error occurs if the application pool for the request does not exist, or if an ISAPI filter, ISAPI extension or HTTP module calls the ExecuteURL server support function (or ExecuteRequest) with a URL that is configured in a different application pool. Due to security reasons, a Web site in one application pool cannot make ExecuteURL requests against a URL in another application pool. If you have an application that is trying to process a URL in another application pool, ensure that they both run in the same application pool if appropriate.
View more information »
Show details Reload current node

Screen shot:

dotDefender_error_occured_Invalid_Response

Resolve:
I went to the ISAPI Filters for the site, saw the following:
UrlScan 3.1
C:\Windows\system32\inetsrv\urlscan\urlscan.dll
Local

Removed it, site specific, and was then able to browse to the admin section as expected.

UPDATE!!!

I found a better way to fix the issue.  Create an exclusion for dotDefender within URLScan, just like the installation instructions for dotDefender lists (http://www.applicure.com/downloads/5.11/dD-installation-guide-v5%2011_IIS.pdf), odd I know.

The file is found here:
%WINDIR%\System32\Inetsrv\URLscan
And is named
UrlScan.ini

Find the section for [AlwaysAllowedUrls] and add this line below it and above the following section:
/dotDefender/dotDefenderWS.exe ; Don’t filter requests to dotDefender

My config now has the follwoing section:
~~~~~~~~~
[AlwaysAllowedUrls]
;
; URLs listed here will always be explicitly allowed by UrlScan
; and will bypass all UrlScan checks. URLs must be listed
; with a leading ‘/’ character. For example:
;
; /SampleURL.htm
;
/dotDefender/dotDefenderWS.exe ; Don’t filter requests to dotDefender
~~~~~~~~~

I ran into this error on a RHEL machine that recently patched.  To correct the issue, I recreated the symlink in /tmp :

I found the solve and associated troubleshooting steps here: http://forums.cpanel.net/f354/cant-connect-local-mysql-server-through-socket-var-lib-mysql-mysql-sock-111-a-78444.html

iMIS Requirements for 15.1 15.2 and 20

Posted by Rose Bush on August 2nd, 2013

iMIS:

Version 15.1.3 requires SQL Server 2008 (R1, as R2 will not work even in compatibility mode). By version 15.2 is when SQL Server 2008 R2 can be used.

Requirements for iMis 15.2.15
*Microsoft SQL Server and Express Edition 2012
*Microsoft SQL Server and Express Edition 2008 SP3 and 2008 R2 SP1 (32-bit and 64-bit) (Note: 2008 R2 is not backwards compatible)
*Microsoft SQL Server and Express Edition 2005 SP4 (Note: the shipped Demo DB is not supported on SQL Server 2005)

System requirements
iMIS architecture is made up of a single database server, one or more application servers (appservers), and two types of clients (a Windows application and a web application), which run on typical workstations. These requirements apply across database servers, appservers, and workstations; web clients only need to meet requirements for displays and browsers.

Upgrades: This version supports upgrades from any version of iMIS, starting with 15.1.3. For best results with earlier versions of iMIS, complete the upgrade to 15.1.3 before proceeding.

Caution! The installer removes any existing files for unsupported products, which includes e-CM, e-CM 5.1 publishing service, e-Series, and iBO for COM.

Minimum hardware (all)

See Configuration Examples for typical upgrades.
* 10/100 Mbps network connection between database server host and all appservers and iMIS Desktop clients
* 2 GHz Intel Pentium 4 or compatible processor (64-bit processors must support Intel 64 or AMD64 architectures; some Intel Xeon server processors prior to 2007 may have issues running iMIS Desktop on 64-bit Windows Vista or 7)
* 2 GB of RAM
* 3.2 GB for a full/custom install; 1.8 MB for Desktop install/upgrade (InstallShield may under-report disk space needed)
* An additional 2 GB of disk space on the C: drive (for temp files); and when upgrading, an additional amount of C: drive disk space on the database server that totals twice the size of your database.
* Application Server: additional disk space for publishing and indexing your contact files for search (e.g., 275K contacts=1GB, 2M contacts=7.56GB)
* Display with 1024 x 768 (XVGA) minimum resolution
Operating systems
* Servers: Windows Server 2003 R2 SP2, 2008 SP2, and 2008 R2 SP1 (32-bit and 64-bit, Standard/Enterprise/Datacenter editions only)
* iMIS Desktop: Windows Vista SP2 and 7 SP1 (32-bit and 64-bit), installed as and set to run as Administrator, with non-Aero theme (see note above for 64-bit Intel Xeon server processors)
Databases
* Microsoft SQL Server and Express Edition 2012
* Microsoft SQL Server and Express Edition 2008 SP3 and 2008 R2 SP2 (32-bit and 64-bit) (Note: 2008 R2 is not backwards compatible)
* Microsoft SQL Server and Express Edition 2005 SP4 (Note: the shipped Demo DB is not supported on SQL Server 2005)
Appservers
* Microsoft .NET Framework 4.0 (ASP.NET)
* Microsoft SQL Server 2005/2008/2012 Tools
* Microsoft Internet Information Services (IIS) 6, 7, or 7.5
* Microsoft Windows Indexing Service (see Preparing all servers and workstations)
Systems running iMIS Desktop
* Microsoft .NET Framework 4.0 (ASP.NET)
* Microsoft Word 2007 SP3 and Word 2010 SP1, for Word integration
* Microsoft Excel 2007 SP3 and Excel 2010 SP1 for iMIS Analytics
* Adobe Reader 10.1, installed on all servers and clients to print iMIS reports
* (optional) ExpoCAD 7.4
* Omnis 7 version 3.6.4 (included with install)
Browsers
* Internet Explorer 8-9 (native) for iParts; Internet Explorer 8 (compatibility mode) for all non-iPart .NET web applications; Internet Explorer 9 for iMIS Desktop
* Firefox (most recent stable version), for iParts, web views, and WCM-generated websites (version 19 as of 19 Feb 2013)
* Chrome (most recent stable version), for iParts (version 25 as of 21 Feb 2013)
* Apple IOS 6.1: native default browser, for iParts
Report writing
* Reporting Services: SQL Server 2005 Express Edition Toolkit,
SQL Server 2008 Report Builder 2.0, SQL Server 2008 R2 Report Builder 3.0, or SQL Server 2012 Report Builder
* Crystal Reports: Crystal 9.0

http://docs.imis.com/15.2/index.htm#!systemrequirements.htm
http://docs.imis.com/20.0/#!systemrequirements.htm

System requirements
iMIS architecture is made up of a single database server, one or more application servers (appservers), and two types of clients (a Windows application and a web application), which run on typical workstations. These requirements apply across database servers, appservers, and workstations. Web clients only need to meet requirements for displays and browsers.

Upgrades: This version supports upgrades from any version of iMIS, starting with 15.1.3. For best results with earlier versions of iMIS, complete the upgrade to 15.1.3 before proceeding.

Caution! The installer removes any existing files for unsupported products, which includes e-CM, e-CM 5.1 publishing service, e-Series, and iBO for COM.

Minimum hardware (all)

See Configuration Examples for typical upgrades.
* 100/1000 Mbps network connection between database server host and all appservers and iMIS desktop clients
* 2 GHz Intel Pentium 4 or compatible processor (64-bit processors must support Intel 64 or AMD64 architectures. Some Intel Xeon server processors prior to 2007 might have issues with running iMIS desktop on 64-bit Windows Vista or Windows 7)
* 2 GB of RAM
* 3.2 GB of disk space for a full/custom install. 1.8 MB for desktop install/upgrade (InstallShield might under-report disk space needed)
* An additional 2 GB of disk space on the C: drive (for temporary files). When upgrading, an additional amount of C: drive disk space on the database server that totals twice the size of your database
* Application Server: additional disk space for publishing and indexing your contact files for search (for example, 275K contacts=1GB, 2M contacts=7.56GB)
* Display with 1024 x 768 (XVGA) minimum resolution
Operating systems
* Servers: Windows Server 2008 R2 SP1 and 2012 (32-bit and 64-bit, Standard/Enterprise/Datacenter editions only)
* iMIS desktop: Windows Vista SP2, Windows 7 SP1, and Windows 8 (32-bit and 64-bit), installed as and set to run as Administrator, with non-Aero theme (see note above for 64-bit Intel Xeon server processors)
Databases
* Microsoft SQL Server and Express Edition 2012
* Microsoft SQL Server and Express Edition 2008 SP3 and 2008 R2 SP2 (32-bit and 64-bit) (Note: 2008 R2 is not backwards compatible)
Appservers
* Microsoft .NET Framework 4.0 (ASP.NET)
* SQL Server 2008/2012 Tools
* Microsoft Internet Information Services (IIS) 7.5 or 8
* Apache Lucene 4.1 Indexing and Search
Systems running iMIS desktop
* Microsoft .NET Framework 4.0 (ASP.NET)
* Microsoft Word 2007 SP3 and Word 2010 SP1, for Word integration
* Microsoft Excel 2007 SP3 and Excel 2010 SP1 for iMIS Analytics
* Adobe Reader 11.0, installed on all servers and clients to print iMIS reports.
* (optional) ExpoCAD 7.4
* (included with install) Omnis 7 version 3.6.4
Browsers
* Internet Explorer 8-10 (native) for iParts
* Internet Explorer 8 (compatibility mode) for all non-iPart .NET web applications
* Internet Explorer 9-10 for iMIS desktop
* Firefox (most recent stable version), for iParts, web views, and WCM-generated websites (version 19 as of 26 Mar 2013)
* Chrome (most recent stable version), for iParts (version 26 as of 26 Mar 2013)
* Apple IOS 6.1: native default browser, for iParts
* Google Android 4.1: native default browser, for iParts
Report writing
* Reporting Services: SQL Server 2008 Report Builder 2.0, SQL Server 2008 R2 Report Builder 3.0, or SQL Server 2012 Report Builder
* Crystal Reports 9.0

iMIS 10.6 system requirements:

I cannot find documentation for this version as of yet.  If you find it, please comment it and I will gladly credit you.

Copyright © Edventures in Normalcy. All rights reserved.