Search Results

Search found 66 results on 3 pages for 'someuser'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 1/3 | 1 2 3  | Next Page >

  • redhat Apache fast-cgi selinux permissions

    - by Alejo JM
    My apache installation is running php as fastcgi, and the virtual hosts are pointing to /home/*/public_html. and the fastcgi are home/*/cgi-bin/php.fcgi the public_html setup with selinux was: /usr/sbin/setsebool -P httpd_enable_homedirs 1 chcon -R -t httpd_sys_content_t /home/someuser/public_html The owner and group are the user, for example the user "someuser": ls -all /home/someuser/cgi-bin/ drwxr-xr-x 2 someuser someuser 4096 Sep 7 13:14 . drwx--x--x 6 someuser someuser 4096 Sep 6 18:17 .. -rwxr-xr-x 1 someuser someuser 308 Sep 7 13:14 php.fcgi ls -all /home/someuser/public_html/ | greep info.php -rw-r--r-- 1 someuser someuser 24 Sep 3 16:24 info.php When is visits the site I get "Forbidden ..." and the log said: [Fri Sep 07 12:02:51 2012] [error] [client x.x.x.x] (13)Permission denied: access to /cgi-bin/php.fcgi/info.php denied My selinux conf is: SELINUX=enforcing SELINUXTYPE=targeted SETLOCALDEFS=0 So I kill Selinux (SELINUX=disabled), reboot the system and everything works !!!!! The problem is Selinux, I don't want disable Selinux. I trying this with no success: setsebool -P httpd_enable_cgi 1 chcon -t httpd_sys_script_exec_t /home/someuser/cgi-bin/php.fcgi chcon -R -t httpd_sys_content_t /home/someuser/cgi-bin Or maybe is better change Selinux SELINUX=enforcing to SELINUX=permissive And disable selinux for httpd ? (I think I better find the correct configuration) Thanks for any suggestion on this matter My environment: Red Hat Enterprise Linux Server release 5.8 (Tikanga) Server version: Apache/2.2.3 PHP 5.1.6 (cli) (built: Jun 22 2012 06:20:25) Copyright (c) 1997-2006 The PHP Group Zend Engine v2.1.0, Copyright (c) 1998-2006 Zend Technologies Some logs: ps -ZC httpd LABEL PID TTY TIME CMD system_u:system_r:httpd_t 2822 ? 00:00:00 httpd system_u:system_r:httpd_t 2823 ? 00:00:00 httpd system_u:system_r:httpd_t 2824 ? 00:00:00 httpd system_u:system_r:httpd_t 2825 ? 00:00:00 httpd system_u:system_r:httpd_t 2826 ? 00:00:00 httpd system_u:system_r:httpd_t 2836 ? 00:00:00 httpd system_u:system_r:httpd_t 2837 ? 00:00:00 httpd system_u:system_r:httpd_t 2838 ? 00:00:00 httpd system_u:system_r:httpd_t 2839 ? 00:00:00 httpd system_u:system_r:httpd_t 2840 ? 00:00:00 httpd getsebool -a | grep httpd allow_httpd_anon_write --> off allow_httpd_bugzilla_script_anon_write --> off allow_httpd_cvs_script_anon_write --> off allow_httpd_mod_auth_pam --> off allow_httpd_nagios_script_anon_write --> off allow_httpd_prewikka_script_anon_write --> off allow_httpd_squid_script_anon_write --> off allow_httpd_sys_script_anon_write --> off httpd_builtin_scripting --> on httpd_can_network_connect --> off httpd_can_network_connect_db --> off httpd_can_network_relay --> off httpd_can_sendmail --> on httpd_disable_trans --> off httpd_enable_cgi --> on httpd_enable_ftp_server --> off httpd_enable_homedirs --> on httpd_execmem --> off httpd_read_user_content --> off httpd_rotatelogs_disable_trans --> off httpd_setrlimit --> off httpd_ssi_exec --> off httpd_suexec_disable_trans --> off httpd_tty_comm --> on httpd_unified --> on httpd_use_cifs --> off httpd_use_nfs --> off

    Read the article

  • Extreme headache from ASSP Extreme Ban

    - by Chase Florell
    I've got a local user on my server that as of today cannot send email from any of their devices. Only Webmail (which doesn't touch any of their devices) works. Here are the various email failures I'm receiving in the logs. Dec-04-12 19:52:47 75966-05166 [SpoofedSender] 111.111.111.111 <[email protected]> to: [email protected] [scoring:20] -- No Spoofing Allowed -- [Test]; Dec-04-12 19:52:47 75966-05166 [Extreme] 111.111.111.111 <[email protected]> to: [email protected] [spam found] -- score for 111.111.111.111 is 1980, surpassing extreme level of 500 -- [Test] -> spam/Test__1.eml; Dec-04-12 19:52:48 75968-05169 111.111.111.111 <[email protected]> to: [email protected] [scoring:10] -- IP in HELO does not match connection: '[192.168.0.10]' -- [Re Demo Feedbacks for End of November Sales]; Dec-04-12 19:52:48 75968-05169 [SpoofedSender] 111.111.111.111 <[email protected]> to: [email protected] [scoring:20] -- No Spoofing Allowed -- [Re Demo Feedbacks for End of November Sales]; Dec-04-12 19:52:48 75968-05169 [Extreme] 111.111.111.111 <[email protected]> to: [email protected] [spam found] -- score for 111.111.111.111 is 2020, surpassing extreme level of 500 -- [Re Demo Feedbacks for End of November Sales] ->spam/Re_Demo_Feedbacks_for_End_of_N__2.eml; Dec-04-12 19:52:57 75977-05179 [SpoofedSender] 111.111.111.111 <[email protected]> to: [email protected] [scoring:20] -- No Spoofing Allowed -- [test]; Dec-04-12 19:52:57 75977-05179 [Extreme] 111.111.111.111 <[email protected]> to: [email protected] [spam found] -- score for 111.111.111.111 is 2040, surpassing extreme level of 500 -- [test] -> spam/test__3.eml; ……………. Dec-04-12 19:55:35 76135-05338 [SpoofedSender] 111.111.111.111 <[email protected]> to: [email protected] [scoring:20] -- No Spoofing Allowed -- [test]; Dec-04-12 19:55:35 76135-05338 [MsgID] 111.111.111.111 <[email protected]> to: [email protected] [scoring] (Message-ID not valid: 'E8472A91545B44FBAE413F6D8760C7C3@bts'); Dec-04-12 19:55:35 76135-05338 [InvalidHELO] 111.111.111.111 <[email protected]> to: [email protected] [spam found] -- Invalid HELO: 'bts' -- [test] -> discarded/test__4.eml; note: 111.111.111.111 is a replacement for the users home IP address Here is the headers of one of the messages X-Assp-Score: 10 (HELO contains IP: '[192.168.0.10]') X-Assp-Score: 10 (IP in HELO does not match connection: '[192.168.0.10]') X-Assp-Score: 20 (No Spoofing Allowed) X-Assp-Score: 10 (bombSubjectRe: 'sale') X-Assp-Score: 20 (blacklisted HELO '[192.168.0.10]') X-Assp-Score: 45 (DNSBLcache: failed, 111.111.111.111 listed in safe.dnsbl.sorbs.net) X-Assp-DNSBLcache: failed, 174.0.35.31 listed in safe.dnsbl.sorbs.net X-Assp-Received-SPF: fail (cache) ip=174.0.35.31 [email protected] helo=[192.168.0.10] X-Assp-Score: 10 (SPF fail) X-Assp-Envelope-From: [email protected] X-Assp-Intended-For: [email protected] X-Assp-Version: 1.7.5.7(1.0.07) on ASSP.nospam X-Assp-ID: ASSP.nospam (77953-07232) X-Assp-Spam: YES X-Assp-Original-Subject: Re: Demo Feedbacks for End of November Sales X-Spam-Status:yes X-Assp-Spam-Reason: MessageScore (125) over limit (50) X-Assp-Message-Totalscore: 125 Received: from [192.168.0.10] ([111.111.111.111] helo=[192.168.0.10]) with IPv4:25 by ASSP.nospam; 4 Dec 2012 20:25:52 -0700 Content-Type: multipart/alternative; boundary=Apple-Mail-40FE7453-4BE7-4AD6-B297-FB81DAA554EC Content-Transfer-Encoding: 7bit Subject: Re: Demo Feedbacks for End of November Sales References: <003c01cdd22e$eafbc6f0$c0f354d0$@com> From: Some User <[email protected]> In-Reply-To: <003c01cdd22e$eafbc6f0$c0f354d0$@com> Message-Id: <[email protected]> Date: Tue, 4 Dec 2012 19:32:28 -0700 To: External User <[email protected]> Mime-Version: 1.0 (1.0) X-Mailer: iPhone Mail (10A523) Why is it that a local sender has been banned on our local server, and how can I fix this?

    Read the article

  • Allowing wildcard (%) access on MySQL db, getting error "access denied for '<user>'@'localhost'"

    - by Wayne M
    I've created a database and a user, and allowed access via the following: create user 'someuser'@'%' identified by 'password'; grant all privileges on somedb.* to 'someuser' with grant option; however, when I try to connect to MySQL I get the following error: $ mysql -u someuser -p > Enter Password: > ERROR 1045 (28000): Access denied for user 'someuser'@'localhost' (using password: YES) If "%" is the wildcard, then wouldn't it also enable localhost?

    Read the article

  • How do I restrict access to a directory for a specific user through samba?

    - by dummzeuch
    I have got a sub directory of a shared directory that I use Samba with and have set it to be accessible by only one user: $ cd /mnt/SomeSambaShare $ ls -lad SomeDir drwx--S--- 23 SomeUser SomeGroup 4096 2012-07-26 07:44 SomeDir I cannot access this directory as a linux user other than SomeUser. But I still can access this directory using a different Samba user than SomeUser. Why is that? And how do I prevent this?

    Read the article

  • Postfix - am I sending spam?

    - by olrehm
    today I received like 30 messages within 5 minutes telling me that some mail I send could not be delivered, mostly to *.ru email addresses which I did not send any mail to. I have my own webserver (postfix/dovecot) set up using this guide (http://workaround.org/ispmail/lenny) but adjusted a little bit for Ubuntu. I tested whether I am an Open Relay which I am apparently not. Now there are two possible reasons for the above mentioned emails: Either I am sending out spam, or somebody wants me to think that, correct? How can I check this? I selected one particular address that I supposedly send spam to. Then I searched my mail.log for this entry. I found two blocks that record that somebody from the server connected to my server and delivered some message to two different users. I cannot find an entry reporting that anyone from my server send an email to that server. Does this mean its just some mail to scare me or could it still have been send by me in the first place? Here is one such block from the log (I replaced some confidential stuff): Jun 26 23:23:28 mycustomernumber postfix/smtpd[29970]: connect from mx.webstyle.ru[195.144.251.97] Jun 26 23:23:29 mycustomernumber postfix/smtpd[29970]: 044991528995: client=mx.webstyle.ru[195.144.251.97] Jun 26 23:23:29 mycustomernumber postfix/cleanup[29974]: 044991528995: message-id=<[email protected]> Jun 26 23:23:29 mycustomernumber postfix/qmgr[3369]: 044991528995: from=<>, size=2198, nrcpt=1 (queue active) Jun 26 23:23:29 mycustomernumber amavis[28598]: (28598-11) ESMTP::10024 /var/lib/amavis/tmp/amavis-20110626T223137-28598: <> -> <[email protected]> SIZE=2198 Received: from mycustomernumber.stratoserver.net ([127.0.0.1]) by localhost (rehmsen.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <[email protected]>; Sun, 26 Jun 2011 23:23:29 +0200 (CEST) Jun 26 23:23:29 mycustomernumber amavis[28598]: (28598-11) Checking: YakjkrdFq6A8 [195.144.251.97] <> -> <[email protected]> Jun 26 23:23:29 mycustomernumber postfix/smtpd[29970]: disconnect from mx.webstyle.ru[195.144.251.97] Jun 26 23:23:29 mycustomernumber amavis[28598]: (28598-11) lookup_sql_field(id) (WARN: no such field in the SQL table), "[email protected]" result=undef Jun 26 23:23:32 mycustomernumber postfix/smtpd[29979]: connect from localhost.localdomain[127.0.0.1] Jun 26 23:23:32 mycustomernumber postfix/smtpd[29979]: 0A1FA1528A21: client=localhost.localdomain[127.0.0.1] Jun 26 23:23:32 mycustomernumber postfix/cleanup[29974]: 0A1FA1528A21: message-id=<[email protected]> Jun 26 23:23:32 mycustomernumber postfix/qmgr[3369]: 0A1FA1528A21: from=<>, size=2841, nrcpt=1 (queue active) Jun 26 23:23:32 mycustomernumber postfix/smtpd[29979]: disconnect from localhost.localdomain[127.0.0.1] Jun 26 23:23:32 mycustomernumber amavis[28598]: (28598-11) FWD via SMTP: <> -> <[email protected]>,BODY=7BIT 250 2.0.0 Ok, id=28598-11, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 0A1FA1528A21 Jun 26 23:23:32 mycustomernumber amavis[28598]: (28598-11) Passed CLEAN, [195.144.251.97] [195.144.251.97] <> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: YakjkrdFq6A8, Hits: 2.249, size: 2197, queued_as: 0A1FA1528A21, 2882 ms Jun 26 23:23:32 mycustomernumber postfix/smtp[29975]: 044991528995: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=3.3, delays=0.39/0.01/0.01/2.9, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=28598-11, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 0A1FA1528A21) Jun 26 23:23:32 mycustomernumber postfix/qmgr[3369]: 044991528995: removed Jun 26 23:23:33 mycustomernumber postfix/smtp[29980]: 0A1FA1528A21: to=<[email protected]>, orig_to=<[email protected]>, relay=mx3.hotmail.com[65.54.188.110]:25, delay=1.2, delays=0.15/0.02/0.51/0.55, dsn=2.0.0, status=sent (250 <[email protected]> Queued mail for delivery) Jun 26 23:23:33 mycustomernumber postfix/qmgr[3369]: 0A1FA1528A21: removed Jun 26 23:26:49 mycustomernumber postfix/anvil[29972]: statistics: max connection rate 1/60s for (smtp:195.144.251.97) at Jun 26 23:23:28 Jun 26 23:26:49 mycustomernumber postfix/anvil[29972]: statistics: max connection count 1 for (smtp:195.144.251.97) at Jun 26 23:23:28 Jun 26 23:26:49 mycustomernumber postfix/anvil[29972]: statistics: max cache size 1 at Jun 26 23:23:28 I can provide more info if you tell me what you need to know. Thank you for you help!

    Read the article

  • How to convert attribute name to string?

    - by Acidburn2k
    Lets say we have some basic AR model. class User < ActiveRecord::Base attr_accessible :firstname, :lastname, :email end ... some_helper_method(attrib) ... def Now I would like to pass someuser.firstname to helper and I would like to get both the value and the attribute name, for example: some_helper_method(someuser.firstname) > "firstname: Joe" some_helper_method(someuser.lastname) > "lastname: Doe"

    Read the article

  • Django : mysql : 1045, "Access denied for user

    - by PlanetUnknown
    I have the whole setup working for months on my local computer. I'm installing on a remote site now. Created a fresh mysql DB, and created a new user ("someuser") and gave it complete grants, like so - GRANT ALL PRIVILEGES ON . TO 'someuser'@'localhost' IDENTIFIED BY 'somepassword' WITH GRANT OPTION; I have sync'd the db, using "python manage.py syncdb" and the correct tables were created. My settings.py has this same user. But when I try to login a user through the application, and it hits the DB, I see the following in the logs - (1045, "Access denied for user 'someuser'@'localhost' (using password: YES)") I logged in through mysql (installed on the same box as django) and checked the grants and it correctly shows - Grants for djangouser@localhost GRANT ALL PRIVILEGES ON * . * TO 'someuser'@'localhost' IDENTIFIED BY PASSWORD '*thesaltedpasswordOverHere' WITH GRANT OPTION I don't want to use the root user/password for django, since it doesn't seem the correct way. Any pointers as to what might be wrong ?

    Read the article

  • Configure Postfix to use external MX servers for delivery of local mail if user is unknown

    - by mr.b
    I have a following setup: linux box with postfix configured to be responsible for example.com domain domain's MX servers are configured so that mail sent to example.com is sent to google mail servers several user accounts on linux machine exist (same machine also hosts example.com site) When someone from the outside attempts to send mail to address ending with @example.com, it gets routed to google mail (and there handled appropriately). When linux machine tries to send mail to outside world, mail is delivered correctly, as reverse dns and spf records are configured correctly, so linux machine is valid mail sender for example.com domain (along with google mail servers). However, here's the problem. When php application (hosted at linux box) tries to send mail to [email protected] (and someuser doesn't exist on linux box), it fails, since it doesn't even consult google mail servers, but postfix smtp locally concludes that "someuser" is unknown. So, the question is: how do I tell postfix to relay mails sent to @example.com domain to google mail servers (so, to servers specified in MX records), IF and only if a mailbox is not found locally.

    Read the article

  • Folder default ACLs not inherited when new file is created

    - by Flavien
    I'm a bit of a beginner with Unix systems, but I'm running Cygwin on my Windows Server, and I am trying to figure out something related to extended ACLs. I have a directory to which I set the following ACLs: Administrator@MyServer ~ $ setfacl -m d:u:Someuser:r-- somedir Administrator@MyServer ~ $ getfacl somedir/ # file: somedir/ # owner: Administrator # group: None user::rwx group::r-x mask:rwx other:r-x default:user::rwx default:user:Someuser:r-- default:group::r-x default:mask:rwx default:other:r-x As you can see mose of the default ACLs have the x bit. Then when I create a fine in it, it doesn't inherit the ACLs it is supposed to: Administrator@MyServer ~ $ touch somedir/somefile Administrator@MyServer ~ $ getfacl somedir/somefile # file: somedir/somefile # owner: Administrator # group: None user::rw- user:Someuser:r-- group::r-- mask:rwx other:r-- It's basically missing the x bit everywhere. Any idea why?

    Read the article

  • sshfs mount won't start from /etc/rc.local

    - by Alex Flo
    I have the following commands in /etc/rc.local chmod 666 /dev/fuse chmod +x /usr/bin/fusermount /bin/su someuser -c "/usr/bin/sshfs someuser@someserver:/usr/local/storage /usr/local/storage_remote -o nonempty -o reconnect" If I run them from command line, as root, they work. If I reboot the server they won't run from /etc/rc.local. I try to figure out what I do wrong but I don't have console access and I couldn't find any errors in /var/log related to sshfs.

    Read the article

  • gSoap not working with correct pkg-config

    - by O.O
    I run: soapcpp2 myClass.hpp -dsoap and get this error: Package gsoap++ was not found in the pkg-config search path. Perhaps you should add the directory containing `gsoap++.pc' to the PKG_CONFIG_PATH environment variable No package 'gsoap++' found Package gsoap++ was not found in the pkg-config search path. Perhaps you should add the directory containing `gsoap++.pc' to the PKG_CONFIG_PATH environment variable No package 'gsoap++' found The path is set... $ echo $PKG_CONFIG_PATH :/home/someUser/SOAP/gsoap-2.8/:/home/someUser/SOAP/gsoap-2.8/

    Read the article

  • Two Routers, Two Internet (1 Open, 1 PPTP) - Routing?

    - by SomeUser
    Hi there, I'm trying to setup two routers - one to route specific sites to a always-on PPTP VPN connection, the other for open internet access w/ firewall. First router is connected to Internet w/ built-in firewall. Second router is connected to a PPTP VPN connection. I was going to connect a wire between the routers and would like some insight on how to get both groups of systems (connected to each router) to talk between automatically. Even better would be to setup one gateway for certain sites and another for general Internet. The other option is to default all sites to the net and shoot others to the gateway or vice versa... Any insight so I can get a better grasp of this? Thanks!

    Read the article

  • Problem with icacls on Windows 2003: "Acl length is incorrect"

    - by Andrew J. Brehm
    I am confused by the output of icacls on Windows 2003. Everything appears to work on Windows 2008. I am trying to change permissions on a directory: icacls . /grant mydomain\someuser:(OI)(CI)(F) This results in the following error: .: Acl length is incorrect. .: An internal error occurred. Successfully processed 0 files; Failed processing 1 files The same command used on a file named "file" works: icacls file /grant mydomain\someuser:(OI)(CI)(F) Result is: processed file: file Successfully processed 1 files; Failed processing 0 files What's going on?

    Read the article

  • How to run a shell script before restarting a service in Monit in case of a crash

    - by Supratik
    I am using Monit 5.3.2 in my Linux box. I am monitoring some services using Monit. I want to run a script before the running the restart command. I have used the below conditions for the same. if does not exist for 2 times within 3 cycles then exec "/bin/bash -c 'touch /tmp/somefile'" as uid someuser and gid someuser if does not exist for 10 cycles then restart Unfortunately only the restart action is getting executed. Can anyone please help me to identify why the first rule is not executed ? Is there are any other way to solve the problem ?

    Read the article

  • Restoring the owners on debian system files

    - by Vlad
    Due to my inattention, tiredness (and probably stupidity) i've run chown -R someuser:someuser / and now all your base are belongs to us the files on the server belong to one user (lol). After system restart apache, bind9, mysql, and a dozen of other applications don't start and fill their log files with permission errors. I haven't done any backups on system files, only on the db and website files... Please suggest some ways to revive my web server. I have only 2 month experience with linux, so please keep it simple...

    Read the article

  • setting up rhel 5.x RPM build server for mortal users

    - by Chen Levy
    My task is to setup a RHEL 5.x build host, that can build RPMs for mortal users. On RHEL 6.x with rpm version 4.8, I have in /usr/lib/macros: # Path to top of build area. %_topdir %{getenv:HOME}/rpmbuild On RHEL 5.x with rpm version 4.4, the %{getevn:HOME} is not available. I know that I can use /home/someuser/.rpmmacros: %_topdir /home/someuser/rpmbuild and this will work for that user, however I don't want to do this for every user separately. Moreover, since .rpmmacro will not expand ${HOME} or ~ I suspect it is unsafe to use those. This in turn make /etc/skel unstable for this task (or so I suspect). So in short, my question is: How to setup RHEL 5.x host that allow all users to build RPM packages in their home directory?

    Read the article

  • How to exclude a specific URL from basic authentication in Apache?

    - by ripper234
    Two scenarios: Directory I want my entire server to be password-protected, so I included this directory config in my sites-enabled/000-default: <Directory /> Options FollowSymLinks AllowOverride None AuthType Basic AuthName "Restricted Files" AuthUserFile /etc/apache2/passwords Require user someuser </Directory> The question is how can I exclude a specific URL from this? Proxy I found that the above password protection doesn't apply to mod_proxy, so I added this to my proxy.conf: <Proxy *> Order deny,allow Allow from all AuthType Basic AuthName "Restricted Files" AuthUserFile /etc/apache2/passwords Require user someuser </Proxy> How do I exclude a specific proxied URL from the password protection? I tried adding a new segment: <Proxy http://myspecific.url/> AuthType None </Proxy> but that didn't quite do the trick.

    Read the article

  • Spam mail through SMTP and user spoofing

    - by Josten Moore
    I have noticed that it's possible to telnet into a mailserver that I own and send spoofed messages to other clients. This only works for the domain that the mail server is regarding; I cannot do it for other domains. For example; lets say that I own example.com. If I telnet example.com 25 I can successfully send a message to another user without authentication: HELO local MAIL FROM: [email protected] RCPT TO: [email protected] DATA SUBJECT: Whatever this is spam Spam spam spam . I consider this a big problem; how do I secure this?

    Read the article

  • How to configure in crontab with condition statement for checks

    - by chz
    We like to monitor the NAS storage mounted on a linux box. We only like to be notified via mail when the usage exceeds a certain number say 80. We have only seen in linux books where most of them are calling shell scripts at certain times. How do we write inside crontab to only mail us if it exceeds 80 ? Usual eg 2 2 * * * /home/someUser/script.sh 2&1 | mail [email protected] Looking for solution like below 2 2 * * * if [ someNumber "80" ] ; then /home/someUser/script.sh | mail [email protected] Sincerely

    Read the article

  • Microsoft.Web.Administration.ServerManager can't read config sections containing encrypted passwords

    - by Dylan Beattie
    I have some sites in IIS7 that are configured to run as domain users (MYDOMAIN\someuser). I'm using the Microsoft.Web.Administration namespace to scan my server configuration, but it's throwing an exception when I hit one of these "impersonator" sites: using (ServerManager sm = new ServerManager()) { foreach (Site site in sm.Sites) { foreach (Application app in site.Applications.Reverse()) { foreach (VirtualDirectory vdir in app.VirtualDirectories.Reverse()) { var config = app.GetWebConfiguration(); foreach (var locationPath in config.GetLocationPaths()) { // error occurs in GetLocationPaths() } } } } } The actual error message is: COMException was unhandled Filename: \\?\C:\Windows\system32\inetsrv\config\applicationHost.config Line number: 279 Error: Failed to decrypt attribute 'password' because the keyset does not exist It appears that IIS is storing the MYDOMAIN\someuser password encrypted in applicationHost.config, which is great in terms of security - but I have no idea how to get the ServerManager to decrypt this. Any tips on how I can either allow ServerManager to decrypt this, or just tell IIS to store the passwords in plain text? This is on IIS7 under Windows 7 RC, by the way.

    Read the article

  • Microsoft.Web.Administration.ServerManager can't read config sections containing encrypted passwords in applicationHost.config

    - by Dylan Beattie
    I have some sites in IIS7 that are configured to run as domain users (MYDOMAIN\someuser). I'm using the Microsoft.Web.Administration namespace to scan my server configuration, but it's throwing an exception when I hit one of these "impersonator" sites: using (ServerManager sm = new ServerManager()) { foreach (Site site in sm.Sites) { foreach (Application app in site.Applications.Reverse()) { foreach (VirtualDirectory vdir in app.VirtualDirectories.Reverse()) { var config = app.GetWebConfiguration(); foreach (var locationPath in config.GetLocationPaths()) { // error occurs in GetLocationPaths() } } } } } The actual error message is: COMException was unhandled Filename: \\?\C:\Windows\system32\inetsrv\config\applicationHost.config Line number: 279 Error: Failed to decrypt attribute 'password' because the keyset does not exist It appears that IIS is storing the MYDOMAIN\someuser password encrypted in applicationHost.config, which is great in terms of security - but I have no idea how to get the ServerManager to decrypt this. Any tips on how I can either allow ServerManager to decrypt this, or just tell IIS to store the passwords in plain text? This is on IIS7 under Windows 7 RC, by the way.

    Read the article

  • Why do weekly tasks created via PowerShell using a different user fail with error 0x41306

    - by Danny Tuppeny
    We have some scripts that create scheduled jobs using PowerShell as part of our application. When testing them recently, I noticed that some of them always failed immediately, and no output is ever produced (they don't even appear in the Get-Job list). After many days of tweaking, we've managed to isolate it to any jobs that are set to run weekly. Below is a script that creates two jobs that do exactly the same thing. When we run this on our domain, and provide credentials of a domain user, then force both jobs to run in the Task Scheduler GUI (right-click - Run), the daily one runs fine (0x0 result) and the weekly one fails (0x41306). Note: If I don't provide the -Credential param, both jobs work fine. The jobs only fail if the task is both weekly, and running as this domain user. I can't find information on why this is happening, nor think of any reason it would behave differently for weekly jobs. The "History£ tab in the Task Scheduler has almost no useful information, just "Task stopping due to user request" and "Task terminated", both of which have no useful info: Task Scheduler terminated "{eabba479-f8fc-4f0e-bf5e-053dfbfe9f62}" instance of the "\Microsoft\Windows\PowerShell\ScheduledJobs\Test1" task. Task Scheduler stopped instance "{eabba479-f8fc-4f0e-bf5e-053dfbfe9f62}" of task "\Microsoft\Windows\PowerShell\ScheduledJobs\Test1" as request by user "MyDomain\SomeUser" . What's up with this? Why do weekly tasks run differently, and how can I diganose this issue? This is PowerShell v3 on Windows Server 2008 R2. I've been unable to reproduce this locally, but I don't have a user set up in the same way as the one in our production domain (I'm working on this, but I wanted to post this ASAP in the hope someone knows what's happening!). Import-Module PSScheduledJob $Action = { "Executing job!" } $cred = Get-Credential "MyDomain\SomeUser" # Remove previous versions (to allow re-running this script) Get-ScheduledJob Test1 | Unregister-ScheduledJob Get-ScheduledJob Test2 | Unregister-ScheduledJob # Create two identical jobs, with different triggers Register-ScheduledJob "Test1" -ScriptBlock $Action -Credential $cred -Trigger (New-JobTrigger -Weekly -At 1:25am -DaysOfWeek Sunday) Register-ScheduledJob "Test2" -ScriptBlock $Action -Credential $cred -Trigger (New-JobTrigger -Daily -At 1:25am)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

1 2 3  | Next Page >