just installed the newest version 2.1.17 of Realm Object Server. Got it running on the IP I want it, got Realm Studio working and running, but no matter what config I set on the server, the default admin 'realm-admin' user always comes back after deleting it (this is after I restart my pm2 instance).
Also, can't seem to figure out how to give it a new password if deleting the user permanently is not an option. Because right now it's just open to the world. I don't want those values to go back to default when pm2 is restarted or the box is rebooted. Any help out there with this issue would be greatly appreciated. Thanks
You would need to keep the realm-admin user (or some other user with admin privilege) if you want to administer your Realm Object Server.
Changing password should fairly straight forward:
1. Connect to ROS
2. Go to the "Users" tab
3. Select the "realm-admin" user
4. Click the "Change password" button.
Related
I am using msdeploy to push out website code to 4 different servers (test and production servers). Works fine on the first 3, but the 4th is giving me an ERROR_CERTIFICATE_VALIDATION_FAILED error. I am using the -allowUntrusted option.
"C:\Program Files\IIS\Microsoft Web Deploy V3\msdeploy.exe" -verb:sync -source:iisApp="E:\workspace\testDeploy\outproject\_PublishedWebsites\<webfolder>" -dest:iisApp="mycompany.com",ComputerName="https://<hostip>:8172/MsDeploy.axd",UserName="<userid>",Password="****",AuthType="Basic" -allowUntrusted -enableRule:AppOffline -skip:objectName=filePath,absolutePath="^.*<webfolder>\\web.*\.config$|^.*mycompany\.com\\web.*\.config"
Error Code: ERROR_CERTIFICATE_VALIDATION_FAILED
More Infenter code hereormation: Connected to the remote computer ("<hostip>") using the specified process ("Web Management Service"), but could not verify the server's certificate. If you trust the server, connect again and allow untrusted certificates. Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_CERTIFICATE_VALIDATION_FAILED.
Error: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
Error: The remote certificate is invalid according to the validation procedure.
Any idea what I am missing?
Adding <AllowUntrustedCertificate>True</AllowUntrustedCertificate> to my pubxml file seemed to fix the problem initially.
Upon re-publishing days later though, I got the same error. I went into the Publish Settings, re-entered my password and the publish succeeded.
I'm now thinking my initial problem was solved by re-entering my password, not by adding <AllowUntrustedCertificate>True</AllowUntrustedCertificate>.
-allowUntrusted did not worked for me.
I used this:
/p:AllowUntrustedCertificate=True
Adding this solution as none of the others worked for me...
I had to add these lines to publish profile:
<UseMSDeployExe>True</UseMSDeployExe>
<AllowUntrustedCertificate>True</AllowUntrustedCertificate>
After adding those, publish still failed. Then I opened the publish profile settings, clicked validate connection, and saved. Only then did publish succeed.
I fixed this by going into the publish settings, then clicking "Validate Connection" at the bottom. Then this error goes away.
The problem was with the password for the user on the destination system.
I saw on another post that someone moved the -allowUntrusted flag before the -dest entry. I tried that and I started getting a ERROR_USER_UNAUTHORIZED message. Everything was correct with the password as it was entered, but it started with an * character and also had a single quote in it. I generated a new password for the user that didn't use those special characters and changed it on the remote system. After that, everything worked fine.
I was able to run the command as shown in the initial post without any error.
If you are getting a ERROR_CERTIFICATE_VALIDATION_FAILED or ERROR_USER_UNAUTHORIZED and everything is set up properly, try changing the password assigned to the user on the destination system. It would seem that some passwords just won't work.
Another Potential Solution - Deploying Web Jobs specifically
I know this is an old post, but I ran into this issue with VS 2019 when deploying my Azure Web Jobs. None of the above worked for me. What did end up working was re-authenticating using the tooling after updating the publishing profile. The way I resolved it was by right clicking the solution and selecting "Publish as Azure Webjob.." Even after creating a new publishing profile it still failed. I then added the following my publishing profile.
<_DestinationType>AzureWebSite</_DestinationType>
<UseMSDeployExe>True</UseMSDeployExe>
<AllowUntrustedCertificate>True</AllowUntrustedCertificate>
I tried publishing it again and it failed. Then I re-authenticated by clicking the edit password link shown below.
When you do, you'll see the following screen. Click on the "Attempt to retrieve credentials from Azure" link.
Don't forget to hit the save button at the bottom after retrieving the creds from Azure. Once you do, go back and try publishing again. It should work just fine.
NOTE: If you just pulled down/created your publishing profile for the first time, do not click the edit button under the name of the Publishing profile and validate the connection that way as shown below.
If you do, it may remove the username/password from the UI for the publishing tooling shown in my first image above. If it disappears, you need to start this process all over again by deleting your profile, creating a new one and finally following the steps above in order. I don't know why it does this, but just something I noticed.
I notice you used the IP address for the deployment server:
-dest:iisApp="mycompany.com",ComputerName="https://<hostip>:8172/MsDeploy.axd"
This caused the certificate validation error for me because the SSL certificate was issued for the domain name, not the IP address. Changing to domain name instead of IP address fixed it.
Just want to add my 50 cents and my solution so it may help someone else.
what i did yo solve this is to use remote desktop to connect to the host machine
and when asked to accept the machine certificate ( after input login and password ) i marked remember this at the bottom.
hope this help someone
I'm am using the Bonobo Git Server on IIS for a while and it works fine.
I hardly ever use the web interface and if I do, I log in as a normal user.
Today I logged in as the administrator but the admin links at the top are missing.
Normally I should see:
but I only get the normal user links, the create new repository button doesn't show up and when I go to:
../Settings/Index
I get an:
Unauthorized - You don't have permission for the selected action or page
I am sure I'm logged in as the admin user and the role membership has not been changed, but it seems I'm just a normal user.
There are no errors in the Bonobo or Windows logs.
I copied the site to my local server and the same files work just fine, I see the full admin interface.
I know some server hardening has taken place on the production server, but I don't know the details.
Does anybody has an idea what could case this?
I investigated the "server hardening" on the production machine and it turns out they remove many unused modules and handlers from IIS on the machine level.
They did tests on all sites and the Bonobo Git Server seemed to work fine.
Considering the problem, the admin user is not recognized as an admin, I looked at the source code for Bonobo and they are using User.IsInRole.
So it seems it they are using the ASP.NET membership provider.
I then looked at the removed IIS modules, one of them is:
System.Web.Security.RoleManagerModule
removing that locally resulted in exact the same problem I experienced on the production server.
So I ask the server admin to add that module back in:
New-WebManagedModule -Name RoleManager -Type System.Web.Security.RoleManagerModule -Precondition "managedHandler"
and everything is working fine, the admin user is a full administrator again.
PurchReqApproval workflow stopped working, that is all the workflow's messages are in pending state. There were no modifications made to objects related to that workflow (maybe except EDTs).
I am thinking this issue might be consequence of changing server admin password. Any hints how and where can I check/fix outdated password in IIS/AX/Services?
Go to your IIS manager and then click on application pools. Find the relevant one and right click on it and do advanced settings, then look at its identity (username) and click the ellipse .... Try setting the password again and recycling the app pool and/or doing an iisreset.
I had to relocate to another office due to weather related issues. In our old office, when we started an IIS application using windows authentication the application would pull your windows info and immediately sign in using your credentials. At our new location I have the same app and same settings, or so I thought and when a user starts the application a windows username/pass box opens. The correct information is stored there and the user can just hit enter and move on but I was wondering why it doesn't just auto-log in like at my other location? Does something need to be set in web.config?
The cached credentials on Windows will impact this. If the IP changes or machine name changes, you can easily fix by going into CredentialManager in the control panel and deleting the old ones, then when you tell it to save credentials next time, it takes you right in.
https://security.stackexchange.com/questions/15574/how-do-i-clear-cached-credentials-from-my-windows-profile
I am in the process of moving my drupal site to a new IIS server. I had it running perfectly on one server. I disabled all non-core modules, turned off clean urls, put the site in maintenance mode and moved the files and database to my new server. I am able to bring the new site up fine. I can view the main page as well as other content. I can even create new content.
However, whenever I try to access the admin page, I am getting a 500 error on the server. I am not getting anything in the server logs to indicate what the problem might be. Does anyone have any idea what might be going on?
Thanks for any thoughts.
Is the menu router menu system not rebuilt correctly?
Try getting to the Modules page, Menu page, or run cron.
There could be many reasons why you cannot access the administrative pages, including the fact the database tables have not been correctly moved.
Check the content of the table users, and verify the user account for the "super user" (the one with user ID equal to 1) has still the user ID equal to 1. That is a particular user that has automatically any permission; if the user ID is not 1 anymore, then the account becomes a normal user account, and it needs to be expressly allowed to do anything.
you don't need to disable clean urls, this is how your enable them in IIS:
http://learn.iis.net/page.aspx/505/install-drupal-on-iis/
could be something to do with clean urls, i also had this problem when recently removing my website to IIS, clean url's fixed this issue!