IIS URL Rewrite username logging

We migrated a SQL SSRS server from one machine to another. In order to make it so that everyone’s shortcuts and favorites to specific reports still work, I shut down the old SSRS server and created an IIS site on that server that uses URL rewrite to redirect the request to the new server. It works great.

Now we want to, over time, contact the users who have not replaced their shortcuts and favorites with new ones on the new server and get them to do it so that we can shut this old server off.

I thought it would be as easy as making it so that the only authentication method available was “Windows Authentication” (which is how this specific site was set up to begin with) and then look in the log files. But all of the log file lines have no username… which makes me believe that the URL rewrite is taking place BEFORE the authentication.

Anyone have a workaround that would force the authentication to the old server to work, so I can get usernames in the log files?

Kibana 6.5 behind a Haproxy : No response from kibana

First of all I’m pretty new to the Kibana world and Haproxy. Installation : Centos 7 Haproxy 1.5.18 : installed through yum install haproxy. Kibana : 6.5 latest release. It’s an ‘In the box configuration’ with ES, logstash & Redis. Firewalld stopped. SELinux port 5601 opened My problem : Haproxy doesn’t seem to communicate with kibana.

Haproxy Configuration :

global     log local1 debug     chroot /var/lib/haproxy   pidfile     /var/run/haproxy.pid     maxconn 4000     user        haproxy     group       haproxy     daemon     tune.ssl.default-dh-param 2048     # Répertoire SSL par défaut     ca-base /etc/ssl/certs     crt-base /etc/ssl/private      ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS     ssl-default-bind-options no-sslv3  defaults   log global   option httplog   timeout connect 5000   timeout client  50000   timeout server  50000  frontend http-in   mode http   bind   redirect scheme https code 301 if !{ ssl_fc }  frontend https-in     bind ssl crt /etc/ssl/private/vmrelkoytst.pem     reqadd X-Forwarded-Proto:\ https     acl acl_kibana path_beg /kibana     use_backend kibana if acl_kibana  backend kibana     mode http     option forwardfor     option httpchk GET /     reqrep ^([^\ :]*)\ /kibana/(.*) \ /     server relk 

Kibana Configuration :

server.host: "" server.basePath: "/kibana" server.rewriteBasePath: false elasticsearch.url: "http://localhost:9200" elasticsearch.preserveHost: true 

Haproxy doesn’t make a connexion with Kibana, based on the lack of traces in the Kibana log. When I go to the URL http://myserver/kibana I’m correctly redirected to https://myserver/kibana. haproxy log :

Dec 19 16:00:05 localhost haproxy[7025]: [19/Dec/2018:16:00:05.903] https-in~ https-in/<NOSRV> -1/-1/2 0 SC 1/1/0/0/0 0/0 Dec 19 16:00:05 localhost haproxy[7025]: [19/Dec/2018:16:00:05.903] https-in~ https-in/<NOSRV> -1/-1/2 0 -- 0/0/0/0/0 0/0 Dec 19 16:00:05 localhost haproxy[7025]: [19/Dec/2018:16:00:05.907] https-in~ https-in/<NOSRV> -1/-1/1 0 SC 0/0/0/0/0 0/0 

Nothing about connexions in the kibana.log or messages. command lsof -i -nP is giving this :

node      6752        kibana   11u  IPv4  55370      0t0  TCP (LISTEN) node      6752        kibana   13u  IPv4  55376      0t0  TCP> (ESTABLISHED) node      6752        kibana   14u  IPv4  55371      0t0  TCP> (ESTABLISHED) node      6752        kibana   15u  IPv4  55372      0t0  TCP> (ESTABLISHED) rsyslogd  6948          root    3u  IPv4  59765      0t0  UDP *:514 rsyslogd  6948          root    4u  IPv6  59766      0t0  UDP *:514 haproxy   7024       haproxy    5u  IPv4  61408      0t0  UDP *:44174 haproxy   7025       haproxy    4u  IPv4  61407      0t0  TCP *:80 (LISTEN) haproxy   7025       haproxy    5u  IPv4  61408      0t0  UDP *:44174 haproxy   7025       haproxy    6u  IPv4  61409      0t0  TCP *:443 (LISTEN) 

webpage is giving the error : myserver didn’t send any data ( ERR_EMPTY_RESPONSE )

Response to : curl http://x.x.x.x:5601/app/kibana OK Response to : curl http://x.x.x.x:5601/kibana     404 Error Response to : curl http://x.x.x.x:5601/           No response 

I don’t understant why curl doesn’t respond correctly on my 2 last curl’s. Can somebody help me ? The answer given in : https://stackoverflow.com/questions/36266776/kibana-server-basepath-results-in-404 Doesn’t seem to work.

PCI Compliance – SSL certificate doesn’t match hostname (port 25)

I’m working on a server hosting multiple websites for one company. Trying to get one of the domains to be PCI compliant, but it’s failing on port 25 (SMTP) because the SSL certificate hostname doesn’t match.

Each domain hosted on the server has its own valid SSL certificate, or some share multi-domain certificates. The PCI scan validates the SSL certificate on port 443.

The mail server is Postfix, and the main.cf config uses a valid wildcard SSL certificate that is used for the “main” domain of the company. The domain I’m trying to validate for PCI is another domain.

I don’t really understand how this could be set up to use a SSL certificate on port 25 which will be valid for any domain hosted on this server that needs to pass PCI. This is slightly outside my areas of knowledge at the moment.

OpenVPN Tunnel blocking inbound web connections

I have a server running a OpenVPN client to route all internet traffic via the VPN.

I have excluded the local subnet from the tunnel and this is all working well so far.

The server also has a webserver running, which is publicly accessible using port forwarding from my router.

The web server is only working when the VPN client is stopped. I assume when the vpn is open the packets to respond are being sent back over the VPN link, rather than back to the router.

Question: is it possible to prevent this?

I’m running Ubuntu Server 18.04.


Sub-subdomain on IIS

We host a number of applications on a single domain. For each new application we have to submit a request to add a new subdomain, which can take days.

I thought perhaps if I had a generic subdomain such as host.company.com pointing at the single web server, I could add further subdomains to it myself on the IIS box, and eliminate the need to submit change requests. i.e.

myapp1.host.company.com myapp2.host.company.com I’ve tested the “host.company.com” subdomain, and that points to the correct server, but now I’ve tried adding the bindings for the extra subdomains and it doesn’t work.

NSLOOKUP returns “Non-existent domain”

IIS 8.5

Windows Server 2012 R2

Any thoughts?

Forwarding emails from postfix to exchange server?

I have some web application which is used as a webmail client to exchange. I can pull emails from exchange server via IMAP, but problem is at sending mails.

Application is using MSMTP client to send mails, and I have installed local postfix mail server to relay all emails to exchange as described in the post:

Configuring Postfix to Relay Mail to Local Exchange Mail Server in RHEL/ CentOS 7

and I also added Frontend recieve connector on exchange for practicular IP address of postfix server.

When I send a test email to postfix via msmtp i always recieve:

websrv1 postfix/smtp[36849]: 8618411EF7F: to=<mail@domain.com>, relay=mail.domain.com[]:587, delay=5, delays=0.01/0/0.02/5, dsn=5.7.1, status=bounced (host mail.domain.com[] said: 530 5.7.1 Client was not authenticated (in reply to MAIL FROM command)) 

So, what I need to do for this to work?

The msmtp client config:

account default logfile /home/app/msmtp_default.log host localhost port 25 from mail@domain.com keepbcc off auth off  tls off tls_certcheck off 

Exchange server version is 2016.

Service cant write file to shared networkfolder

We have made a service that should only write a file to a shared network folder.

The computers are in the same workgroup (no domain) and the network folder has given full access to “Everyone”.

The other PC can access the network folder and also read/write to it, e.g copy a file to it. No password is needed.

But the service still wont write the file to the network folder located on the other PC. If the folder is local, the service works fine.

Does anybody know what permission is missing to make this work?

Server for launch thousand of browsers [duplicate]

This question already has an answer here:

  • Can you help me with my capacity planning? 3 answers

I’m selecting components for the new server for automated tests. The main purpose of it is to launch about thousand of browsers (Firefox or Chrome) with selenium, java and linux. I think about using this components:

  • CPU: 2x INTEL Xeon 6138
  • RAM: 4x 32 GB DDR4

What do you think about it?