Recent Questions - Server Fault |
- Can Application Experience service recyle an AppPool?
- How to restore or fix bootloader on a PC with SSD/Win10 and a hard drive with dual boot Ubuntu and Win 10?
- Unbound DNS resolver is restarting constantly
- Ubuntu Server External Connection Issues
- BBB Not Storing Recordings in NFS
- Samba server with copied SID fails mounts with STATUS_INVALID_SID
- Linux server quota in percentage? [closed]
- What happens if same user are in two different ntfs-group with different permissions
- Redirect specific trafic throw a vpn interface
- SuperMicro 16-Bay chassis only recognizes 12 drives
- OpenVPN IPv6 address-less tap interface
- Connecting Azure Site-to-Site VPN to On-prem Gateway with 2 public IP's
- Where is IIS output cache location, and how can I relocate it?
- can fail2ban add deny rules to nginx instead of using iptables
- block nginx connection after multiple 404 s
- How to download millions of s3 files and compress them on the fly?
- rsync a directory with its own descendant
- MySQL connector/ODBC connection error following a DNS mismatch
- Library Won't Update
- A TLS fatal alert has been received with exim4 in debian 9
- Can I enable TLS 1.3 with Certbot?
- How to fix the "Redis is busy running a script" error
- Can not open website hosted on LAN web server by browser, though No-IP Dynamic DNS through router OK
- Can't stop Azure AD Connect Service
- megacli commands return exit code: 0x00 with PERC H200
- How to set custom $_SERVER variable for PHP
- Nginx proxy_pass not working for subpages
- send NameID claim without encryption in ADFS 2.0
- How to redirect request at the haproxy level to fetch file from CDN?
- How much RAM does a server actually need?
Can Application Experience service recyle an AppPool? Posted: 28 Feb 2022 08:25 AM PST I'm experiencing the mysterious recycling of an app pool once in a day or two. The event log says "An administrator has requested a recycle of all worker processes in application pool 'API'", but the only person logged in was me, and I'm pretty sure I didn't do it. Every time, just a few seconds before the recycle, the Application Experience service was started. Could it cause the recycling somehow, and how? Windows Server 2021 R2, IIS 8.5. |
Posted: 28 Feb 2022 08:15 AM PST I wanted to configure my system so that I have master SSD drive which will be main booting device and a slave 1TB hard drive where I will install software files and games. The hard drive already had dual boot Ubuntu and Windows 10. But now since I wasn't thinking much and installed parallel Win 10 on the SSD drive, now the PC boots into the Windows-like option menu to choose which Windows to boot with, the one from the SSD or the one from the hard drive. The option to choose Ubuntu is gone. I might have some files in the Ubuntu system. Should I just make a bootable Ubuntu usb and run from there, which will fix the boot loader and find Ubuntu so that I can log in to it and get my files? Or should I do something else? Note: Is EasyBCD powerful enough to find all three operating systems? I can reinstall Windows after, just want to check the files on Ubuntu |
Unbound DNS resolver is restarting constantly Posted: 28 Feb 2022 07:29 AM PST I have Unbound 1.13.1 installed on Debian 11.0 (bullseye) but it's restarting frequently due unknown reasons, below are log entries between restarts: What might be the reason for these restarts? |
Ubuntu Server External Connection Issues Posted: 28 Feb 2022 07:38 AM PST I am currently attempting to run a server for Lego Universe using some sort of windows UBUNTU CLI. (Not familiar with linux or CLI, just followed a tutorial to set it up.) Ubuntu was installed using wsl --install-d ubuntu. It runs on my Windows PC. I'm sorry if any information is missing, I'm not sure what to include. This server runs perfectly fine for singleplayer as long as the game client is launched on the same machine that is hosting the server. The problem starts when I try to connect to the server using a different device, even when I am on the same network. My assumption is that there is some sort of gap that needs to be bridged between the linux based server and my router since the server is technically a VM (I think). Therefore even though I have forwarded all the ports in my router settings and in the ufw firewall, external devices can't jump the gap. If this is the case, is there a way to get my router to recognise the (what I'm assuming is a) VM as a standalone device in order to direct external connection attempts directly to the server, or a way to redirect external devices to the VM once they have reached my machine? If not, any help will be appreciated. Side note: My knowledge of coding etc doesn't really extend past GCSE level python and HTML or anything I have briefly looked at online so please go easy on me. Thanks to anyone that even bothers to read this btw, probably painful AF. Edit: Somebody suggested using hyper-v before the parent comment got deleted. I don't have windows 10 pro so if there isn't a free workaround, it's not gonna work for me. |
BBB Not Storing Recordings in NFS Posted: 28 Feb 2022 06:31 AM PST I have a big blue button server configured and a scalelite where NFS mount is created and shared with BBB. However, BBB still stores the recordings in the same server. I have tried the answer provided by Fred in the link: https://groups.google.com/g/bigbluebutton-setup/c/Wmn92ejPJxg, but no luck still. My ls -al doesnt show mapping to the NFS mount folder. Any help or workaround would really be appreciated. |
Samba server with copied SID fails mounts with STATUS_INVALID_SID Posted: 28 Feb 2022 06:15 AM PST In my Linux based infrastructure I run MIT Kerberos and LDAP for authentication. For the very few Windows VM clients I use a Samba stand-alone file server. It has it accounts stored in LDAP as well. The infrastructure is decades old and is the remainder of a NT domain. I now have a second site. I cloned my file server and set-up a new Samba server. I followed this post or this post in the past and simply had my stand alone servers all with the same SID, since otherwise the servers are not able to authenticate users. So, I copied the SID for my workgroup to the new sambaDomainName entry created by my new server. Just as I did a couple of years ago for the old server. While I still can mount the shares of my old server, trying to mount shares from the new server produces Any idea why the SID is invalid? I don't see any difference to the other SID; neither by I know it's a hacky solution. Moving to AD is no option. Since I heard that NT domains may be be dropped by Microsoft soon, I don't want to set up another PDC / BDC system. Actually, the copy SID solution was a work around during a time where samba had a known bug with Is there another method to have multiple samba servers using the same ldapsam? |
Linux server quota in percentage? [closed] Posted: 28 Feb 2022 05:44 AM PST Hi is there any way to use quota with a percentage of disk space left? I am trying to prevent Linux users on a shared remote server from making the / disk completely full while they are using conda / docker... |
What happens if same user are in two different ntfs-group with different permissions Posted: 28 Feb 2022 05:12 AM PST I have two domain local groups
two of my users (User A & B) are in both groups. I want that the both groups have permission on my "Data" Folder. My question is, what permission whould the user A & B have ? Change or only read permission ? |
Redirect specific trafic throw a vpn interface Posted: 28 Feb 2022 05:41 AM PST I, I wold like to redirect specific ports throw a specific interface. Until now what i acomplished it was cat /etc/iproute2/rt_tables | grep "200 force.route" > /dev/null if [ $? != 0 ]; then echo "200 force.route" >> /etc/iproute2/rt_tables fi ip rule del from all fwmark 200 table force.route ip rule add from all fwmark 200 table force.route ip route del 0.0.0.0/1 via 92.240.245.1 dev tun_02 table force.route ip route add 0.0.0.0/1 via 92.240.245.1 dev tun_02 table force.route ip route flush cache iptables -A OUTPUT -t mangle -o br0 -p icmp -j MARK --set-mark 200 but,.... when i ping the packages go throw the specific device see with tcpdump -i tun_02 , then, expecting response but i don't have a respose to echo-request. How can i acomplish that ? Until now is what i acomplished. Best Regards, Ricardo Matos. |
SuperMicro 16-Bay chassis only recognizes 12 drives Posted: 28 Feb 2022 05:04 AM PST I recently purchased two refurbished Supermicro SC836TQ (3U, 16bay) chassis with SAS backplanes (Standard SAS836-TQ planes). One works perfectly fine, but the other fails to recognize/initialize any disks installed in the right-most column. Unfortunately, I'm a little out of my depth in this, so I'm looking for common causes and/or ways to troubleshoot or fix. Any help would be greatly appreciated! |
OpenVPN IPv6 address-less tap interface Posted: 28 Feb 2022 04:43 AM PST I am trying to upgrade an openvpn server and I have an issue regarding IPv6 config. I can't figure how to configure a tap interface without an IPv6 address, and still be able to assign IPv6 addresses to the connected clients. For reasons linked to the structure or our network, the VPN has to be in bridge mode (tap interface), and all routing from / to VPN clients is done on a separate router device (the openvpn server is a dedicated linux box that I only use to offload VPN processing from that router, it does no routing / forwarding by itself). In my current setup, the tap virtual interfaces have no IPv4 nor IPv6 addresses, they are bridged with physical or VLAN interfaces, and the only addresses clients see are those of the router. The openvpn box just distributes IPv4/IPv6 addresses to the clients when they connect. Excerpt of my current server config (only relevant parts) : This works exactly as expected in OpenVPN 2.3 : the box has no address attached to the tap-vpn interface, and distributes addresses IPv4 192.0.2.11 - 192.0.2.40 and IPv6 starting from 2001:db8:1234:5678::11 , and it pushes routes as expected to the clients, with gateways 192.0.2.1 and 2001:db8:1234:5678::1 . For security reasons, I disable IPv6 at kernel level on that interface : Upgrading to a more recent version breaks this setup, in the sense that ifconfig-ipv6 now wants to assign an IPv6 address to the interface, and having IPv6 disabled at kernel level simply prevents openvpn from starting. Removing the ifconfig-ipv6 directive is also not possible, as ifconfig-ipv6-pool needs it. I know that tun-ipv6 is now deprecated, but removing / adding it doesn't seem to change anything. I have read various documentation, including of course the man page, and reviewed this, this and this thread, but none of these seems to address my concern. If it is really impossible to achieve the setup I am intending, then I will find other ways to secure the VPN machine, like a local firewall, but I would find more elegant to just have no IPv6 address on the tap (like I have no IPv4) and just use it as a bridging component. FWIW, I am using slackware64 15.0 on a PCEngines APU mini-PC, but the issue is probably not at OS layer. Any help or pointer to a working example would be much appreciated. |
Connecting Azure Site-to-Site VPN to On-prem Gateway with 2 public IP's Posted: 28 Feb 2022 05:55 AM PST I have a cisco ISR on-prem with 2 endpoints (primary and secondary) and I want to connect my Azure VPN Gateway to both endpoints through a single connection (same local address space for both IP's). When creating an Azure local network gateway I can only enter 1 public IP address, not 2. Is there a way to connect with 2 IP's from the Azure VPN Gateway? Thank you |
Where is IIS output cache location, and how can I relocate it? Posted: 28 Feb 2022 08:28 AM PST I've successfully configured IIS output cache. However after repeated google pagespeed tests it seems that the page speed is even slower with output caching compared to without output cache configuration. My guess it is because the very slow system drive. I have an SSD data drive too in the system, so just for the proof of concept I would like to test a configuration where the IIS output cache is on that drive. I found the application pool temp folder, and the temp compressed files folder, what are have some information how to relocate them, but I think neither is the output cache disk location. Is it possible to relocate the output cache location? |
can fail2ban add deny rules to nginx instead of using iptables Posted: 28 Feb 2022 06:36 AM PST I'm having one server, that is behind a reverse proxy, that I don't control. I'd like to use fail2ban to block nginx traffic under certain conditions. normally fail2ban useses iptables to block traffic originating from the intruder's IP However my server is behind a reverse proxy and from my server's point of view all traffic originates from the reverse proxy: I found following url https://forums.freebsd.org/threads/fail2ban-behind-a-proxy.55041/ that suggests tu use However the reverse proxy that I cannot control forwards the traffic as https traffic, meaning, that I cannot introspect the traffic for Thus my question. Do others have a similar scenario and is there an existing Or do I have to handcraft a script trying to do this (edit nginx the nginx configuration and reload nginx) What other solution would allow me to tell nginx dynamically which requests (containing specific |
block nginx connection after multiple 404 s Posted: 28 Feb 2022 06:57 AM PST I'd like to protect two servers against attackers who blindly probe for urls. my idea is to block requests after a certain amount of 404 status codes. I could do this with fail2ban. However one of the servers is behind a reverse proxy that I do not control that does not communicate the originating IP address (and it will need a very long time before the request of forwarding the originating IP address will be handled), meaning that from nginx's point of few all requests originate from the revere proxy and obviously I don't want to block all incoming traffic if somebody provoques too many 404s. Is there any way (without fail2ban, with fail2ban or with any other tool) to detect at least 404 errors from the same https connection and to terminate this connection or to let it 404 unconditionally for any subsequent request? Please tell me if my question is not clear and I'll try to rephrase it, to give more information. |
How to download millions of s3 files and compress them on the fly? Posted: 28 Feb 2022 06:08 AM PST I have an S3 bucket with millions of files, and I want to download all of them. Since I don't have enough storage, I would like to download them, compress them on the fly and only then save them. How do I do this? To illustrate what I mean: aws s3 cp --recursive s3://bucket | gzip > file |
rsync a directory with its own descendant Posted: 28 Feb 2022 07:56 AM PST tl;dr: I want to Before you ask the obvious question, "Why would you want to do that?" or point out how much better another approach would be, this is a business requirement. It's not my choice, and I'm aware of the risks, so just indulge me. I do not intend to justify the approach any further. 🙂 Details: I want to The difficulties are to...
|
MySQL connector/ODBC connection error following a DNS mismatch Posted: 28 Feb 2022 08:18 AM PST I have troubles configuring a new MySQL connection with ODBC Data Sources (64bits) utility on a Windows Server 2019. I'm using MySQL Workbench to define remote accesses as follow: The user is granted a I have noticed that the server from which I need to initiate the connection ( So far, I have tried to flush the DNS cache on my Windows Server 2019 from which I initiate the connection. I have also tried to set up the connection from another user session and after server reboot. Issue is still there: Error message: The user credentials work fine from another Windows Server 2019, so connection details are good. Any idea to help? Thomas |
Posted: 28 Feb 2022 07:11 AM PST I'm trying to update my libarchive library on CentOS 7. Currently, I have version 3.1.2. If I type the following command, here is the result: I was able to find an .rpm file, online, which provides libarchive 3.5.2. I'd like to update to this newer version. So, I attempted to install the package by typing the following: Even though it shows warnings, I would expect that it installed. After all, they're warnings, not errors. However, if I type the following command, it doesn't show that the package was installed. I've also tried compiling from source, based on a downloaded .tar file from the libarchive.org website. The procedure seems to go well, but I still only show the old, 3.1.2 version of libarchive when typing the So, how would I update this library? If it has been updated, why don't these commands show that it has been updated? Thanks for your time. |
A TLS fatal alert has been received with exim4 in debian 9 Posted: 28 Feb 2022 07:05 AM PST I am trying to configure my server to send mail and I receive an "TLS fatal alert" error every time I try to send mail. I have followed the steps indicated in this post related to my problem to try to overcome the problem, but it finally gives me the error that I describe:
I try to connect to my mail server by tls:
I dont know why appear CN=server.example.com like subject. The /var/log/exim4/mainlog file said: In my linode-vps the main domain is gestiondecorreos.es and orbelanet.com is another domain i am running smtp tests on. Thanks in advance! Mikel |
Can I enable TLS 1.3 with Certbot? Posted: 28 Feb 2022 08:07 AM PST I am working with Nginx and Certbot, I have secured a domain with HTTPS. I would like to get the domain up to TLS 1.3. The Nginx server block for my domain get's it's SSL protocols from the included file Certbot creates. The file I want to modify the file's Is is possible to tell certbot to enable TLS 1.3? Software Versions
|
How to fix the "Redis is busy running a script" error Posted: 28 Feb 2022 08:07 AM PST My servers are repeatedly crashing due to receiving the following error from Redis: However, I can't seem to find a way to determine what is this "script" the message is referring to, and how I may terminate the script. Any help would be appreciated. |
Can not open website hosted on LAN web server by browser, though No-IP Dynamic DNS through router OK Posted: 28 Feb 2022 06:06 AM PST My LAN server is using IIS ver 10. Someone told that the problem is because my LAN web server is behind the router. So I directly connected my web server pc to cable bypassing the router. But then also I get the same error when I type URL _.ddns.net OR external IP address:port in the browser. What other settings should I do to solve this problem? The output of Ipconfig /all is here when my pc is connect to internet by cable. C:\Users\niranjan>ipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . . : DESKTOP-HH2O346 Wireless LAN adapter Local Area Connection* 9: Media State . . . . . . . . . . . : Media disconnected Wireless LAN adapter Local Area Connection* 10: Media State . . . . . . . . . . . : Media disconnected Ethernet adapter Ethernet: Connection-specific DNS Suffix . : PPP adapter GTPL BB 2: Connection-specific DNS Suffix . : Wireless LAN adapter Wi-Fi: Connection-specific DNS Suffix . : Sorry for lengthy post. |
Can't stop Azure AD Connect Service Posted: 28 Feb 2022 05:07 AM PST Have an on-prem server for Azure AD Connect service. Today I noticed that a Delta Import (we run a delta sync on the scheduler every 30 mins) was In-Progress with no estimated end time. It is sitting like that until the next scheduled sync, then it terminates it and starts the cycle over again. I think I have pinpointed the issue (it's with a change to the ADSYNC account) but I am unable to stop the AD Connect service to change the run profile properties. I have: - tried to stop the run profile from MSIClient (it just saying stopping and then running again immediately) - tried to force stop the scheduler from powershell (hangs forever) - tried to force stop the service on the server (hangs forever then errors out) No windows updates have been applied in the last week and no one has touched the sync service on the server for over a month. Event logs aren't providing any information at all other than ProvisioningServiceAdapter::ExecuteWithRetry: Action: ImportV1 will be retried after 00:00:15. Attempt 0 of 5. Is there any way to force stop this service beyond what I have tried? Anyone else experiencing this problem? |
megacli commands return exit code: 0x00 with PERC H200 Posted: 28 Feb 2022 06:15 AM PST Megacli does not want to talk to a PERC H200 adapter on one of our systems. This is what happens (all commands run as "root"): System description (I did not configure this system): Relevant (probably) dmesg lines: All other megacli commands tried return nothing but "Exit Code: 0x00". Is some other tool needed to talk to an H200? |
How to set custom $_SERVER variable for PHP Posted: 28 Feb 2022 05:07 AM PST I'm working on a PHP web app which ALSO has some command line tools. I need the command line tools to detect the environment so that they connect with the correct DB credentials etc. The web app does this easily by checking I'd like to create my own I found this solution, but I don't see the same files in I'm on a Dreamhost VPS, which runs Ubuntu 12.04 LTS |
Nginx proxy_pass not working for subpages Posted: 28 Feb 2022 07:05 AM PST I'm trying to set up an nginx proxy_pass that does the following url is example1.com this needs to redirect to example2.com, but keep saying example1.com. This works for the root page, but not for the subpages. Here is what I have so far What we want is for all example1.com/page to go to the correct page on example2.com/page but keep displaying example1 in the url |
send NameID claim without encryption in ADFS 2.0 Posted: 28 Feb 2022 07:03 AM PST My Service Provider issues a SAML 2.0 AuthRequest with a NameIDPolicy tag like so: This causes ADFS 2.0 to correctly issue a SAML Response containing an encrypted NameID token created by a rule similar to the one found here So far so good, however, my Service Provider doesn't seem to understand the encrypted NameID claim and is expecting it to be unencrypted while at the same time having the name-format as As per this document, ADFS2.0 treats request for transient or persistent NameID formats as privacy scenarios (and hence the encryption) So my question then would be: Is there any way to have ADFS 2.0 generate the NameID claim with Format=transient and an unencrypted NameID like so: |
How to redirect request at the haproxy level to fetch file from CDN? Posted: 28 Feb 2022 06:06 AM PST For a given url pattern, I want the contents of the file to be fetched from a CDN and not from my web server. example: I need to extract: ford new 1 2 I want to fetch the file from the s3 (or CDN) like: Is this possible at the HAProxy level or would I have to do this in nginx somehow? The earlier in the pipeline the better obviously. |
How much RAM does a server actually need? Posted: 28 Feb 2022 05:55 AM PST I have a quite a few servers deployed around the world. They are running Windows 2003 x64 with SQL Server 2005 x64 with 6 GB of RAM. The boxes do not have the best (or even an acceptable) configuration, because the guy that ordered them years ago didn't really know what he was doing. The boxes are fairly consistently running out of memory, end up using the paging file and everything slows down. Typically the commit charge is 5.8GB and then when someone needs to do something intensive (e.g. run a report), that number goes through the roof. I've been trying to get the powers that be order more memory, but I am getting massive opposition (e.g. make the software more performant, costs too much for all these servers, or prove that the box does not have enough memory, etc...). Are there guidelines (or a formula) for how much RAM a box needs that I can present to non-techies, so that we can finally order more memory? |
You are subscribed to email updates from Recent Questions - Server Fault. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States |
No comments:
Post a Comment