Recent Questions - Server Fault

---

• Docker accessible via localhost:8080 & 127.0.0.1:8080 but not via IP
• Are DDoS attacks a real threat to small websites?
• Docker Redsocks as proxy for all traffic
• Redirect all pages to non www and one page to www
• Attack and install RAT from wi-fi network [closed]
• AWS ALB - health check to port 3306 (DB)?
• What is the Lightest Server OS to develop and run PHP/MySQL NodeJS apps on local environment such as Office Space?
• Nameservers, DNSSEC, email and PTR on 1 IP address
• My Compute Engine Instance disappeared
• How to block non vlan traffic for an ip address on linux
• Max Hard Drive Size for SATA 2
• Can't connect to my localhost server with my public IP
• Node pool selection
• AWS Athena Query 2 separate tables together
• Is using Azure Data Factory for transformation of Azure hosted Snowflake efficient?
• what's root cause of "A start job is running for Create Volatile Files and Directories"
• Azure Virtual Machine can only connect to *.microsoft.com
• What is the difference between S3 Multi-Region Access Points and AWS CloudFront?
• BIND: enabling logging of denied queries
• Folder Redirection GPO fails with 502 "Can't create folder" error for folders that already exist
• OpenVPN - Cannot ping server computer from client
• Not logic in docker filter
• Azure Disks-Adding disk without stopping it
• Enable TLS 1.2 in Windows Server 2012 running Exchange 2013 via IIS 8.0
• How can I access my tomcat server running on my network remotely
• SQL error log can't create/write to file
• How to use nested Nginx location blocks (prefixes vs. regex directives)?
• confusing result on Apache server status results
• How to create an SHA-512 hashed password for shadow?
• SAP Homogeneous copy : How do you handle BDLS steps

Docker accessible via localhost:8080 & 127.0.0.1:8080 but not via IP Posted: 24 Apr 2022 05:02 AM PDT I have the below scenario - 3x Vagrant VMs are spinned from the below Vagrantfile, up and running (visible within Oracle VirtualBox). I am logged on docker1, the network type is "NAT", portforwarding is used (Guest:8080, Host:8080). I am able to access the page from localhost:8080 & 127.0.0.1:8080 & 127.0.1.1:8080. However, I have no access via the IP (192.168.99.101:8080 is "Taking too long to respond" and can't be reached). Vagrant.configure("2") do |config| config.vm.define "docker1" do |docker1| docker1.vm.box="xxx/centos-stream-8" docker1.vm.hostname = "docker1.do1.lab" docker1.vm.network "private_network", ip: "192.168.99.101" docker1.vm.provision "shell", path: "docker-setup.sh" docker1.vm.provision "shell", path: "other-steps.sh" docker1.vm.provider :virtualbox do |vb| vb.customize ["modifyvm", :id, "--memory", "1536"] end end config.vm.define "docker2" do |docker2| docker2.vm.box="xxx/centos-stream-8" docker2.vm.hostname = "docker2.do1.lab" docker2.vm.network "private_network", ip: "192.168.99.102" docker2.vm.provision "shell", path: "docker-setup.sh" docker2.vm.provision "shell", path: "other-steps.sh" docker2.vm.provider :virtualbox do |vb| vb.customize ["modifyvm", :id, "--memory", "1536"] end end config.vm.define "docker3" do |docker3| docker3.vm.box="xxx/centos-stream-8" docker3.vm.hostname = "docker3.do1.lab" docker3.vm.network "private_network", ip: "192.168.99.103" docker3.vm.provision "shell", path: "docker-setup.sh" docker3.vm.provision "shell", path: "other-steps.sh" docker3.vm.provider :virtualbox do |vb| vb.customize ["modifyvm", :id, "--memory", "1536"] end end end the docker-setup.sh file is below: #!/bin/bash echo "* Add Docker repository ..." dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo echo "* Install Docker ..." dnf install -y docker-ce docker-ce-cli containerd.io echo "* Enable and start Docker ..." systemctl enable docker systemctl start docker echo "* Add vagrant user to docker group ..." usermod -aG docker vagrant the other-steps.sh file is below: #!/bin/bash echo "* Add hosts ..." echo "192.168.99.101 docker1.do1.lab docker1" >> /etc/hosts echo "192.168.99.102 docker2.do1.lab docker2" >> /etc/hosts echo "192.168.99.103 docker3.do1.lab docker3" >> /etc/hosts echo "* Install Additional Packages ..." dnf install -y jq tree git nano echo "* Firewall - swarm - open ports ..." firewall-cmd --add-port=2377/tcp --permanent firewall-cmd --add-port=4789/udp --permanent firewall-cmd --add-port=7946/tcp --permanent firewall-cmd --add-port=7946/udp --permanent echo "* Firewall - app - open port 8080 ..." firewall-cmd --add-port=8080/tcp --permanent firewall-cmd --reload The networks are below: [vagrant@docker1 etc]$ docker network ls NETWORK ID NAME DRIVER SCOPE f2351cd29061 bridge bridge local f91a21d83931 docker_gwbridge bridge local c5fc9aedf330 host host local oc2i4c2czira ingress overlay swarm 50fe2b72573c none null local The etc/hosts content is here: [vagrant@docker1 etc]$ cat hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 127.0.1.1 docker1.do1.lab docker1 192.168.99.101 docker1.do1.lab docker1 192.168.99.102 docker2.do1.lab docker2 192.168.99.103 docker3.do1.lab docker3 I've researched tons of articles with the same issue but still cannot find a solution. I suppose this might have something to do with the DNS resolution of the IP address in queistion...? Appreciate your help!

Are DDoS attacks a real threat to small websites? Posted: 24 Apr 2022 04:39 AM PDT Good morning, I've been hosting a small, company website and a private NextCloud instance (file hosting for teamwork) for ~2 years. During this time I've been paying my hosting for a DDoS protected IP address, however I haven't experienced any attacks so far and everything seems to be running without any issue. This lead me to think about getting rid of the DDoS protection to save money (the DDoS protection alone is about 50% of my bill). Do you think DDoS attacks are a threat small website owners should worry about? If so, are there any free and effective ways I could protect myself or should I continue paying for the outsourced protection service?

Docker Redsocks as proxy for all traffic Posted: 24 Apr 2022 03:56 AM PDT I'm using redsocks to connect to my socks5 proxy and everything works fine but because docker creates an new interface named docker0 no traffic gets forwarded to REDSOCKS Standart Redsocks config iptables -t nat -N REDSOCKS iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports 12345 iptables -t nat -A OUTPUT -p tcp --dport 443 -j REDSOCKS iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDSOCKS iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDSOCKS iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDSOCKS How can I now proxy all traffic comming from docker to Redsocks?

Redirect all pages to non www and one page to www Posted: 24 Apr 2022 02:54 AM PDT I want to redirect all my internal pages(eg: example.com/about) to their non www version but I want my homepage(https://example.com) to redirect to it's www version(https://www.example.com) I searched many articles on the internet but it could not work. If set both rules then the internal pages get redirected fine but the homepage gets trapped in a loop. I don't know how to code so please it's a request if you could write the code which I should paste in my .htaccess file Currently I have set all pages to redirect to their non www versions(even homepage) with the below code: <IfModule mod_rewrite.c> RewriteEngine on RewriteCond %{HTTP_HOST} ^www\.example\.com [NC] RewriteRule ^(.*)$ https://example.com/$1 [L,R=301] </IfModule> # BEGIN Sitepad <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . index.php [L] </IfModule> # END Sitepad

Attack and install RAT from wi-fi network [closed] Posted: 24 Apr 2022 02:56 AM PDT I am using a wireless network as my internet connection. Some malicious people behind this network hacked my pc by malicious rat. The payload of that rat was attached to google update exe file. Here is scan of that file : google update scan file - payload injection And i installed a monitor on my windows machine and that monitor is grabbing many incoming traffic like this : my monitor Would you please tell me what are those ip and ports? How can i find those connections from windows logs to see what is going on.

AWS ALB - health check to port 3306 (DB)? Posted: 24 Apr 2022 02:01 AM PDT I have a ALB with it's target group, the HTTP health checks are running fine. I would like to do the same to port 3306 (because we have been dealing with some issues with our DB), and maybe add to this new health check a SNS to notify us when it crashes. Is there a way to do it with the feature of adding the SNS notification? Lambda, another target group?

What is the Lightest Server OS to develop and run PHP/MySQL NodeJS apps on local environment such as Office Space? Posted: 24 Apr 2022 01:36 AM PDT I have an old Desktop Computer with the following Hardware specification: Intel Pentium D 3.00 Dual Core. Ram 5GB Nvidia GeForece GT 710 SSD 256 GB Basically, what I want to achieve is to install a Server OS to run intranet applications such as OrangeHRM, WordPress and/or some NodeJS apps, Django Based apps and Rails-based App. I would like to configure it so that users on the local network can communicate with the intranet server using IP or intranet domain such as MyOfficeServer.local etc. Around 10 to 15 PCs could communicate with the server simultaneously. I would like to have your expert suggestion on what ServerOS should I install on this PC, and what kind of Control Panel would be the best to suit my needs? Here are some details on what tools will be used Heavily. Apache or Nginx, NodeJS, PHP + Laravel, CMS's and CRM's MySQL, Postgress Ruby + Rails Python + Django Currently, I am running a Windows 7 but the load is very heavy, Linux OS with a decent Cpanel alike environment installed maybe could help with the resources but what's the best OS for it? Ubuntu? CentOS? I am comfortable with CMD "Terminal". CPU usage matters in one way or another. Your help would be highly appreciated.

Nameservers, DNSSEC, email and PTR on 1 IP address Posted: 24 Apr 2022 01:48 AM PDT I have a domain registered with Directnic for my business. This registrar has its own nameservers and DNS records management as expected. To setup DNSSEC I am asked for algorithm, key tag, digest type and digest; this means that I need a third party DNS to setup DNSSEC. Currently I use a third party shared hosting account to manage DNS records and DNSSEC because of this issue, but I do not want to depend on this shared hosting account for my business. The VPS I use for business only has 1 IP address, I know it is possible to use the same IP address for multiple nameserver domains. I have googled for information before posting here, some people are concerned with the fact that only one of these nameserver domains sharing the same IP can get a valid PTR record. Why do people want to set PTR records for the nameserver domains? Currently I have a PTR record set for the IP of my VPS because I am sending emails from it, should I separate nameserver domain and mail server domain?

My Compute Engine Instance disappeared Posted: 24 Apr 2022 12:25 AM PDT My Compute Engine disappear last month I believe it was due to lack of funds in my billing account at the settlement date which was end February. I realised it 3 days into March and funded the billing account but when I checked my Cloud Dashboard the Instance was not there. Is there any means I can get it back ?. Thank you.

How to block non vlan traffic for an ip address on linux Posted: 24 Apr 2022 12:17 AM PDT I have a vlan created on a Linux vm and assigned ip address to it.I would like to block all incoming traffic to the IP address that is not coming from the same vlan I would still like to able to send traffic to similar ips that are in different hosts but on same vlan How is that possible ? Any configuration that can be done

Max Hard Drive Size for SATA 2 Posted: 24 Apr 2022 12:57 AM PDT Recently acquired a 1U Supermicro E3-1230 with two 3.5" drive bays, and thinking of buying two 18TB SATA-3 hard drives for it. Before I make this investment, would anyone know if SATA-2 (3 Gbps) would support 18TB drives with their full 18TB capacity, with a motherboard BIOS date from 2011? All SATA docs talk about the speed difference between SATA-2 (3 Gbps) and SATA-3 (6 Gbps), and little about capacity compatibility. OS will be Linux 64-bit which is 18TB compatible, if the SATA bus supports it. Motherboard is a Supermicro X9SCL.

Can't connect to my localhost server with my public IP Posted: 24 Apr 2022 04:33 AM PDT I have created a local node server on my laptop. And I can access it using the private IP (like 192.168.1.9:8080) on same network on my other devices like phone and other PC. I have disabled firewall. But now I want to access it using my public IP. So that anyone using a different Internet connection can also connect to it. But it just doesn't respond. I added a DMZ Host: Then I added this port forwarding setting (I saw it on YouTube tutorial). I'm not very sure if it's correct or not. And here is network status: But it made no difference. Am I doing something wrong? Note: My problem is probably not related to Hairpin NAT. PS: If you think I've shared some sensitive/private information in the screenshots, please let me know I'll update it immediately.

Node pool selection Posted: 24 Apr 2022 05:10 AM PDT I have a Kubernetes cluster with many node pools. Sometimes the deployment fails because the selected node pool that Kubernetes select has not enough available resources. Is there some way to force Kubernetes to select a node pool with the amount of resources that the whole set of pods requested?

AWS Athena Query 2 separate tables together Posted: 24 Apr 2022 04:57 AM PDT I have 2 Tables, and i need to query them together, for example. From the first table i get results with my query: InstanceID, title, status and etc... From the second one: key, value, region and etc... I want to make 1 query so i can get the results from both of them. My 1st query: SELECT id, status, title, resourceid, accountid FROM test.awstest01 WHERE status = 'NoTest' AND compliancetype = 'Closed' ORDER BY 1 DESC limit 1000; 2nd query: SELECT key, value, region FROM "test777"."awstest05" WHERE value = 'Program' limit 1000; Any help will be appreciated. Thanks

Is using Azure Data Factory for transformation of Azure hosted Snowflake efficient? Posted: 24 Apr 2022 03:49 AM PDT I'm trying to understand the efficiency of using Azure Data Factory for transforming data within Snowflake (Azure based). We have two possible scenarios and want to pick the most efficient: Scenario 1: Data Factory orchestrates the ingestion of raw data to Azure SQL Data Factory orchestrates the transformation and loading of raw data in Azure SQL to summary tables in Snowflake. Historic raw data is kept in Azure SQL. Scenario 2: Data Factory orchestrates the ingestion of raw data into Snowflake Data Factory orchestrates the transformation of raw data in Snowflake to summary tables in Snowflake. Historic raw data is kept in Snowflake. Does scenario 2 incur additional costs in egress of raw data to ADF (data sets) from Snowflake in the transformation step or does it all happen in Snowflake without data set egress? Reading the ADF documentation, it seems the compute itself happens on the linked service (i.e. Snowflake), not within ADF itself, but does that mean that data does not leave Snowflake when ADF transforms it? Let me know if the question isn't clear. Thanks!

what's root cause of "A start job is running for Create Volatile Files and Directories" Posted: 24 Apr 2022 01:50 AM PDT Stuck at "A start job is running for Create Volatile Files and Directories" after reboot a server(Debian 9.5, 64bit), and solve by this "boot-stuck-at-a-start-job-is-running-for-create-volatile-files-and-directories". I can't figure out what is the root cause of this issue, although search from many questions which are not refer the root cause but just the varied solutions that not meet me. We have not reach the limit of file or (sub) directory, and set the dir_nlink for ext4. # sudo tune2fs -l /dev/debian-vg/root | grep dir_nlink Filesystem features: has_journal ext_attr resize_inode dir_index filetype needs_recovery extent 64bit flex_bg sparse_super large_file huge_file dir_nlink extra_isize metadata_csum And the are more than 50% capacity of inode and disk. The original /tmp directory only little file and directory, total disk space usage only 1G. Some info: $ cat /proc/cmdline BOOT_IMAGE=/boot/vmlinuz-4.9.0-7-amd64 root=/dev/mapper/debian--vg-root ro net.ifnames=0 biosdevname=0 console0=tty0 console=ttyS0,115200n8 quiet $ mount sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime) proc on /proc type proc (rw,nosuid,nodev,noexec,relatime) udev on /dev type devtmpfs (rw,nosuid,relatime,size=4077900k,nr_inodes=1019475,mode=755) devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000) tmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=817924k,mode=755) /dev/mapper/debian--vg-root on / type ext4 (rw,relatime,errors=remount-ro,data=ordered) securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime) tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev) tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k) tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755) cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd) pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime) cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct) cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices) cgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids) cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event) cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio) cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory) cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset) cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer) cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio) systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=36,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=9039) mqueue on /dev/mqueue type mqueue (rw,relatime) hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime) debugfs on /sys/kernel/debug type debugfs (rw,relatime) tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=817920k,mode=700,uid=1000,gid=1000) $ lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT vda 254:0 0 1000G 0 disk └─vda1 254:1 0 1000G 0 part └─debian--vg-root 253:0 0 3T 0 lvm / vdb 254:16 0 4T 0 disk vdc 254:32 0 2T 0 disk └─debian--vg-root 253:0 0 3T 0 lvm / $ blkid /dev/vda1: UUID="ijfyeQ-***" TYPE="LVM2_member" PARTUUID="d6***" /dev/mapper/debian--vg-root: UUID="2d2294a9-***" TYPE="ext4" /dev/vdc: UUID="PXrGC9-***" TYPE="LVM2_member" $ sudo find /tmp/ | wc -l 28905144

Azure Virtual Machine can only connect to *.microsoft.com Posted: 24 Apr 2022 03:56 AM PDT I'm configuring a VM in Azure and when connecting to websites I get a RST response for every website other then *.microsoft.com domains. I can't figure out why this is, I have tested this on both Ubuntu 20.04, Windows Server 2019 and Windows Server 2022 Datacenter. I have tried multiple resource groups and there are no NSG's or UDR's blocking internet connectivity. Final note there are other servers on this resource group that don't have a problem with this

What is the difference between S3 Multi-Region Access Points and AWS CloudFront? Posted: 24 Apr 2022 01:02 AM PDT Can anyone explain the difference between S3 Multi-Region Access Points and AWS CloudFront? The documentation for a multi-region access point states: Multi-Region Access Points offer a global S3 hostname that provides access to multiple S3 buckets across AWS Regions with automatic routing and failover between buckets. The documentation for CloudFront states: Content delivery networks provide a globally-distributed network of proxy servers that cache content, such as web videos or other bulky media, more locally to consumers, thus improving access speed for downloading the content. There are of course major differences between both descriptions, but generalized speaking I understand both services as solutions to deliver content faster and more efficiently. What are there main differences?

BIND: enabling logging of denied queries Posted: 24 Apr 2022 02:08 AM PDT Im trying to get bind 9.11 (default on CentOS 8) to log queries, wich could not been answered or that lists clients that constantly querying the server, but are not allowed to. Finally I want to use this logging to feed it to fail2ban and block those "idiots". The server is a primary NS responsible to answer queries about domains its holds, but nothing more. First I tried to log everything, like described in https://kb.isc.org/docs/aa-01526 even with full debug level, but never found a logline including the word "denied" or similar, except when somebody asked for a complete zone transfers (wich are surely only allowed from the secondary NS) like this: 27-Aug-2020 11:40:47.317 client @0x7fd284052510 94.102.208.167#51041 (somedomain.com): zone transfer 'somedomain.com/AXFR/IN' denied When asking the server with a query for a name he is not responsible for, the client gets an: dig @ns.mydomain.com www.disney.com Non-authoritative answer: *** Can't find www.disney.com: No answer what is right, but bind only logs something like this: 27-Aug-2020 11:43:27.741 queries: info: client @0x7fd2840bf440 1.2.3.4#34369 (www.disney.com): query: www.disney.com IN A + (x.x.x.x) which gives me no clue, what kind of answer was send to the client. Current config is: logging { channel "my_queries" { file "/var/log/named.queries" versions 600 size 20m; print-time yes; print-category yes; print-severity yes; severity dynamic; }; channel "security_file" { file "/var/log/named.security"; severity dynamic; print-time yes; }; category "queries" { "my_queries"; }; category client { "security_file"; }; category security { "security_file"; }; category lame-servers { null; }; }; So: how can I create logentries for clients that where not allowed to ask the server in the first place ?

Folder Redirection GPO fails with 502 "Can't create folder" error for folders that already exist Posted: 24 Apr 2022 02:08 AM PDT For a very long time now, we have relied on a registry setting to handle folder redirection for our Documents folders. Part of the login script sets HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Personal to use \\fileserver\%username%. We have other scripts that automatically create and share those folders with working permissions at the same time user accounts are created. This works, but I know it's not the typical way to handle this. Especially with Windows 10, the semi-annual feature updates have occasionally broken the process. Therefore I'd like to start using the built-in (and supported) Folder Redirection GPOs. My test policy is setup with these options: Basic - Redirect everyone to the same location Redirect to the user's home direction Grant the user exclusive rights: UNCHECKED Move the contents of Documents: UNCHECKED Also apply redirection to Windows 2000 etc: CHECKED, but we have no systems like this Leave the folder in the new location when the policy is removed I have a test account with the old registry change removed from the login script. For other details, I'm testing from a Windows 10x64 1909 Enterprise computer. We have Server 2019 DCs, but we're at the 2012 functional level because I have one stinking Windows XP machine left I have to support :( I have this almost working, but unfortunately I get a 502 error in Event Viewer: Failed to apply policy and redirect folder "Documents" to "\\fileserver\testuser\". Redirection options=0x80009210 The following error occurred: "Can't create folder "\\fileserver\testuser"". Error details: "This security ID may not be assigned as the owner of this object.". The thing is... the folder already exists, and while the user is indeed not the owner, they do have modification rights. I do not want individual users to have rights to create new folders in the root of this share. I do not want to let Folder Redirection create these folders. We are comfortable with our existing user creation scripts. I just want it to use the folder that is already there. Is this possible, or will I have to make extensive modifications to our account creation scripts, file share structure, and update a few thousand existing shares? (Each of our current folders are their own shared, and not simply a directory in a parent shared folder).

OpenVPN - Cannot ping server computer from client Posted: 24 Apr 2022 05:05 AM PDT I am trying to get my OpenVPN setup working for our remote office. I've installed the OpenVPN community to server and client, created the certificates. Port forwarding rules are also in place, and connection between client and server can be made without a glitch. But when it comes to ping the client from the server or vice-versa, I got no luck. I've tried to temporiarly disable firewall for both server and client, but no dice. Both of the systems are running on Windows (7 on server, 10 on client). I'm using OpenVPN GUI v11.14.0.0. Here are my slimmed down versions of config files: Server: port 1194 proto udp dev tun ca ca.crt cert server.crt key server.key dh dh2048.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt keepalive 10 120 tls-auth ta.key 0 # This file is secret cipher AES-256-CBC persist-key persist-tun verb 3 explicit-exit-notify 1 Client: client dev tun proto udp remote xxx.xxx.xxx.xxx xxxx resolv-retry infinite nobind persist-key persist-tun ca "ca.crt" cert "client.crt" key "client.key" remote-cert-tls server tls-auth ta.key 1 cipher AES-256-CBC If relevant, here is the active routing table on the client, listed while VPN is connected: IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.43.1 192.168.43.64 50 10.8.0.1 255.255.255.255 10.8.0.5 10.8.0.6 281 10.8.0.4 255.255.255.252 On-link 10.8.0.6 281 10.8.0.6 255.255.255.255 On-link 10.8.0.6 281 10.8.0.7 255.255.255.255 On-link 10.8.0.6 281 127.0.0.0 255.0.0.0 On-link 127.0.0.1 331 127.0.0.1 255.255.255.255 On-link 127.0.0.1 331 127.255.255.255 255.255.255.255 On-link 127.0.0.1 331 192.168.42.0 255.255.255.0 On-link 192.168.42.1 281 192.168.42.1 255.255.255.255 On-link 192.168.42.1 281 192.168.42.255 255.255.255.255 On-link 192.168.42.1 281 192.168.43.0 255.255.255.0 On-link 192.168.43.64 306 192.168.43.64 255.255.255.255 On-link 192.168.43.64 306 192.168.43.255 255.255.255.255 On-link 192.168.43.64 306 224.0.0.0 240.0.0.0 On-link 127.0.0.1 331 224.0.0.0 240.0.0.0 On-link 10.8.0.6 281 224.0.0.0 240.0.0.0 On-link 192.168.42.1 281 224.0.0.0 240.0.0.0 On-link 192.168.43.64 306 255.255.255.255 255.255.255.255 On-link 127.0.0.1 331 255.255.255.255 255.255.255.255 On-link 10.8.0.6 281 255.255.255.255 255.255.255.255 On-link 192.168.42.1 281 255.255.255.255 255.255.255.255 On-link 192.168.43.64 306 =========================================================================== I feel that this is a problem of routing, but I have no clue about how to fix that. UPDATE: Here is my interface information on the client Ethernet adapter VirtualBox Host-Only Network: Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::e5fb:b1a6:a3ed:1715%23 IPv4 Address. . . . . . . . . . . : 192.168.42.1 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : Unknown adapter Yerel Ağ Bağlantısı: Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::2c58:53c1:6455:38df%9 IPv4 Address. . . . . . . . . . . : 10.8.0.6 Subnet Mask . . . . . . . . . . . : 255.255.255.252 Default Gateway . . . . . . . . . : Wireless LAN adapter Yerel Ağ Bağlantısı* 1: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Wireless LAN adapter Yerel Ağ Bağlantısı* 12: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Wireless LAN adapter Wi-Fi: Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::9da:bcc9:ee66:f9e4%8 IPv4 Address. . . . . . . . . . . : 192.168.1.23 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 Ethernet adapter Bluetooth Ağ Bağlantısı: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : UPDATE 2: I've just noticed that if I try to ping the server (10.8.0.1), number of bytes out which is show on the OpenVPN GUI increases, as ping packages being sent.

Not logic in docker filter Posted: 24 Apr 2022 12:00 AM PDT I have a named container that may or may not be up and if it is up I want to be able to kill all the containers but that one by name. Basically what I want is: docker kill $(docker ps -aq --filter="name!=<container-name>") sadly the internal docker ps command here raises the error: Error response from daemon: Invalid filter 'name!' I tried getting a similar result using grep -v: docker kill $(docker ps -q | grep -v $( docker ps -q -f name=<container-name>)) The problem is that if the container is not up (which very well may be) then the "docker ps -q -f name=" returns nothing and grep doesn't work with no pattern so this entire thing fails. Any suggestions?

Azure Disks-Adding disk without stopping it Posted: 24 Apr 2022 01:07 AM PDT Can anyone help me to know if we can add disk to azure vm without shutting it down or stopping the VM?

Enable TLS 1.2 in Windows Server 2012 running Exchange 2013 via IIS 8.0 Posted: 24 Apr 2022 01:07 AM PDT I got some issues getting the TLS 1.2 protocol running on one of our Windows Server 2012 machines. I checked this using ssllabs.com by Qualys and also tested with a powershell script and the linux tool "cipherscan". The server hosts one Exchange 2013 SP1 (CU4) Server, with IIS 8.0. The certificate used is issued by our company CA. Another Windows Server 2012 with the same Exchange 2013 SP1 (CU4) installation works perfectly with the same certificate. As I could research Windows Server 2012 uses TLS 1.2 by default. However this setting can be configured using the registry: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client DWORD "DisabledByDefault" Value "0x00000000" DWORD "Enabled" Value "0x00000001" or "0xffffffff" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server DWORD "DisabledByDefault" Value "0x00000000" DWORD "Enabled" Value "0x00000001" or "0xffffffff" Microsoft also mentions that this local group policy setting might help: System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing As this setting should be set inside the operating system Microsoft also recommends to enable TLS 1.2 usage in the Internet Options of Internet Explorer. I tried all of these 3 options, but none worked for me. Just to make this clear. The server (not just the IIS Service) was rebooted serveral times after enabling each of the settings. Most guides and Scripts (e.g. powershell) just set the corresponding keys in the registry. I don't know exactly what else I could try. I hope that somebody got the clue where to enable this.

How can I access my tomcat server running on my network remotely Posted: 24 Apr 2022 05:05 AM PDT I have a tomcat server running on my pc which I can access locally via: http://localhost:9090 (I changed the ports in the server.xml file). Now, I am having trouble accessing the tomcat server remotely (i.e. a different machine, I can test this with machines outside or inside of my LAN). Anyway, what I have tried is using the netgear genie interface to configure port forwarding. I have set all internal and external ports to 9090 (I tried using 80 for internal and 8080 for external but I they were already being used). When I point my browser to: http://my-ip-address:9090 and it just times out... If I don't add a port, I am prompted with a username and password with a message box that says: A username and password are being requested by http://my-ip-address. The site says: "SMC Dual WAN Load balancing VPN Router Administration Tools" This is NOT the same as the username and password that I needed to login to the netgear genie interface. Note that I use Ubuntu (12.04, 13.04 and 14.04) and tomcat7. Please help me get connected to my tomcat server remotely. Thanks for all the help, and let me know if you need any more information.

SQL error log can't create/write to file Posted: 24 Apr 2022 04:01 AM PDT I'm quite new to server administration but a keen learner, so if I miss anything or you need any extra info let me know and I'll do my best to provide it ASAP :) I'm running WordPress on a developer plan VPS over at media temple (meaning I have root access, everything is managed by me etc). My OS is Fedora, Apache is latest version and am using MariaDB for MySQL. When trying to read/write menus from the WP admin panel Apache writes this to its error log: [Fri Dec 13 04:28:59.296672 2013] [:error] [pid 11195] [client (my IP, omitted)] WordPress database error Can't create/write to file '/var/tmp/#sql_1ff_0.MAI' (Errcode: 2) for query (**lots of different queries**) This error repeats for about 20 different queries, and I've checked with perror that error code 2 for SQL means "No such file or directory". I would contact my host about this problem, but as I said I'm on a developer plan meaning they won't help me with anything. Generally from Googling around I can find an answer or solution but in this case I've come up with nothing.

How to use nested Nginx location blocks (prefixes vs. regex directives)? Posted: 24 Apr 2022 02:14 AM PDT I'm having trouble understanding nested locations in nginx. I have two locations with some configuration directives in common, so rather than repeat the directives, I'd prefer to repeat the URI using a regular-expression: location ~ /a|/b { location /a { } location /b { } } However, this gives the error nginx: [emerg] location "/a" is outside location "/a|/b" in /etc/nginx/nginx.conf:36 Without the or | it seems okay, though. location ~ /a { location /a { } } What am I doing wrong? Is there a better way to do this without repeating anything? Can I group locations in another way?

confusing result on Apache server status results Posted: 24 Apr 2022 04:01 AM PDT I have a CentOS 5.5 Final with Apache 2.2.3 and checking if there are some misconfigurations I settled up server-status page and querying a certain page I obtained this result: Apache Server Status for 192.168.3.23 Server Version: Apache/2.2.3 (CentOS) Server Built: Aug 30 2010 12:32:08 Current Time: Tuesday, 07-Aug-2012 16:27:17 CEST Restart Time: Tuesday, 07-Aug-2012 15:35:02 CEST Parent Server Generation: 0 Server uptime: 52 minutes 14 seconds Total accesses: 6263 - Total Traffic: 12.2 MB CPU Usage: u1.85 s.77 cu0 cs0 - .0836% CPU load 2 requests/sec - 4083 B/second - 2043 B/request 1 requests currently being processed, 4 idle workers _..__W_......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process Srv PID Acc M CPU SS Req Conn Child Slot Client VHost Request 0-0 29399 0/14/875 _ 0.03 1 27 0.0 0.03 1.58 X.X.X.X 127.0.0.1 GET /messaggi_xml.php?id_srv=2381&id_dev=1233&last_event=1&i 1-0 - 0/0/908 . 0.40 43 25 0.0 0.00 1.81 X.X.X.X 127.0.0.1 GET /messaggi_xml.php?id_srv=2381&id_dev=1233&last_event=1&i 2-0 - 0/0/859 . 0.45 3 23 0.0 0.00 1.67 X.X.X.X 127.0.0.1 GET /messaggi_xml.php?id_srv=2381&id_dev=1233&last_event=1&i 3-0 29379 0/160/857 _ 0.34 0 25 0.0 0.30 1.68 X.X.X.X 127.0.0.1 GET /messaggi_xml.php?id_srv=2381&id_dev=1233&last_event=1&i 4-0 29380 0/132/804 _ 0.31 1 15 0.0 0.27 1.61 X.X.X.X 127.0.0.1 GET /check_realtime.php?id_srv=2381&id_dev=1233 HTTP/1.1 5-0 29383 0/116/851 W 0.24 0 0 0.0 0.27 1.68 X.X.X.X 127.0.0.1 GET /server-status HTTP/1.1 6-0 29385 0/114/751 _ 0.23 0 16 0.0 0.17 1.32 X.X.X.X 127.0.0.1 GET /check_realtime.php?id_srv=2381&id_dev=1233 HTTP/1.1 7-0 - 0/0/178 . 0.26 2410 22 0.0 0.00 0.48 X.X.X.X 127.0.0.1 GET /messaggi_xml.php?id_srv=2381&id_dev=1233&last_event=1&i 8-0 - 0/0/180 . 0.36 2362 12 0.0 0.00 0.38 X.X.X.X 127.0.0.1 GET /check_realtime.php?id_srv=2381&id_dev=1233 HTTP/1.1 Since I see an open slot with no current process associated with some pages, would that mean there is misconfiguration in Apache and do you have an hint to check a possible parameter to avoid that? If you need more infos, like configurations, I can provide... Plus I have to say I don't see any errors in /var/log/messages or /var/log/httpd/error_log or /var/log/httpd/ssl_error_log and neither in /tmp/php_error_log... plus if I do ps aux I don't see those open slot listed... Cheers, Luigi

How to create an SHA-512 hashed password for shadow? Posted: 24 Apr 2022 05:09 AM PDT The previous SF questions I've seen have lead to answers that produce MD5 hashed password. Does anyone have a suggestion on to produce an SHA-512 hashed password? I'd prefer a one liner instead of a script but, if a script is the only solution, that's fine as well. Update Replacing previous py2 versions with this one: python3 -c "import crypt;print(crypt.crypt(input('clear-text pw: '), crypt.mksalt(crypt.METHOD_SHA512)))"

SAP Homogeneous copy : How do you handle BDLS steps Posted: 24 Apr 2022 12:00 AM PDT Part of SAP Homogeneous copy, we almost always need to perform the BDLS Step. This can cause a lot of grief cause this step can take few (or a lot) of hours. How do you manage it ? any tips and trick ?

You are subscribed to email updates from Recent Questions - Server Fault. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States