I'm new to Drupal and recently installed 8.1.2 and the LDAP module. I've been trying for 2 days to connect to our local Active Directory. However, every time I tried to run the server test I got an error: "Failed to bind to server. ldap error #49 Invalid credentials".
I'm sure the settings are correct and the credentials definitely are (I tested direct in Active Directory and in PHP). I also tried an online LDAP connection and that failed with the same error too. I thought maybe it's just the test that doesn't work so I tried logging in with a known AD account but it didn't work. As a final test I just installed Drupal 7 (and the modules for that) instead and with the same settings everything worked perfectly first time (tests ran as expected and I logged in with an AD account).
I know the LDAP module for 8 is in development mode but it seems to imply it is working. Has anyone got this working though? Please can you let me know whether I could be overlooking something simple with the settings in 8 or if it is a bug. I really don't want to use Drupal 7, but we definitely need our users to be able to log in using their network details.
Related
Unable to get through the Hybrid Configuration Wizard in Modern mode. This is necessary because we want to migrate mailboxes. Classic mode works.
It knows that there is a Hybrid Agent, but I can't successfully install with either path of using existing or adding a new one. In Azure there is an App Proxy registration which appears to have the incorrect IP for the route to on-prem. This was due to a misconfiguration of our outgoing firewall. However after the firewall configuration was fixed, the App Proxy still has the old return IP, and there is no way in Azure to remove this record.
I've removed the app proxy components on the server, and let the HCW install again but this record is not updated or removed. Also have gone through 'Classic' path which according to community posts is supposed to remove the App Proxy record, but it doesn't.
According to what I've read, if the record is inactive for 10 days, it will be removed, but I'd rather resolve this without waiting for 10 days.
I've tried patching the record using Graph but it doesn't work.
2022.01.31 22:09:59.707 10333 [Client=UX, fn=SendAsync, Thread=15] FINISH Time=2170.2ms Results=BadRequest {"error":{"code":"InternalUrl_Duplicate","message":"Internal url 'https://LOCALFQDNSERVER/' is invalid since it is already in use","innerError":{"date":"2022-01-31T22:09:58","request-id":"d5c4dfe0-096d-4382-9da0-9559f45e0217","client-request-id":"d5c4dfe0-096d-4382-9da0-9559f45e0217"}}}
I have a school projet that require me to emulate the CVE-2020-1472 (Zerologon) on a local environment.
I am currently trying to test following github script but I am facing some issue that I haven't been able to solve since then.
To sumerize, I have a :
Ubuntu 16.04 machine with Samba 4.3.8 Domain Controller Active Directory
Windows Server 2019 that joined the domain EXAMPLE.COM that I created with Samba.
I've made several test and I can succesfully modify the password of the "Administrator" account with first part of the POC :
./cve-2020-1472-exploit.py -n EXAMPLE-DC -t 1.2.3.4
Problem comes when trying to run impacket to extract some data from the domain :
secretsdump.py -no-pass -just-dc Domain/'DC_NETBIOS_NAME$'#DC_IP_ADDR
It sucesfully log in but then I get this message :
Password:
[*] Dumping Domain Credentials (domain\uid:rid:lmhash:nthash)
[*] Using the DRSUAPI method to get NTDS.DIT secrets
[-] DRSR SessionError: code: 0x20e4 - ERROR_DS_CANT_FIND_EXPECTED_NC - The naming context could not be found.
[*] Something wen't wrong with the DRSUAPI approach. Try again with -use-vss parameter
[*] Cleaning up...
UPDATE 1 :
I also tried to use the -use-vss option but it also fails after login in.
[-] RemoteOperations failed: DCERPC Runtime Error: code: 0x5 - rpc_s_access_denied
[*] Searching for NTDS.dit
[-] 'NoneType' object has no attribute 'request'
[*] Cleaning up...
I tried to get some information about the DRSR SessionError: code: 0x20e4 - ERROR_DS_CANT_FIND_EXPECTED_NC but I didn't found any usefull informations on internet..
I hope someone have already faced this error or have knowledge regarding Active Directory because I'm really stuck
Thanks in advance and have a good week !
UPDATE 2:
I made a post on impacket's github and it seems like the DRSUAPI approach hasn't been tested against a non Windows AD before. So secretsdump wont works.
Every page mentioned SAMBA as vulnerable so I wonder if they really tested to exploit the vulnerability or if it was just a theoretical assumption.
I been searching for an answer for this for a long time now. There are a zillion discussions but none seems to have helped me (I have tried everything I have read).
I have an ASP.net website that send apple push notifications. I created a Console app using push sharp - run it on my server, the push notifications get sent/received successfully. I run the console on my local dev system, it also works. I run my 'website' from IIS Express on my local system - the push notifications are also successful. But running in IIS on my server, I am getting the dreaded 'The credentials supplied to the package were not recognized' - any help at this point would be fantastic. Thanks
Previously, every time I have run into this issue, I have had to delete the cert out of my local machine cert store and re-import it. Then it all seems happy. I can't see how it could be a global permissions issue or invalid cert if simply re-importing it fixes the issue.
How I finally fixed it was using the winhttpcertcfg tool from the Windows Resource Kit to grant permission to the specific user that was using the cert.
The syntax would be:
"C:\Program Files (x86)\Windows Resource Kits\Tools\winhttpcertcfg" -i cert.p12 -c LOCAL_MACHINE\My -a UserWhoUsesTheCert -p passwordforp12
This question may be a dublicate, but no recent post leads to a working answer for my case.
I have a Sharepoint 2013 running on a Windows Server 2012. Following issue appeared:
I made a new Site-Collection as wiki. Everything (links,...) works fine on the server but when I want to access the wiki from outside (not localhost) the server runs in a 404 Not found error.
http://localhost/sites/wiki/Pages/Home.aspx - works fine(localhost)
http://10.38.0.15/sites/wiki/Pages/Home.aspx - doesn't work.
I checked the IIS settings, all servers are up and running. The log file has no errors in it.
Does anyone know, how to solve this problem?
thx
Jürgen
The most common cause for this is that you don't have the IIS host header configured correctly. The 404 will appear because you are hitting a different IIS web site and not the one you intended to.
If you go into IIS Manager and click on "Sites" in the right hand pane there will be a column called bindings and a column called ID.
IIS will check in the order of ID for the first site that matches. Make sure the default site is stopped. If you see bindings that look like the following:
ID 1: Bindings: *:80
ID 2: Bindings: www.yoursite.com:80
www.othersite.com will match ID 1. Any other site that doesn't specify a port or https: will be directed to ID 2. You need to ensure that the site you are trying to access matches your bindings. The "www.yoursite.com" is added to the site via "New Web Application" in SharePoint. There is a field called Host: in Central Administration. This should match what you are typing from inside and outside the server. If you need the site to respond to multiple names, you need to extend the web application.
Assuming you used the default of claims authentication, here are the instructions for that:
http://technet.microsoft.com/en-us/library/gg276325.aspx
I am not sure if this is still required in Server 2012, but disabling the loopback check might also help, although this usually results in a 401, and repeated attempts to log in. Here are the instructions for that.
http://support.microsoft.com/kb/896861
Сheck the alternate access mapping in SharePoint administrator.
It should be something like this:
http://yourservername default
http://10.10.1.30:80 internet
http:// so on ..
I am using SQL Server 2008 Reporting Services and set mode remotely. All is going fine and reports running on my machine. I am not using report viewer control, but switch to browser.
Problem is that when I access the report from any other system in browser by providing required url. I m getting the following premission error:
Server Error in /ReportServer Application. Access is denied:
Description: An error is occured while
accessing the resources required to
serve for this request. You might have
not premission to view the requested
resources. Error message: 401.3 : You
dont have the premission to view this
directory or page using the
creditinals you supplied.
I have go through all step of this article "http://msdn.microsoft.com/en-us/library/ms365170.aspx" and set remotly premession but after all changes no success and getting same error.
Please some one can tell me or provide step list, that how can I set the premession? that the report can run from other machine. Quick and detail response will
This link should give you some more steps to follow to set up the permissions as this sounds like a permissions error.
http://technet.microsoft.com/en-us/library/aa337491.aspx
Also .... does it prompt for a username and password when you visit the site from another machine? if not you may need to add the required authentication methods into IIS (just an idea)
Then create a local (or domain) account for people to use to browse reports and use the properties tab on the report server home page to add them as 'Browser' type members.
When you visit the reports site from another PC it should prompt for sign in details (may not on a domain - not sure), if it errors before showing the home page then it is a security config issue, once you get in you may have a bit more tinkering to do to get the reports to run, but you tend to get slightly more verbose descriptions then so its not too hard to figure out and it normally database security permissions related.
Best of luck.
CB