Active Directory Federation Service has been installed on Windows Server 2012 along with Active Directory.
When I try to execute https:/{server-name}/federationmetadata/2007-06/federationmetadata.xml or https:/{server-name}/adfs/ls/idpinitiatedsignon.htm my internet explorer shows me host not resolvable.
I can ping the DNS server and the service seems to be running fine. No Certification errors exist. I can see entry of /adfs/ls in ADFS console endpoint tab.
What could be the reason for getting a host not resolvable error? And how can I go about fixing this issue?
I resolved the issue. I needed to disable proxy in the network options.
Related
I have set up a new SSRS 2019 site with HTTPS & DNS. When I am connecting to the site through the https://ComputerFQDN/Reports then everything works just fine. When I try to connect through DNS to https://DNSName/Reports then the main page comes up and everything functions, until I try to run a report and then I get a 404 error. I can't figure out what setting I am missing or why all the reports work with the FQDN but fail with DNS alias.
Certificate is good and has the FQDN + DNS entries.
Tried with multiple DNS entries and get the same error.
Tried multiple browsers with same results and multiple computers.
I have checked that the DNS entries are both in the URL ACL and the RSReportServer.config files.
Server is configured to only use HTTPS.
Server is not running IIS.
This is an on-prem install and not in the cloud.
SQL 2019 with an Always On High Availability cluster.
I've read everything I can find, but so far I have not been able to find an answer to this problem.
Problem resolved. The DNS entries were not properly input into the URLACL for ReportServer.
When looking at the "netsh http show urlacl" command we noticed that the /Reports entries were present for the DNS entries, but were not present for the /ReportServer entry. Once we added the entries for the /ReportServer then it started working correctly.
I've never used Parallels' Plesk before and I'm trying to get my site up and running. I was using MAMP as a local server and everything worked fine, but now getting in on Plesk doesn't seem to be working.
I've connected a domain name (toptasty.gr) to the server, I've set "toptasty.gr/" as the document root (it doesn't seem to allow a default root), and inside that directory I have all my files, including an index.php.
But when I try to see my site, Chrome tells me the DNS can't find the site. I'm out of ideas, what am I doing wrong?
Thanks
Plesk creates a root called /httpdocs where you need to place your web files. With regards to DNS issue I would say that you have setup DNS in Plesk only. You will need to add or edit your DNS details to your hosting providers DNS or if your Domain registrar allows DNS you will need to add detail there. i.e www points to your Plesk server IP. N.B. Even though you have DNS in Plesk it is not controlling your domains DNS.
I have tried to configure release management to work across different servers with untrusted domains using the steps described in the below article.
http://blogs.msdn.com/b/visualstudioalm/archive/2013/12/12/configuring-release-management-to-work-across-untrusted.aspx
But when I tried to configure RM agent with ghost account, it was throwing error mentioned in the title. Please see the error screen attached..!!
I am searching for a solution for last few days...!!! Experts please help me.
Finally the issue has been resolved by logging in as shadow account. Changed RM server name with IP in MS deployment agent....!!
Thank you very much #Daniel Mann for the tips you have provided.
write it down as
Correct way:-
http://(server):(port)
Incorrect way:-
http://(server):(port)/ReleaseManagement
Do not write "/ReleaseManagement/" or any other URL segments after .
This will solve your problem.
Logging in as the shadow account may not be possible depending on how you setup the service account. Release Management site uses windows authentication so if you setup your credentials in Credential Manager on the agent server that will work. Just specify the fully qualified domain name for your Release Management server and your domain credentials for the RM server's domain.
I am looking for a solution to my Active Directory problem.
Environment:
Attempting to authenticate users on an external Centos 6.4 website (outside our firewall) by connecting to Microsoft Active Directory which is located behind the firewall.
Currently, we use active directory within our firewall via the domain activedirectory.website.local and works fine. We are in the process of moving some of our sites to an externally hosted server so we need SSL. We have generated a self-signed ssl cert on the active directory server and have exported the ca.pem to the Centos server.
When I try to authenticate Active Directory through the terminal in the client Centos machine (located outside our firewall), I get an error:
TLS: hostname (firewall.website.com) does not match common name in
certificate (activedirectory.website.local)
This error occurs because:
I am trying to access active directory which is behind our firewall from a client computer from outside
the certificate says "Hey I'm generated from
activedirectory.website.local but you are asking for
firewall.website.com".
We talked to an SSL company about getting a commercial SSL for the .local server and they said they could sell us one for a year. Beyond that year they would not be able to extend the SSL due to some sort of regulation.
Due to the complexity of the network, I cannot change the domain name of activedirectory.website.local or firewall.website.com.
I'm sure someone has ran into this problem but I currently can't find any solutions on the web.
All I need from active directory is usernames and passwords for login authentication.
Thank you in advance!
First thing, (shitty ... caca boudin in french) can't you declare activedirectory.website.local with the right IP adress in /etc/hosts.
Another thing I see is to buy a certificate (or to create your own using your own CA) and install it on the Active-Directory service. Have a look to How to enable LDAP over SSL with a third-party certification authority.
I'm trying to configure Team Foundation Reporting but without any success.
The App Tier and the Data Tier are in separate servers.
I guess it's not a port/firewall problem, because I opened port 135, and I can see the established connection by using TCPView (from Sysinternals) whenever I click "Populate URLs" in the Reports tab in TFS Administration Console. I can also telnet servername 135 without any problems.
I also checked if WMI service is started in the Data-Tier. And for SQL Server Reporting Services. Also checked for RPC and RPC Locator in both servers. They're all started and automatic.
I also set tfs app user as admin in sql reporting services. Added all kinds of permissions to the tfs user in the Data-Tier server.
I set all user permissions in dcomcnfg.
Allowed all WMI namespaces permissions to the user. (Computer Management -> WMI Control)
Deactivated Windows Firewall in both servers temporarily.
No luck.
However, in the app-tier, when I click Computer Management -> Connect to another computer, and type the data-tier IP, i can't connect. I get the message "Computer xxx cannot be managed. The network path was not found". How is that ? Tried IP, name, and FQDN. I also tried browsing and selecting the computer. Nothing changed.
I'm lost, what could possibly be happening ?
Thanks in Advance!
i'm betting that you're having the double-hop issue. try having your system admin set an spn for the website on the sql server.
you also need the AD permission 'trust for delegation' on the AD Service Account, right?
do that and SetSpn with the service account, that should help I think that the SPN option was spot on
See this answer:
IIS to SQL Server kerberos auth issues
which links to an old but user-friendly troubleshooting web app called DelegConfig. It can try to run the SetSpn commands for you, at least giving you an idea of what they need to be.
I ran into SPN issues when using an externally-accessible URL (+SSL) everywhere.