I'm working on an ASP.NET MVC website, it has been installed on three different servers (the same code version), it works on two of the servers i.e the user can login, but on one server after the user has submitted their username and password, the following server error is displayed in the browser:
Security Exception
System.Security.SecurityException: Token not found
The event viewer for the environment the error is occuring on shows the following two error messages at the point where th euser attempts to login:
Could not init pool.
System.Net.Sockets.SocketException (0x80004005):
A connection attempt failed because the connected party did not properly
respond after a period of time, or established connection failed because
connected host has failed to respond (server ip address)
And this error:
Error: System.Security.SecurityException: Token not found
Which is the server error displayed in the browser. This has in the past been resolved by deleting an authentication cookie, but that doesn't work for this error.
I have tried setting the trust level in the web.config to full which didn't work. I have tried restarting IIS.
Has anyone else come accross a similar problem? Could this problem be caused because a service of some kind isn't running? Any suggestions will be appreciated.
Most of the time these are connectivity timeouts due to different IP protocols (IPV4/IPV6) between the two server/computers trying to communicate or extra authentication rules setup on one of the computers for outgoing or incoming connectivity.
Ways to troubleshoot the issue:
Review IIS logs
Review EventLogs
Try adjusting TCP/IP parameters in the registry to increase the time allowed to connect
http://msdn.microsoft.com/en-us/library/aa560610(d=printer,v=bts.20).aspx
Even though the above article references Windows 2003, I've discovered it applies to some 2008 environments.
I was getting 0x80004005 & The requested name is valid, but no data of the requested type was found. My complete error
Check You have proper internet connection are there on your machine or not. And you are able to ping the remote server or not. I solved by checking both.
We were getting this error when one of a third party API hosted on of our server(Azure) was not able to communicate with one of our web services on a different machine(iNetU). Options were to open ports so that these machines could talk or to move the web service to the machine hosting the third party API.
Related
I'm trying to trigger a jenkins job using the API. I got the set the token, got to run it successfully in the browser and got a json output from the API call using:
https://<MY_JENKINS_ADDRESS>/job/path/job_name/api/json/build?token=my_token
I tried to use this call in a POST or GET web activity in Azure Data Factory but I'm getting this error:
Error calling the endpoint '<MY_JENKINS_ADDRESS>'. Response status code: 'NA - Unknown'. More details: Exception message: 'NA - Unknown [ClientSideException] Invalid Url:https://<MY_JENKINS_ADDRESS>/job/path/job_name/api/json/build?token=my_token. Please verify Url or integration runtime is valid and retry. Localhost URLs are allowed only with SelfHosted Integration Runtime'.
Request didn't reach the server from the client. This could happen because of an underlying issue such as network connectivity, a DNS failure, a server certificate validation or a timeout.
It is clear data factory can't access the url. How can I solve this issue? Any thoughts?
I am assumimg that the <https://<MY_JENKINS_ADDRESS/job/path/job_name/api/json/build?token=my_token>> is not a publically available and if that the case you should know that with ADF you can only access public facing urls . What that means is that If there anything whch is running on my local network or say on my laptop , ADF will be not abe able to access that .
Greeetings,
I have the following setup
Application Gateway -- Private Endpoints -- App Services
The application gateway is in its own resource group along with the virtual network in the 1.0.0.0 subnet.
The private endpoints and app services have a resource group per resource. So for me that would be 5 Services plus the main group with the AG.
I created all elements via the Portal.
After setting up the backend pool (for starters just for one service) and using the basic settings on all the elements (listeners, rules) I wanted to connect to the gateway public ip or dns name, however all I receive is a timeout, without any hint whatsoever in the monitoring as to what could cause the problem.
The application gateway does not even register a request.
Does anyone know what could be the cause of this? Could the Public IP be faulty for some reason? I even tried disabling the private endpoint on one of the services for debugging purposes but to no avail, seems like that is not the cause.
Any help is appreciated :)
Connection Timeout means that one or more than one server could not
complete your request within some period and does not receive a timely
response from another one that works as a gateway or proxy i.e; did
not complete within alloted time.
Initially try to reload the page in different browser or even on different devices.Clean the site from spam and cookies.
Please check if any of the below possible causes:
(main cause)REQUEST TIMEOUT : The number of seconds that
the application gateway will wait to receive a response from the
backend pool before it returns a “connection timed out” error
message.
When a user request is received, the application gateway applies the
configured rules to the request and routes it to a back-end pool
instance. It waits for a configurable interval of time for a response
from the back-end instance. By default, this interval is 20 seconds.
Solution: Reference >> Try Setting request-timeout :Application Gateway allows you to configure this setting via the
BackendHttpSetting,
Ex:
New-AzApplicationGatewayBackendHttpSettings -Name 'Setting01' -Port 80 -Protocol Http -CookieBasedAffinity Enabled -RequestTimeout 60
Also see App gateway
-troubleshoot-app-service-redirection-app-service-url.
NOTE: If your connections are getting dropped at less than the request
time out seconds set, then we need to find which connection is
trigged. And may need to Contact azure support
In addition to server timeouts, there are other causes
See if it due to default health check probe:like 1) Back-end VMs or
instances of virtual machine scale set are not responding to the
default health probe. 2) Invalid or improper configuration of custom
health probes. 3) Azure Application Gateway's back-end pool is not
configured or empty.
Troubleshoot problems-with-default-health-probe and custom healtH probe : Application gateway automatically configures a
default health probe using properties of the BackendHttpSetting but
Custom health probes allow additional flexibility to the default
probing behavior where you can configure the probe interval, the URL, the path to test, and how many failed responses to accept
before marking the back-end pool instance as unhealthy.
Also check the app service time outs : see appgw-timeouts and app
service time out setting
Other causes to check
Slow server, Problems with the firewall,network connection
If NSG, UDR or Custom DNS blocking access to backend pool members.
If VMs or instances in virtual machine scale set are healthy.
For those : Check the logs and DNS records and try by disabling the proxy or temporarily disabling the CDN
References:
Azure application gateway throws 502 when application sends 401 -
Stack Overflow
Azure Application Gateway error 502 when using application gateway
-Stack Overflow
I have created a sample MVC application and configured Azure AD authentication. This creates an application on Azure Portal automatically. When I run this application, it is working fine.
After this, I published the application on IIS and changed reply URL on azure portal and also I changed PostLogoutURL.
When I configure Azure AD in the sample application, a default connection of LocalDB is created. For hosting on IIS, I have tried LocalDB, SQLExpress & Azure SQL Server but none works.
I get "A task was canceled" error for which I am unable to find a solution.
This is the error I am getting:
Please help.
Thanks in advance.
I came acrosss this kind of issue with my Internet proxy.
Acrroding to the error message, your network may be interrupted by some configuration.As junnas said,
OpenId Connect middleware is trying to download the metadata document
from Azure AD. It needs it to be able to validate tokens
So, you can check if there is proxy or firewall again or run your App in another environment without a Proxy. Also,If you close a proxy on your machine,it may take few minutes to make effect.
In an iPad application, with VPN active and connected, the HttpClient can't access to a server in intranet, but I can access to same url when I access from Safari iPad.
The property Titanium.Network.networkTypeName shows "WIFI" or "MOBILE" but nothing related with a VPN connection.
Can anyone help me ? It's mandatory for my application access server through VPN.
Thanks in advance.
I got more info about my problem, actually the VPN wasn't the problem, the HTTClient uses the current device connection channel, that is, uses the VPN network and there is access to intranet server.
The problem was related with WAS server, when user is authenticated successfully against LDAP (using JAAS standard) then Connection was lost, when authentication failed then communications was OK and correct message was show to user, but when LDAP returned a valid authentication something made lost the communication channel.
I'm not sure about the "real" problem, but the solution was to add the HTTP header to request:
"Connection": "Keep-Alive"
This solves the problem.
I'm trying to set up a TFS2010 (with SP1) server and I keep running into hurdles.
The latest prevents me from doing anything useful as every HTTP request to "https://tfs.myserver.com/tfs" results in a HTTP 401. It doesn't matter if these requests come from the TFS Administration Console or from a web-browser. Every time I'm prompted to authenticate I enter the domain Administrator's fully-qualified username and password and I always get this error message:
Team Foundation Server
TF30063: You are not authorized to access https://tfs.myserver.com/tfs. - The remote erver returned an error: (401) Unauthorized.
Only a few settings in the Administration Console work (such as "Change URLs") but others, like "Group Membership" (either on the Application Tier node or on a Team Project Collection) results in the same prompt-then-fail.
The SSL certificate is valid, and the URLs seem consistent. I can't think what I'm missing out on.
EDIT: There is nothing relevant in the usual Event Logs. The Security log does show my Audit Failures, but I don't understand them because I'm entering the usernames and passwords correctly (the very same I use to access the servers over RDP):
An account failed to log on.
Subject:
Security ID: NULL SID
Account Name: -
Account Domain: -
Logon ID: 0x0
Logon Type: 3
Account For Which Logon Failed:
Security ID: NULL SID
Account Name: Administrator
Account Domain: DOMAIN
Failure Information:
Failure Reason: Unknown user name or bad password.
Status: 0xc000006d
Sub Status: 0xc000006a
What's different about Group Membership & security dialogs is they go through the client APIs and access via IIS. All others such as change server urls go through the server model straight to the DBs. That means IIS cannot authenticate on your domain for some reason ...
From the description, it seems like a domain joined machine. Does IIS have access to the domain controllers? (is it connected to the domain network) The wizards verify you can reach AD but if you disconnect afterwards ... If IIS can't reach AD it will not be able to authenticate. TFS relies on IIS for windows authentication. It appears it can't do that.
Some other things to try:
On the application tier panel of the admin console, try changing the account (domain account) that the server runs as.
Did you choose Kerberos authentication in the advanced wizard? If you do that with a domain user as the service account, there's a pop-up dialog telling you that you need extra AD administration. If you did that, you can change to NTLM from the admin console.
Try to access it via http://machinename:8080/tfs (instead of FQDN) both locally and remotely. Try http://machinename:8080/tfs/web from the web browser as well. make sure you're not having a proxy server issue (routing NTLM through proxy servers can be problematic - if you have bypass local in IE settings then address without dots won't route through the proxy and takes that out of the troubleshooting picture). You can also completely disable proxy in IE just for troubleshooting.
Create another web site manually with a hello world aspx running as the same account with anonymous & basic auth disabled and integrated windows auth enabled. Ensure it works.
After growing frustrated with trying the helpful suggestions people made but not getting anywhere I decided to start-over and try again. I completely uninstalled TFS, SQL Server, and SharePoint services and reinstalled from scratch.
This time it worked fine - no meddling with security was necessary and the system just worked out-of-the-box.
Looking back, I think the problem was that I set-up TFS with the advanced option to use SharePoint, and then I probably fiddled around with settings I wasn't familar with and ended up making a hash of things.
Note to future self: practice in a VM before deploying in production.