Tableau Server Could not locate unexpired trusted ticket local network - tableau-api

I have two servers , Server #1 one hosted in the office using the office network (this hosts the tableau server on ubuntu server) and the other server Server #2 sitting in another collocated network. The web application is hosted in server #2 and the tableau dashboards are embended on the web application.
When I try to access the application from another public network , the dashboards are working very well, however when I try to access the dashboards from the office network (which hosts the tablueau server ), I get the following error =>

That error is generally caused by one of two issues
The IP Address of Webserver hosting the IFrame was not whitelisted under Trusted Authentication in TSM or Add Trusted IP Addresses or Host Names to Tableau Server
or
The trusted user does not exist on the Tableau server and/or the username does not match what was passed to the webserver from your web application hosting the Iframe.

We have trusted_ticket_expiry set to 240 minutes.
https://kb.tableau.com/articles/issue/changing-the-expiration-timeout-of-trusted-tickets

Related

How do you configure a domain name for openfire server? Do I just buy a domain and set it as my XMPP domain?

so I am setting up a server for a messaging application which is being developed. I am using openfire server for this which I have installed and running on a PC. Right now, the xmpp domain is set to my computer name and server is working on my network, but obviously as its a local name it cannot be accessed from the outside.I am able to access the server from multiple computers on the same network using the Spark messaging client to test the server. So to be able to access my XMPP server from devices outside my network, do I just buy a domain name and set it as my XMPP domain in Openfire settings?
To answer your question, yes, with the following caveats:
You will either have to host the DNS server yourself or have the DNS provider serve the records for you.
A domain must have a static IP to address to point to. A home or a typical small business Internet account does not include a static IP (some providers actively prevent home accounts from serving web pages/services).
You must also configure your firewall to allow a mapping to the internal server.
I would recommend using an external provider to handle the network and hosting services for your program.

Hosting two different servers with one domain

I'm trying to host web pages using Win Server 2016. Currently, I have Jira and my personal web (IIS) servers. Using AWS, I currently have "myec2.com:port1" and "myec2.com/port2" running fine. And I'm planning to buy a domain "myname.com" to be connected to "myec2.long.name.com"
What I hope to do is "myname.com/jira" and "myname.com/mypage" or "jira.myname.com" and "mypage.myname.com" can redirect to Jira server and the IIS server. Is there a way I can achieve this goal?
Thanks in advance.
If you buy a domain like myname.com you will be able to configure any number of sub-domains such as jira.myname.com or mypage.myname.com as you like.
Usually what you would do is point those sub-domains to your server's IP then handle requests to those domains by setting up a web server (like apache or nginx) and configuring a virtual host (apache) or a server block (nginx) for each one of those sub-domains.

I get 403/404 trying to connect to APIC's on-premises Developer Portal using ip-address

I can log into the Portal using its host name, but not url. Why?
Example:
https://developer.think.ibm/ works
https://192.168.225.20/ returns a 403 and 'nginx'
My 'on-premises' cloud consists of 4 vms that were provided in a workshop in IBM South Bank in June 2016. I am in the process of refreshing my APIC skills and extending them. Rather than use the Ubuntu vm where the Toolkit is installed, I have been using it in Windows 10, and accessing the APIM and CMC from Firefox and Chrome in Windows, using the ip address of the vm.
I have come to the conclusion that there must be a config value in the CMC or Portal, that forces Portal to only accepts urls containing 'developer.think.ibm'. Using the ip-address, also fails from Firefox in Ubuntu. In Windows, I added 'developer.think.ibm' to my hosts file and now I can access the Portal. Using vmware's NAT port forwarding 'localhost:4443', returns a 404.
It seems to me that inital access to the Portal, by its nature, should be easy, as this is the whole point of having an API manager.
Regards, John
Your Portal Server hosts multiple Portal sites (each Catalog has its own Portal site). The IP address of the server doesn't identify a site so you need to use the site's url (which is configured as part of the catalog configuration in API Manager). URLs for different sites may have different virtual hosts, or differ only in their paths.

While connecting two app servers with an ibm http webserver, we are able to successfully connect with only one server

While running two app servers (which has mobilefirst servers hosted 7.1 version) from ibm http server, only one server runs successfully on keeping only one of the Route attribute active in the plugin-cfg.xml of the http server. In the server which is not running, the following error is seen in the messages.log.
CWWKS4001E: The security token cannot be validated. This can be for the following reasons
1. The security token was generated on another server using different keys.
2. The token configuration or the security keys of the token service which created the token has been changed.
3. The token service which created the token is no longer available.
Kindly guide in resolving the error above.
Thanks.
Sounds like your two servers have not exchanged/shared LTPA keys and IHS and the WAS Plugin are a red herring.
http://www.ibm.com/support/knowledgecenter/SSAW57_liberty/com.ibm.websphere.wlp.nd.doc/ae/twlp_sec_ltpa.html
http://www.ibm.com/support/knowledgecenter/SSAW57_liberty/com.ibm.websphere.wlp.nd.doc/ae/twlp_sec_sso.html
Note: For SSO to work across Liberty servers, full profile servers, or both, set the following resources:
The servers must use the same LTPA keys and share the same user registry.
Sounds like communication issue between two servers. Are the inbound ports opened on another server to communicate with HTTP server? if they are opened use telnet and test whether both servers (HTTP and app server) are communicating with each other.
On HTTP Server, open command prompt and enter below command.
telnet <app server ip> <app server port>
If this is not successful then you need to open ports on app server.

using Windows Azure Connect local endpoint to send email from web role

I am trying to send email using one of our on-premises servers from one of my web roles hosted on azure. We've got a Windows Azure Connect endpoint installed on this on-premises server which has an SMTP server.
We've configured the web role so that it contains an activation code I acquired using the windows azure portal and the azure subscription we have. The web role has been deployed to azure with this configuration. Looking in the virtual network section of the portal I can see our on-premises server listed as well as the instance of said web role. I Created a group connecting the local endpoint to the web role instance.
The problem I'm having now is figuring out exactly what I have to do in order for the emails I send from the web role to be relayed through the smtp server on the on-premises server.
My first thought was to just specify the local endpoint name as it appears in our azure portal as the host to use when I create my SmtpClient object in code. Of course this didn't work as I received an SmtpException just saying Failure Sending Email.
So my question is once I've set everything up as described above, what do I need to do in ,my web role code and/or configuration in order to use the local endpoint as the smtp host for sending out my emails??
How about open your firewall for the SMTP on both your azure VM and local server.
As I know the azure VM firewall disabled the PING (ICMP) but doesn't know if it blocked all ports except those defined in your CSDEF file.