We need to run smoke tests during our Web Application's deployment script, which is a powershell script. Our site is hosted in IIS, and it normally runs with https on port 443 and requires authentication using OAuth. The smoke tests can't have test accounts, however, so they can't authenticate.
One option we are exploring is to disable authentication for the duration of the smoke tests and run them over http. I would need for our powershell script to do something like this (in pseudocode):
<save current webbindings for Default Web Site>
<set http on port 80 and localhost-only access for Default Web Site>
<execute the smoke tests>
<restore previous webbindings for Default Web Site>
I think that the Set-WebBinding command should be able to do this, but the only example there is this one:
Set-WebBinding -Name 'Default Web Site' -BindingInformation "*:80:" -PropertyName Port -Value 1234
Does this command set localhost-only access? And how do I store the configuration before changing it, and then restore it afterwards?
Related
Have a simple two-step release definition in Visual Studio Team Services / VSTS based on the "IIS Website Deployment" template set to configure an application pool (v4, integrated, application pool identity) and website (http, 192.168.0.xxx LAN IP, port 80, valid hostname) which is throwing an error I've struggled to find any details on. Isolated the issue to some AppCmd parameters but can't seem to remove them via the step settings.
Deploying out to a 2008 R2 target via VSTS agent v2.127.0 which installed without any issues but AppCmd consistently fails on the "IIS Web App Manage" step (after reconfiguring the application pool, creating a directory etc. without problems) then exits with code 8
hresult 80070008, Failed to commit configuration changes. Not enough storage is available to process this command.
Full log below but this line causes the error
"C:\Windows\system32\inetsrv\appcmd.exe" set site /site.name:"Example - Website Name" -applicationDefaults.applicationPool:"Example - AppPool Name" -[path='/'].[path='/'].physicalPath:"D:\Test\Example - Website Name" -[path='/'].[path='/'].userName: -[path='/'].[path='/'].password:
Running this directly on the target produces the same error, if I strip the blank username & password parameters it works. Checked we're not trying to set credentials and combinations of the authentication settings against the website and these two parameters won't either dissappear or format in a way which doesn't throw an error.
Tried searching for similar questions and it's lead nowhere, restarted the target in case it was a memory issue, even tried building a website-only step but the error remains.
##[section]Starting: Configure IIS AppPool & Website
==============================================================================
Task : IIS Web App Manage
Description : Create or update a Website, Web App, Virtual Directories, and Application Pool
Version : 0.5.4
Author : Microsoft Corporation
Help : [More Information](https://go.microsoft.com/fwlink/?linkid=839731)
==============================================================================
##[command]"C:\Windows\system32\inetsrv\appcmd.exe" list apppool /name:"Example - AppPool Name"
##[command]"C:\Windows\system32\inetsrv\appcmd.exe" set apppool /apppool.name:"Example - AppPool Name" -managedRuntimeVersion:v4.0 -managedPipelineMode:Integrated -processModel.identityType:ApplicationPoolIdentity
APPPOOL object "Example - AppPool Name" changed
##[command]"C:\Windows\system32\inetsrv\appcmd.exe" list site /name:"Example - Website Name"
##[command]"C:\Windows\system32\inetsrv\appcmd.exe" add site /name:"Example - Website Name" /physicalPath:"D:\Test\Example - Website Name"
SITE object "Example - Website Name" added
APP object "Example - Website Name/" added
VDIR object "Example - Website Name/" added
##[command]"C:\Windows\system32\inetsrv\appcmd.exe" set site /site.name:"Example - Website Name" -applicationDefaults.applicationPool:"Example - AppPool Name" -[path='/'].[path='/'].physicalPath:"D:\Test\Example - Website Name" -[path='/'].[path='/'].userName: -[path='/'].[path='/'].password:
SITE object "Example - Website Name" changed
ERROR ( hresult:80070008, message:Failed to commit configuration changes.
Not enough storage is available to process this command.
)
##[error]Process 'appcmd.exe' exited with code '8'.
##[section]Finishing: Configure IIS AppPool & Website
After discussing with MS Developer Support my problem appeared to be an issue with the target server's applicationHost.config encryption/security keys complicated by a less-than-useful error message being returned by AppCmd
The easiest way to verify the applicationHost.config being at fault was backing up the current config before reverting to an original, default copy of the applicationHost.config (C:\Windows\System32\inetsrv\config) then restarting the W3SVC service - was able to execute the "IIS Web App Manage" step without any issues afterwards.
Unfortunately keeping it reverted wasn't an option, so diffed the two versions of the config and found two keys with different sessionKey values in <configuration><configProtectedData><providers>
Copied the version of the highlighted keys (AesProvider & IISWASOnlyAesProvider) from our clean config to the current, restarted the W3SVC service and the same AppCmd line was able to run successfully.
Will continue to monitor as this was only happening on a physical internal development server with many potential ways the applicationHost.config could have accidentally changed while it's been in service - none of which should ever apply to a production system.
I followed the steps of this tutorial:
http://www.ibm.com/smarterplanet/us/en/ibmwatson/developercloud/doc/ega_docs/dialog_ega.shtml#ega_getstart_setup
until the step 3h (Account validation), which leads to following error:
“Client error – 407 Proxy Authorization required”.
(I am behind a company proxy)
I use Eclipse Mars 4.5.2 and IBM Bluemix Tools 1.0.10.v20160406_1758.
What i have already done:
-Of course I have Bluemix account that works perfectly fine.
-I have filled in the HTTP and HTTPS info within the Eclipse proxy settings (General->network settings) and cleared the SOCK-field. I can therefore install new software and use the eclipse marketplace for instance.
-Set the proxy at the http_proxy/https_proxy at the Windows system variables, therefore I can use the Bluemix command line tool and login to Bluemix.
-Experimenting with adding various lines at the eclipse.ini as in the following:
-Dorg.eclipse.ecf.provider.filetransfer.excludeContributors=org.eclipse.ecf.provi der.filetransfer.httpclient
-Dhttp.proxyPort=8080
-Dhttp.proxyHost=YYY.com
-Dhttp.proxyUser=uid123
-Dhttp.proxyPassword=XXX
-Dhttps.proxyPort=8080
-Dhttps.proxyHost=YYY.com
-Dhttps.proxyUser=uid123
-Dhttps.proxyPassword=XXX
-Dhttp.nonProxyHosts=localhost|127.0.0.1
-Dorg.eclipse.ecf.provider.filetransfer.retrieve.closeTimeout=3000
-Dorg.eclipse.ecf.provider.filetransfer.retrieve.readTimeout=3000
The command "nslookup api.ng.bluemix.net" returns:
Server: AAA.de Address: aa.bbb.cd.ef
Not authorized answer:
Name: ng.bluemix.net Address: 75.126.70.44 Aliases: api.ng.bluemix.net
Any suggestions how to successfully use the Eclipse Bluemix Plugin?
Based on the error, it looks like you have authentication error on accessing the proxy itself. The Bluemix Tools does not use the command line interface (CLI) to communicate with the Bluemix server. Therefore, proxy settings are not setup in Eclipse even if you have it working using the CLI.
In Eclipse, all the proxy settings can be done from the Preference page. There is no need to change eclipse.ini so you can restore the eclipse.ini file to the original before changing the preference setting. You can find the corresponding preference page in Window>Preferences>General>Network Connection. Then, change the "Active Provider" to "Manual" and edit the HTTP and HTTPS port proxy settings as needed.
In the Edit Proxy Entry dialog, you can input the proxy authentication information by selecting Requires Authentication checkbox and input the user/password.
I have an Azure web app. This web app has a QA deployment slot for pre-production testing. When I check in my code from VS, I have it setup to build and deploy to the QA deployment slot. This works great. However, a few configurations need to be updated in the QA web app so the application points to the correct service endpoints (i.e. not dev). To do this, my initial approach was to add a PS task to the Release that unzips my deployment zip, updates the configuration files, rezips them and then allows the Release flow to deploy the updated zip. This works locally, but running into filename length issues on the server when unzipping, which I can't change.
Now I'm trying to just include my update PS scripts in my deployment package, and then run the scripts AFTER the deployment has occurred. So, I'm looking at this Powershell on Target Machines task to run a PS on the QA slot server to update configurations. However, it's asking for Machines, which would be the server name of the slot server. I don't have that. I also don't know where to get it. I also don't have the path to the PS scripts once I have the server name. I dumped out the server variables and none of them help me, unless there is a cmdlet to look up environments that I'm not aware of.
System.DefaultWorkingDirectory: 'C:\a\2ed23b64d'
System.TeamFoundationServerUri: 'https://REDACTED.vsrm.visualstudio.com/DefaultCollection/'
System.TeamFoundationCollectionUri: 'https://REDACTEDvisualstudio.com/DefaultCollection/'
System.TeamProject: 'REDACTED'
System.TeamProjectId: 'REDACTED'
Release.DefinitionName: 'REDACTED'
Release.EnvironmentUri: 'vstfs:///ReleaseManagement/Environment/46'
Release.EnvironmentName: 'QA'
Release.ReleaseDescription: 'Triggered by REDACTED Build Definition 20160425.4.'
Release.ReleaseId: '31'
Release.ReleaseName: 'Release-31'
Release.ReleaseUri: 'vstfs:///ReleaseManagement/Release/31'
Release.RequestedFor: 'Matthew Mulhearn'
Release.RequestedForId: ''
Agent.HomeDirectory: 'C:\LR\MMS\Services\Mms\TaskAgentProvisioner\Tools\agents\1.98.1'
Agent.JobName: 'Release'
Agent.MachineName: 'TASKAGENT5-0020'
Agent.Name: 'Hosted Agent'
Agent.RootDirectory: 'C:\a'
Agent.WorkingDirectory: 'C:\a\SourceRootMapping\REDACTED'
Agent.ReleaseDirectory: 'C:\a\2ed23b64d'
Anyone have any idea, or a better approach, to accomplish what I'm attempting?
How to I change the monitoring-agent.config to go out via proxy with authentication?
The change log states...
Monitoring Agent 2.3.1.89-1
Released 2014-07-08
Added support for HTTP proxy configuration in the agent configuration file.
But I can't see how to do this.
Following wdberkeley's link I can add this value to the monitoring-agent.config file.
httpProxy=http://"pxproxy01":3128
But this gives..
Failure getting conf. Op: Get Err: Proxy Authentication Required
Is there anyway to set the authentication user/password ?
Edit file:
C:\MMSData\Monitoring\monitoring-agent.config
Add line...
httpProxy=http://<insert_server_address>:<insert_port>
e.g.
httpProxy=http://PROXY01.server.com:3128
Then get the proxy control team, who ever they be, to exclude the following from requiring authentication.
https://mms.mongodb.com 80
https://mms.mongodb.com 443
This has worked for me. I now have the MMS Agent on Windows sending stat's to the MMS service.
Thanks to #wdberkeley for starting me off on this route.
wdberkeley, the page you linked to does not exist & the classic page PDF & HTTP versions state 'HTTP_PROXY' not 'httpproxy' (on OSx section & tar.gz section), section '6.6 Monitoring Agent Configuration' does state the correct property name 'httpproxy'.
when I am starting WebLogic admin server with local host:port no/console I am getting the following error:
Console/Management requests or requests with <require-admin-traffic> specified to 'true' can only be made through an administration channel.
How to overcome this error?
You can manualy change your config.xml, find the <require-admin-traffic> element and change it's value to false.
This is because the option administration-port-enabled is set to true in config.xml
(available under ../MW_HOME/user_projects/domains/config)
<administration-port-enabled>false</administration-port-enabled>
Perfect. Or you can use the administration port you entered when configuring the server to use the admin server, which will be different from the default one. The default one 7001, the default for the admin server is 9002 and you can only access it via https.
Not downvoting the answer as it is accepted and maybe useful for users which can't recover their admin port, but this is obviously not best practise.
Once you open config.xml under the folder ../config,
change this row from 'true' to 'false':
true
It should then be ok.
Skender Kollcaku
You are most probably trying to use the administration console on the application port. You need the administration port.
Go to your domain directories (ex. /opt/weblogic/domains/mydomain)
Go into sub-directory config
Run grep "administration-port" config.xml
This will give you a port number, like: <administration-port>12345</administration-port>
Use that port to connect to /console/.
ex: https://YOUR-SERVER:12345/console/
This is much preferable to using the application port for the console, like #Peter pointed out.