The following snippet of module is creating app pool with specified user name but not setting the password.
- name: Create GRSClient application pool
win_iis_webapppool:
name: "Test"
state: started
attributes:
managedRuntimeVersion: v4.0
managedPipelineMode: Integrated
processModel.identityType: SpecificUser
processModel.userName: 'TestUser'
processModel.password: 'TestPassword'
processModel.loadUserProfile: false
enable32BitAppOnWin64: true
failure.rapidFailProtection: true
processmodel.idleTimeout: 00:20:00
processmodel.idleTimeoutAction: Terminate
startMode: AlwaysRunning
Did you get any error message? I tried what you created and it set successfully, how did you check application pool user password? When I tried to see what it set from cmd with command below
%systemroot%\system32\inetsrv\appcmd list config /section:applicationpools
I could see :
<add name="ansiblepool">
<processModel identityType="SpecificUser" userName="TestUser" password="TestPassword" />
There could be two reasons for this problem:
Incorrect user name or password
The user might not be a local user or domain user
As per my understanding, you'll run into this issue in either of these cases.
Related
I am using node-windows to run my node app as a service. Because I intend to use node-expose-sspi I created a service account with powershell (I checked with Test-ADServiceAccount).
If I run this code
var Service = require('node-windows').Service;
// Create a new service object
var svc = new Service({
name:'project-name',
description: 'node server',
script: 'C:\\server\\server.js'
, allowServiceLogon: true
// ,
// env:{
// name: "NODE_ENV",
// value: "production"
// }
});
// Listen for the "install" event, which indicates the
// process is available as a service.
svc.on('install',function(){
svc.start();
});
// Just in case this file is run twice.
svc.on('alreadyinstalled',function(){
console.log('This service is already installed.');
});
// Listen for the "start" event and let us know when the
// process has actually started working.
svc.on('start',function(){
console.log(svc.name+' started!\nVisit http://127.0.0.1:5000 to see it in action.');
});
// Install the script as a service.
svc.install();
I get the console log 'project-name started...' but the service is not created (I checked with get-process).
If I omit 'allowServiceLogon: true' the service is created.
How do I specify the service account in node-windows?
Syntax
node-windows v1.1.8 seems to be using winsw version 2 so you need to set the options according to this xmlConfigFile.md (don't forget the $-sign).
<serviceaccount>
<domain>YOURDOMAIN</domain>
<user>gmsa_account$</user>
<allowservicelogon>true</allowservicelogon>
</serviceaccount>
Troubleshoot
If the service is not created then it is because the gMSA does not have sufficient permissions for a) the npm folder of node-windows (if you installed this globally this should be C:\Users\username\AppData\Roaming\npm, b) the "entry point" of the npm folder (C:\Users\username) and also the folder where your node app.js is (for instance C:\projects\myserverproject). You need at least write permissions.
Also, the windows-node log file in the daemon folder (C:\projects\myserverproject\daemon) will not be created! This makes troubleshooting harder.
Same goes for the user LocalService, too.
My recommendation
If you omit the allowServiceLogon and the other logon-attributes altogether, the service will be created as LocalSystem. LocalSystem has sufficient permissions. Now you can change LocalSystem to the gMSA in the Windows GUI (search for 'services.msc').
If the gMSA not have sufficient permissions, the service will start but stop immediately. Then you can find the error log in the Event Viewer. The error log will tell you which folders you need to add permissions to.
I'm trying to create a project of the labeling tool from the Azure form recognizer. I have successfully deployed the web app, but I'm unable to start a project. I get this error all every time I try:
I have tried with several app instances and changing the project name and connection name, none of those work. The only common factor and finding here as that it is related to the connection.
As I see it:
1) I can either start a new project or use one on the cloud:
First I tried to create a new project:
I filled the fields with these values:
Display Name: Test-form
Source Connection: <previuosly created connection>
Folder Path: None
Form Recognizer Service Uri: https://XXX-test.cognitiveservices.azure.com/
API Key: XXXXX
Description: None
And got the error from the question's title:
"Invalid resource name creating a connection to azure storage "
I tried several combinations of names, none of those work.
Then I tried with the option: "Open a cloud project"
Got the same error instantly, hence I deduce the issue is with the connection settings.
Now, In the connection settings I have this:
At first glance, since the values are accepted and the connection is created. I guess it is correct but it is the only point I failure I can think of.
Regarding the storage container settings, I added the required CORS configuration and I have used it to train models with the Forms Recognizer, So that part does works.
At this point at pretty much stuck, since I error message does not give me many clues on where is the error.
I was facing a similar error today
You have to add container name before "?sv..." in your SAS URI in connection settings
https://****.blob.core.windows.net/**trainingdata**?sv=2019-10-10..
I enabled the "Log command assistance commands" option in Websphere > console preferences.
The documentation says the following :
Specifies whether to log all the command assistance wsadmin data to a file. This file is saved to ${LOG_ROOT}/server/commandAssistanceJythonCommands_user name.log:
server is the server process where the console runs, such as server1 or adminagent.
server is the server process where the console runs, such as dmgr, server1, adminagent, or jobmgr.
user name is the administrative console user name.
When you manage a profile using an administrative agent, the command assistance log is put in the location of the profile that the administrative agent is managing. The ${LOG_ROOT} variable defines the profile location.
I am not able to find the default value of LOG_ROOT.
The actual value of LOG_ROOT depends on values of other variables. The variables are defined in AdminConsole -> Environment -> WebSphere Variables. Because variables exists at different scopes (cell, node, cluster, server), finding the actual value can be a bit tricky. The ultimate solution is to use wsadmin and AdminOperations.expandVariable operation.
For ND environment:
adminOperations = AdminControl.queryNames('WebSphere:*,type=AdminOperations,process=dmgr').splitlines()[0]
print AdminControl.invoke(adminOperations, 'expandVariable', ['${LOG_ROOT}/commandAssistance_ssdimmanuel.log'])
For standalone WAS (assuming that the server name is 'server1'):
adminOperations = AdminControl.queryNames('WebSphere:*,type=AdminOperations,process=server1').splitlines()[0]
print AdminControl.invoke(adminOperations, 'expandVariable', ['${LOG_ROOT}/commandAssistance_ssdimmanuel.log'])
Advertisement mode
Using WDR library (http://wdr.github.io/WDR/) you could do it in just one simple line:
For ND:
print getMBean1(type='AdminOperations', process='dmgr').expandVariable('${LOG_ROOT}/commandAssistance_ssdimmanuel.log')
For standalone WAS:
print getMBean1(type='AdminOperations', process='server1').expandVariable('${LOG_ROOT}/commandAssistance_ssdimmanuel.log')
I am trying to execute this command from a web application on sourceServer:
var mgr = ServerManager.OpenRemote(destServer)
but I receive this error:
UnAuthorized access wth a detail error: "Retrieving the COM class factory for remote component with CLSID {2B72133B-3F5B-4602-8952-803546CE3344} from machine failed due to the following error: 80070005"
I have full administrative rights on both servers.
I can issue that command from a console application no problem, but when I try it from the web application, I get the error!
I have tried enabling the remote management checkbox and started teh remote access auto connection manager and also tried updating the load user profile on the applicaiton pool from false to true.
I have searched so much to the point that all of my links are pink in color!
Any input is greatly appreciated.
I've decided to ditch the use of ServerManager.OpenRemote() and use the DirectoryEntry way:
DirectoryEntry root = new DirectoryEntry("IIS://server/W3SVC", username, password)
it is much simpler and straightforward.
I have a Symfony2 (2.0.19) application with the FOSUserBundle that I extends with a custom UserManager class because it has to load data from an old database which can not be migrated for now. Everything works well, users can login, access their dashboard, disconnect... But I have this recurrent warning in the prod.log log file:
[2012-12-05 18:16:45] security.WARNING: Username "" could not be found. [] []
This is caused when trying to log with a user-name that can't be found. So the error is "normal".
This warning is not very useful as the user-name is not logged. So, I'd like to remove it without changing the error report level of the prod environment.
As we commit our vendor (not a good practice but we've been asked to do this) I have deleted this log which was useless.