HTTP error 503. service unavailable when trying to run local host - iis

HTTP error 503. service unavailable when trying to run local host.
Default application pool is getting stopped everytime when trying to run local host.
IIS-->Application pools-->Default application pool-->advancedsettings-->Generate process model log entry-->identity has been set propwerly to corect credentials.
Also tried restarting the IIS.
Tried all solutions suggested in below link.
https://windowsreport.com/http-error-503-service-unavailable/#:~:text=If%20HTTP%20error%20503%20the,it%20would%20resolve%20the%20issue.&text=Right%2Dclick%20on%20DefaultAppPool%20to,service%20is%20unavailable%20is%20gone.
can anyone help me on this?

There are many reasons for this error, you can try the following solutions:
Click on application pools under the tree with your machine name, on the right side, click on advanced settings, in Process Model change the "Load User Profile" to false, Start your apllication and restart your IIS.
In IIS go to the Application Pools under the Server, then find the correct application pool for your web site, and click on it. On the advanced settings menu to the right, select Identity and change it and enter new user and password. Click on your application pool again, and select recycle to restart it.

Related

Do not terminate an application on IIS

When I put my application on directory and access for first time, the application begins. It's OK, no problem. BUT, after sometime, this application ends end this is normal. Is possible do not terminate by time or extends this time application is running?
Do you mean you want to keep the IIS application pool never stop. I suggest you could try to set the start mode to always running.
You could follow below steps to achieve your requirement.
1.Open IIS management console
2.Select the right application pool
3.Click advanced setting
4.Modify the start mode to always running.
Notice:
When you set the startMode property of your application pool to AlwaysRunning a worker process is spawned as soon as IIS starts up and does not wait for the first user request. But this does not mean the web application is initialized.
When you set preloadEnabled to true, IIS will simulate a user request to the default page (can be changed with initializationPage metabase setting) of the website/virdir so that the application initializes. The request is not logged in the IIS logs.
More details, you could refer to below steps:
1.Right click your IIS web sites
2.Select manage web site
3.Select advanced settings
4.Set the preload enabled to true

Serve static files from network share as gmsa

I am trying to serve static files from a file server running Windows Server 2016. I would like to use a group managed service account for the connection.
I have attempted configuring IIS on Windows Server 2012 to use the gmsa. The Test-ADServiceAccount cmdlet returns True for the gmsa I am attempting to use on the IIS host. I have gone under the basic settings option of the IIS site configuration and used the "connect as" button and set it to the gmsa account with no password. The prompt then says "Connect as 'gmsa-foo$'". However, when I attempt to press "ok", I get an error that the specified password is invalid.
Can I use a gmsa to allow access to the remotely hosted static files that I want to serve? Do I need to use a particular version of Windows Server to do so?
Make sure you added the gMSA account in the application pool identity.
It should be noted that this account may show unexpected behavior in IIS manager. For example, if you click on “Basic Settings” for an application that uses this account for its application pool, “Test Settings” may give you an error indicating “the user name or password is incorrect”. Usually, this can be ignored. Browsing any page in the application would be a better test – as long as you don’t receive a 503 response, the application pool username/password is fine.
You could get more information from the below document:
Windows Server 2012: Group Managed Service Accounts

Web Deploy connection timed out

I've previously had Web Deploy up and running without any issues. Following a company wide installation of Bitdefender, Web Deploy has stopped working. I've tried the following without any success
Added the following rule to Bitdefender firewall
Local Address: Any
Remote Address: our server IP port 8172
Protocol: TCP
Direction: Both
IP: Any
Network: Home / Office
Permission: Allow
Using the following telnet command, telnet [IP address] 8172, I get a blank screen.
Navigating to the URL for the publishing server connection, I'm prompted with a login and then a blank screen.
I don't have Fiddler, or anything similar, running.
I've tried on other machines in our office yet I get the same response.
Re-installed Web Deploy via Web Platform Installer Recommended Server Configuration for Web Hosting Providers and using command prompt I've restarted the agent services with the following commands
net stop msdepsvc & net start msdepsvc
net stop wmsvc & net start wmsvc
I've added IIS Manager Permissions to the appropriate site in IIS, using the server administrator account (which worked in the past) and configured web deploy publishing.
I'm running out of ideas of what to try so I'd appreciate any suggestions.
When attempting to validate the connection in Visual Studio I see the failed notification, "The operation has timed out".
The problem is in the Policies for Content Control. Exceptions need to be added for the sites you would like to web deploy to.
Click on policies, then go to the policy that applies to your development system. In my case this was "IT Policy." If you don't know, you can go to Network and drill down through Active Directory to find what policy applies.
Next, go to Content Control => Traffic. Check the boxes for Web (HTTP traffic) and Traffic Scan exclusions. Then add the URL or IP address for whatever system you are trying to deploy to (We used IP).
Hope that helps!

Windows server 2016 datacenter vpn installation fails

I have a VPS with Windows Server 2016 Datacenter, which I access through Remote Desktop. I would like to access it through VPN, so I tried to repeat the working configuration I have in another VPS with Windows Server 2008 Standard.
Both servers have a single Network Interface with a public address and a second internal address (10.1.0.1/255.255.255.248). As I said, VPN works perfectly on 2008.
The procedure I followed is described perfectly with screenshots in an article by Thomas Mauer
http://www.thomasmaurer.ch/2016/10/how-to-install-vpn-on-windows-server-2016/
So, briefly, I added the Remote Access role with the Remote Access and Routing features. The role and features get installed without any problem and then I am directed to a wizard, though which I try to initialize the VPN-only feature with a custom configuration. When I finally get into the "old" Routing and Remote Access Management console and try to right-click on the server node to "Configure and Enable Routing and Remote Access" this procedure never ends. A rotating clock icon stays there forever, so I have to kill the management console from the task manager.
When I reopen the management console, either with or without restarting the server, the server looks like running. Then I right-click on the server and select "Properties" in order to define the tunneling protocol for VPN as well as the internal address range that will be provided to the connected clients. The problem here is that this properties popup never gets saved. The "Apply" button does nothing, the "OK" button does not close the form and only the "Cancel" button closes the form without changing anything.
Has anybody seen this behaviour? Am I missing something?
Best regards,
Alex
I don't know why, but for this service to work the user "Network Service" needs to have "Logon as Service" permission, other services do not seam to require that...
You can grant this permission either by using secpol.msc or by just switching the service to run as e. g. "Local System" and back to "Network Service" (empty password fields).
To answer my question, it turned out that, for reasons I don't know, when the routing and remote access was being installed, the "Remote Access Management Service" was not starting. And after the server's restart it was always at "Starting" status.
This service is installed to run under the "Network Service" credentials with an Automatic (Delayed start) start type. When I changed to "Local Service" and manual, I was able to install the Role and initialize it without any problem. And then when I went back to Network Service and Automatic it runs without any more problems.
Strange ...
Alex

ERROR_USER_UNAUTHORIZED when deploy to IIS 7.5 when using IIS manager user

I'm trying to deploy from a teamcity server to my iis server but I get unauthorized when I use an IIS Manager user set up in IIS. If I use a Windows account it works just fine. Am I missing something?
I thought it was enough to create an IIS Manager User in ISS, or do I have to add that user to the domain or server I'm trying to deploy to?
In the Management Service Delegation I have added two rules, it could probably be combined into one. The first rule is for contentPath and iisApp and the second is for createApp. Both rules are run as an administrator user. I have added that all users (*) are allowed to execute the rule.
Is it something else I need to enable on the target server for it to work with IIS Manager Users?
I get the following message in my event viewer:
IISWMSVC_AUTHORIZATION_SERVER_NOT_ALLOWED
Only Windows Administrators are allowed to connect using a server connection.
Other users should use the 'Connect To Site or Application' task to be able to connect.
Process:WMSvc
Ok, I've been looking for an answer for some time and couldn't find it... but of course I figure it out myself as soon as I post the question here. The answer to my problem was that I have to add the IIS Manager User to the site which I want to deploy to. So if I selected the sites and then opened up the "IIS Manager Permissions" and added my user it all started working just as expected.

Resources