Missing checkboxes to start/stop server JVM (IBM WebSphere) - websphere-7

on a WebSphere 7.0 console under Servers -> Server Types -> WebSphere application servers I do not see the checkboxes next to JVM servers. The version is ND 7.0.0.17 (as per screen shot below - some info removed for security reasons). So far it has our Network Admins a little perplexed. They have tried adding me to different trusted domain WAS groups, no luck. I also tried logging in from different browsers, flushing browser cache, running browsers like Chrome Incognito - all which probably has nothing to do with it, but no luck. Is this indeed related to inadequate security? If anyone has experienced this and has any suggestion it would be greatly appreciated. Please forgive me for any lack of information and if I have not explained this very well - I am just used to logging in and doing very specific tasks through the console, and that's it. Thank you.

According to this IBM KnowledgeCenter topic, you'll need Operator role: "An individual or group that uses the operator role has monitor privileges plus ability to change the runtime state."

Related

how to configure two or more hosts on WAS server

I have the application deployed on WAS. Now i have made few changes on the code and want to deploy on WAS . I want the old deployment to work as it is. But i also want the new changes to be deployed and work separately independent of the other without affecting. How to make both exist simultaneously on WAS.
Is there a way please help
Are you saying there is nothing shared between the applications, they are completely separate?
Have you tried using a different context root and application name?
From a webcontainer perspective, if the context_root is different, it should be treated as a completely different application and should accomplish this.
If it doesn't work after that, the link below discusses various issues you may run into and how to deal with them.
IBM WebSphere Developer Technical Journal: Co-hosting multiple versions of J2EE applications
http://www.ibm.com/developerworks/websphere/techjournal/0405_poddar/0405_poddar.html

what are the tools to parse/analyze IIS logs - ideally free/open source?

note: there are few similar questions already asked here - but they are from 2009. May be something has changed since then.
I'm responsible for a bunch of websites hosted on different servers. I do not do any log analysis right now, but I would like to change this. First question - what is the best tool to view ISSUES with the website based on IIS logs (i.e. 404, 500 responses, long page processing, etc)? Ideally with grouping/sorting options? I do not want to spend a lot of time on this, I just want to periodically check if all is good with the website.
Second question (and I know most likely i'm asking for too much) - but is there any way to expose processed logs to web? So I can review things mentioned above without RPDing into the server?
Ideally I'm looking for a free/open source solution, but I'm ready to pay for a good software as well (but not a lot of $$).
Thank you.
You can take a look at our log monitoring solution EventSentry, which can monitor text-based logs like IIS logs. We have standard templates setup for IIS, and we can consolidate the logs in a database with web-access, so that you can review the logs without using RDP.
It's a pretty flexible solution that allows you to pick the fields you are interested in, and ignore the ones you are not - and thus save space in your database.
You can also setup real-time alerts, so that you can get an email when a critical error is encountered in a log file, like a 500 error.
http://www.eventsentry.com/features/log-file-monitoring
Finally, you can also plug-in command line tools which can verify that a given web page is accessible, or get alerted when it changes: http://www.eventsentry.com/features/application-monitoring.
I'm biased of course, but I would say that our solution is pretty affordable. Since it offers additional functionality as well, such as service monitoring (to monitor your IIS services) and event log monitoring (IIS does log critical messages to the event log), you can setup comprehensive monitoring with a single product.
I'd look into #LuckyLuke solution (or similar) - classic "build vs buy" decision. Based on your post, this isn't going to be your "full time" job so IMHO its best to leave it to those who do...
I don't know what "legacy" answers you are referring to, but if you want to tinker you can use Microsoft's own log parser, and depending on how far you want to go with it, you can use it (COM dll) to write your "admin web pages" in .Net/ASP.Net and host it in each of your servers....
If you're very specific about the errors you just want to be alerted about, another "hacky" way would be to provide your own custom error pages (either the default IIS error pages, or configure your Asp.Net apps to use specific error pages).

No voice installed on the system or none available with the current security setting

Exception on IIS Server When try to create .wav file on c# using SpeechSynthesizer.
This error is caused when the application is unable to access a voice for the SpeechSynthesizer to use. The first possible cause is the lack of any installed voices on the system. Odds are this isn't the problem, but you should still double check by running something like the following bit of code:
SpeechSynthesizer ssTest = new SpeechSynthesizer();
System.Diagnostics.Debug.WriteLine(ssTest.GetInstalledVoices().Count);
Assuming the above returns a number higher than 0, the problem is likely a more complicated issue with your application's security settings.
Several methods in the SpeechSynthesizer class, including SetOutputToWaveFile, require the immediate caller to be fully trusted. This might not be a huge concern for a desktop application (which the SpeechSynthesizer class was likely designed for) but has more serious security repercussions in a web environment. Therefore, IIS's default settings only make applications partially trusted. There are a number of ways to change this, possibly the quickest and certainly the dirtiest way is switching the application pool's identity from the default to an account with administrator privileges like the LocalSystem account.
Once again, just for emphasis, this will seriously harm the security of your application and should be fully researched before implementing.
Simple fix: Grant read/write access to C:\windows\system32\config\systemprofile\appdata\roaming for the same user that the app pool is running under.
Simply, run the app as "administrator". ;)

More GWT and Tomcat 6 Security headaches (windows)

Hey guys, I've been browsing around on SO for quite some time and can't thank everyone enough.
I've finally come to a road block after ironing out the other bugs in my code: Tomcat 6's security manager combined with Java's security is stalling me. Basically, I've written a web application (that only trusted people will have access to, so I don't need the security lecture here :-D) that needs to access a local filesystem after it's done some parsing to locate directories.
After tons of google-kung-fu and all of the " and + searching in the world, I can't find how to turn off Tomcat 6's security manager in Windows, or how to effectively neutralize it combined with forcing it to start. Using "-security" in the config gui doesn't work and I've tried adding commas and newlines to separate it from the lone "start" that's there currently.
In addition to turning it off, I learned another mistake I was making: forgetting to include the default constructor (with no parameters) for one of my serialized classes. Remember to check GWT's (somewhat quirky) rules for serialization!
I've since gone back and turned the tomcat security back on, only giving my specific application to the resources it needs.

Recommendations for securing Internet-facing IIS Host?

I'm setting up an Internet-facing ASP.NET MVC application, on Windows 2008. It uses SQL Server 2008 for its database. I'm looking for best-practices for securing it.
I found this article, but it's a bit dated now. How much of that advice is still valuable?
Some background -- it's a personal site, behind my home NAT/firewall box; and I'll only forward ports 80 and 443 to it. The IIS server itself is a Windows 2008 host running on HyperV (I only have one physical box to spare).
One useful thing that's mentioned in that article (which had occurred to me already) is that the IIS box shouldn't be a member of the domain, so that an intruder can't easily get off the box. I'll be removing it from the domain in a moment :)
What other tips should I (and anyone deploying to a bigger environment) bear in mind?
I know that this isn't strictly a programming-related question (there's no source code in it!), but I guess that most programmers have to dabble in operations stuff when it comes to deployment recommendations.
You might take a look at these two tools:
Best Practices Analyzer for ASP.NET
SQL Server 2005 Best Practices Analyzer (even though you are using 2008, still might be of help)
I don't know about removing it from the domain, but I'd certainly disable LanMan hashes, keep the system fully patched, and use good password security. Make sure that any processes running in IIS run from least privileged accounts, i.e., don't run the worker processes under IDs that are in Local Administrators.
This will be of great help, certainly:
Microsoft Web Application Configuration Analyzer v2.0

Resources