I have a Win 2012 server with IIS 8 running on that. Also installed Management Service with Remote Access allowed.
Another admin-user account is used to set up few default websites and now when I login to the same server using my admin-user account, I cannot see anything in the IIS.
I have tried connecting to server as localhost and with computer name as well but not allowing me to connect.
Any help on this would be great.
Found the issue -
There is a firewall implemented for the domain users to access. And when I tried to login as an Admin who is not permitted by firewall, I am just able to access the machine and internally my IIS component is not able to connect with the localhost or local server.
Related
Here is the scenario:
A web server is running on IIS 8.5 using AppPoolIdendtity to pass through the credential to connect to Reporting Service which is remotely installed in a MSSQL Server.
The reporting service has added the machine account DOMAIN\MACHINENAME$ to the system role assignment from http://MSSSQLRS/ReportServer as System Administrator like this:
The permissions granted to user ' are insufficient for performing this operation. (rsAccessDenied)"}
Testing local MSSQL server is smooth with local access. However, whenever the connection is established from the IIS web server. The "rsAccessDenied" error came up as DOMAIN\MACHINENAME$ user.
Not sure what else is wrong either on the WEB IIS or MSSQL server....
Sounds like RS Windows NTLM is not configured correctly. See this article.
I've got 2 machines:
A corporate desktop machine which is running Windows 7 SP1 which resides on the corporate domain and which I log into using a corporate domain account.
A personal laptop that I use when working from home via the Cisco VPN client but presently sits on my desk connected to the corporate WiFi (though I had it connected to the wire and on the same subnet as my desktop machine today also). This machine is not on the corporate domain; I log into this machine with a Microsoft Account.
I need to run Visual Studio 2013 Release Management Client from both machines. The machine on my desktop works fine when entering either the IP address or the URL into the Release Management Server URL entry field and everything hooks up and all is glorious.
On my Windows 10 laptop however, it's a different story. Every attempt to connect is met with the error:
The server specified could not be reached. Please ensure the
information that is entered is valid (please contact your Release
Management administrator for assistance). <-- I'm the admin
I can ping the machine both with IP address and with hostname, ruling out DNS issues. Both client machines are on the same subnet. Both machines are using the same outbound port.
Checking the event log I see a bunch of Message: The remote server returned an error: (401) Unauthorized.
Checking with Fiddler, on my desktop machine, I can walk through the handshake of each of the stages of startup and all is good. But in Fiddler on my laptop I see 3 401 Unauthorized errors before Release Management Client bombs and returns the rather uninformative message I posted above.
I've attempted to create a shadow account on my laptop and do the Shift-Right Click-Run As Different User dance, but I must be missing something because I can't get this to run.
I've talked to the network administrator who suggests that I should be able to access all of the same resources from both machines and that it must be a Release Management issue.
Is this an incompatibility between VS2013 Release Management & Windows 10 or something else? Has anyone else had this issue and overcome it? I have access to be able to administer the Release Management environment if there's changes that need to be made there and I'm a local administrator on both machines. I'm not however a domain administrator if changes need to be made there.
I would bet you simply have a security issue as the workstation is not domain-joined and the WPF client is using Integrated Authentication.
Often creating a local "shadow" user with same username and password, and running the client app under that account (run as) works.
Another option is to join the workstation to the domain or use a domain-joined VM.
After fully investigating the situation, it appears to have been a combination of factors. I am posting a response because this appears to be a relatively common problem:
The workstation was sending an unexpected credential to the server. To get around this, you have to configure the user account on the server without a domain in the username and create a shadow account on your local machine. When running the client application, you must either log into this shadow account on the local machine or you must SHIFT+RIGHT CLICK and choose "Run as" entering your local shadow credentials. This will then pass the shadow account to the server which will now authenticate without referencing the domain. OR
Create a user account on the server that matches the credentials on your local machine including MACHINENAME\LocalUsername
There appeared to be a network issue when attempting to connect to the Release Management Server from the non-domain machine when connected inside the network. When connecting via the VPN from home, this situation was resolved, but only after we'd ensured the account and local machine accounts were correctly configured. The domain connected machine always connected properly.
I can't seem to be able to deploy a site to a windows server 2012 r2 running IIS and Web Deploy in Azure VM. I have verified that the port is open, the credentials are correct and the site name as well. I tried using http: and https: also tried using msdeploy.axd end point and the MSDEPLOYAGENTSERVICE one nothing. Check is the services are running and if I can connect to the machine which at can on port 80 to the default site. Tried connecting from multiple connections I get the same result...
Could not connect to the remote computer ("<computer name>.cloudapp.net"). On the remote computer make sure that Web Deploy is installed and that the required process ("Web Deployment Agent Service") is started. Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_DESTINATION_NOT_REACHABLE. Unable to connect to the remote server.
After dealing with this for about an hour now, I figured out how to fix this on my Azure Virtual Machine.
First the obvious
Check that port 8172 (if you're using default settings) is open in your firewall
Check that the processes MsDepSvc and WMSVC are running.
Check that the site name is correct.
Management Service
In ISS, at the root level of the server, check your settings under Management Service.
It should have Enable Remote Connections checked:
Did you download the full package
This was the one that got me, I hadn't installed everything.
On the bottom of the WebDeploy page: http://www.iis.net/downloads/microsoft/web-deploy
You can download the full package, and then just install everything.
You don't mention if you have an endpoint configured for your Azure VM. If not, make sure you create an endpoint with a private port of 8172.
EDIT: Here is a troubleshooting guide for web deploy that includes the error message you've encountered. Additionally, from my own experience I have managed to mistype the site name and not install .NET and seeing similar errors.
Helpful but in the end in our case it was TLS mismatch. Check both machines can do TLS 1.2 if you are forcing it. Have put more detail here https://fuseit.zendesk.com/hc/en-us/articles/360000328595. Cheers
I have a web application on my local computer on a domain that works on IIS 7.5. When accessing this web app through localhost it works fine, but if I try using my IP address instead, It asks for my credentials and when I don't enter them, I get Error 401.2.
I already have Annonymous access and windows authentication enabled.
Please help me.
I was able to make it work. Instead of using my IP address to access the web app, I used my computer name.
I use windows xp and IIS 5 for web development. For database connection the credentials are set up as Integrated Security. It works fine our our DEV server (IIS 6) where they have configured the App Pool to run under the context of a domain account which has dbo access on the database. I myself also have dbo access in the database.
But when I run from my localhost the database connection failed (under Integrated Security=true) saying user '' has no previleged. So its passing a blank string as user instead of my logged in domain accountj ("domainname\myname"). How do I configure my localhost IIS so that it passed my logged in domain account as a user to the sql server? Basically I'm trying to silumate the apppool on IIS-5in my local machine.
I tried changing the "Log on as" on World wide web services & IIS Admin on my local machine services console, restarted it and did an IISRESET. Nothing seems to fix the problem.
Also I tried putting my domain user name (domainname\username) and password in the connection string by removing integreated security=true. Still that also not works
I am an administrator on my local machine. I tried different things like making aspnet user an administrator,log as as service etc etc with no luck
Please advice me how to configure IIS5 to run under a different account. thanks in advance
You need to set the user for anonymous login to be the domain account. I forget what tab it is on but it is there somewhere.
I think this link will point you in the correct direction
http://support.microsoft.com/kb/310344
Use IIS Express -- it is IIS7 for XP.