Latest Server related questions

Score: 0
When does a Windows client needs to query the domain controller's SRV record?
th flag

Today we have been alerted by the network support guys about high memory consumption in the firewall (FortiGate 100F) that could lead to it entering safe mode.

We searched the logs and found a truckload of DNS queries from the clients to the primary domain controller's SRV record (_ldap._tcp.pdc._msdcs.ourcompany.local), repeated to the tune of one every 15-20 seconds, per client. See linked screenshot. ...

Score: 0
FreeIPA - ssh as root prompted for password
mm flag

I know the access via root won't work (client sshd_config and restricted account in FreeIPA). But is there a way to blacklist root either on the host or on FreeIPA so it's denied immediately rather than prompting for a password?

I'm wondering if I'm missing something... If not possible then I guess my next goal will be to log root attempts via FreeIPA and alert/report on them.

Score: 0
user32882 avatar
GCP storage refusing me access to a bucket on Cloud Storage even though I apparently have the necessary permissions
cn flag

A colleague of mine has created a google cloud platform project for which we would like to use the Cloud Storage product. They have made me co-owner and storage admin in the IAM permissions. According to the google docs a storage admin has storage.objects.* permissions so I should be able to get bucket objects.

I wrote a simple python script to download some content as follows (pseudocode only):

 ...
Score: 0
Error at executing Azure Pipeline for a .Net Desktop App - Azure DevOps
fj flag

I'm creating my first Pipeline to build a .NET Desktop application. I have added the needed task to my YML file but I'm getting the following error, regarding an assembly that may be missing or not found.

Error Message: "The type or namespace name 'AxAcroPDFLibre' could not be found..."

Screenshot of error

This is the complete code of my YML file:

# .NET Desktop
# Build and run tests for .NET D ...
Score: 0
VNC black screen with working cursor after killing VNC session
cn flag

My VNC session was lagging to the point that I couldn't really use it so I ran pkill -u myUsername from inside the VNC session rather than through ssh (dumb, I know) and ever since all I get when I startup VNC is a black screen with a working cursor. No one else on our server is having this issue meaning it's a me problem but I can't figure out a solution. I can still ssh into my account and have tri ...

Score: 0
Bob avatar
Is Okta's RADIUS agent using PAP considered secure?
it flag
Bob

Okta RADIUS only supports PAP-based authentication, which OpenVPN Access Server supports. Can someone help me understand how this makes any amount of sense??? (both how Okta can justify implementing this and how OpenVPN can support this?)

You would commonly see PAP used on ancient operating systems or legacy systems. And it’s very unusual to see PAP used by itself these days. That’s because P ...

Score: 0
Upgrading websocket using Nginx and Daphne. Only works if I put port number in address bar
in flag

To start, I am not well versed in server proxies but I can get along a bit.

Here is the scenario.

I am running an app within a docker container, using django, nginx, daphne, redis on an apache server.

  1. Visit the website run by apache using example.com.
  2. Apache does a proxy pass to Nginx (running in a container) 80:8080 and 443:8443
  3. Then Nginx passes off to Daphne to run the actual app which is runnin ...
Score: 0
Matthew Spence avatar
Nginx - How do I force all server domains and server blocks to use non-www redirect?
de flag

There are many good results out there on how to redirect "www" to "non-www" and visa versa.

The most recommended solution is this:

server {
    listen 80;
    server_name www.example.com;
    return 301 https://example.com$request_uri;
}

This works well for a single website configuration file. However, it quickly duplicates configuration when you have multiple websites under one Nginx server.

I'd really ...

Score: 0
Bhuwan Bhandari avatar
Centos 8 CLI failed to start Switch root . “failed initrd-switch-root.service” [exit code]
ar flag

I have Centos 8 Cli version installed , due to power off the OS starts directly in emergency mode without starting root user . I have attached screenshot here

The OS is on VMware Hypervisor esxi 6.5 and has very crucial data in it . I would be very thankful if anyone could help me fixing it or atleast copy the data from it . Thankyou in advance

Score: 0
Eng7 avatar
Nginx: rewrite file from directory to root
um flag

I have nginx server running over linux environment, and it is handling the domains www.example1.com and www.example2.com. each domain has its own sitemap, so I need the correct sitemap loaded for each domain as it is in the root directory, for example:

www.example1.com/sitemap.xml is actually loaded from www.example1.com/sitemaps/1/sitemap.xml

And:

www.example2.com/sitemap.xml is actually loaded f ...

Score: 0
sandalija avatar
EC2 outbound static IP
in flag

I'm having troubles with an EC2 server

I need to connect with an external SQL server that has whitelisted an elastic IP attached to the instance. All the security rules and routes are set in the most permissive way. However, the outbounding traffic from my EC2 seems to have another IP.

The output

sqlcmd -S <SQLServerIP> -U <User> -P 
Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : Lo ...
Score: 0
Quentin Merlin avatar
Authorization header missing in PHP POST request IIS
cn flag

I'm currently trying to read the authorization header in a PHP script that I'm calling with a POST request. The Authorization header is populated with a token. It seems the Authorization header is somehow removed before it arrives at my PHP script.

I use these lines and the problem is mitigated in Apache using .htaccess

RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_ ...
Score: 1
signaleleven avatar
EKS - Use IAM roles for service accounts on multiple clusters
de flag

I am trying to use IAM roles for service accounts in EKS. https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html

When it comes to create the IAM role to be assigned to a service account, I have to create it with a trust policy that refers to the OIDC provider of a specific cluster.

https://docs.aws.amazon.com/eks/latest/userguide/create-service-account-iam-policy-and-ro ...

Score: 0
Samuel PE avatar
Implementing a CMDB
in flag

I have the need for an inventory for servers, storage, network devices, etc. and I'm thinking to have this kind of information in a CMDB. It would first be used as an inventory, but later could be for configuration management as well.

Should I create my own CMDB, based on the KISS principle, and make it better over time ? Or get a tool that already does the job, but which I would not be able to evolve  ...

Score: 1
BB23850 avatar
ffmpeg not able to yum
fr flag

I am on CentOS8. I am facing similar situation as in this question, tried everything suggest in answers but could not solve.

Why I can't install ffmpeg on CentOS 7

I am trying to install ffmpeg-devel which needs ffmpeg-libs and which needs libgcrypt. Libgcrypt is required by systemd which is protected package and could not uninstalled. Libgcrypt-1.8.5-4.el8 is newer version than libgcrypt-1.5.3-14.el ...

The Stunning Power of Questions

Much of an executive’s workday is spent asking others for information—requesting status updates from a team leader, for example, or questioning a counterpart in a tense negotiation. Yet unlike professionals such as litigators, journalists, and doctors, who are taught how to ask questions as an essential part of their training, few executives think of questioning as a skill that can be honed—or consider how their own answers to questions could make conversations more productive.

That’s a missed opportunity. Questioning is a uniquely powerful tool for unlocking value in organizations: It spurs learning and the exchange of ideas, it fuels innovation and performance improvement, it builds rapport and trust among team members. And it can mitigate business risk by uncovering unforeseen pitfalls and hazards.

For some people, questioning comes easily. Their natural inquisitiveness, emotional intelligence, and ability to read people put the ideal question on the tip of their tongue. But most of us don’t ask enough questions, nor do we pose our inquiries in an optimal way.

The good news is that by asking questions, we naturally improve our emotional intelligence, which in turn makes us better questioners—a virtuous cycle. In this article, we draw on insights from behavioral science research to explore how the way we frame questions and choose to answer our counterparts can influence the outcome of conversations. We offer guidance for choosing the best type, tone, sequence, and framing of questions and for deciding what and how much information to share to reap the most benefit from our interactions, not just for ourselves but for our organizations.