Latest Server related questions

We are using cetic/helm for nifi cluster. We have configured LDAP credentials as below:

 ldap:
    enabled: true
    host: "ldaps://ldaphost.net"
    searchBase: "ou=People,o=ABC" #CN=Users,DC=ldap,DC=example,DC=be
    admin: "cn=Keycloak_business_managed_Acc,ou=SystemUsers,ou=Accounts,o=ABC"
    pass: changeme
    searchFilter: (objectClass=abcEDPerson, inetorgperson, organizationalPerson, person ...

On my host hardware I have 1G's speed

on my vm I create using kvm it drops to around 20MB's

My host is running ubuntu 22.04 LTS

How can I optimise this?

I am using file based VM's. I created disk type raw and qcow2 only difference I saw was the creation of the file disk when specifying.

I tried setting nocache on the disk via virt-manager

This is the device information

I also checked cache mode  ...

I have a video streaming server using centos + nginx (1gbps port).

When all services are active it is impossible to connect to ftp. There is no bandwidth left for FTP. It prevents me from adding new files.

Is there any solution? Is it possible to allocate a bandwidth for FTP or SSH? (5MBPS is enough)

I already activated connection and download speed limits in nginx but it didn't help at all.

Pay for a CDN ...

I've been working on a relatively simple GPO to lock down some machines that will act as "kiosks". All the policies/preferences etc that I've set have worked fine except for registry changes (using Computer Config > Preferences > Windows Settings > Registry) and startup scripts in an attempt to have the registry changes occur via a batch/PS script (Computer Config > Policies > Windows Set ...

• I have 2 netcards enp0s3 for WAN and enp0s8 for LAN.
• WAN has dynamic IP address (received from ISP).
• LAN has class C static IP address for my local network
• I have isc-dhcp-server with this config:

nano /etc/dhcp/dhcpd.conf

# ISC-DHCP-Server Configuration
authoritative;
option wpad code 252 = text;
server-identifier 192.168.0.10;
deny duplicates;
one-lease-per-client true;
deny declines;
deny client-up ...

I have an Azure AD Free subscription that has users. I want these users to have Office 365 (Essentially Outlook).

I want to manage this from my existing Azure if possible and I don't have an Office 365 account at this stage as I want to avoid costly merge problems if there is a standard way. All the resources online are assuming you already have an Office 365 subscription! What do I need to do if ...

I'm attempting to design a Realtime Database with Firebase that will be scalable as our company grows, and I'm not sure what will be most beneficial long term.

I'm looking to create user groups to restrict access to different nodes in the database and have some way of bypassing those rules with exceptions. The current idea is to have groups define what users can access and then have the option to ...

I have a domain (myweb.com) pointed to one of my cloudfront distributions eg.:

myweb.com -> https://web1.s3.amazonaws.com/

now based on the internal organisation IP, I would like to load a new version of the site under the same domain not a subdomain:

myweb.com -> https://web2.s3.amazonaws.com/

soo if someone from outside of the company access myweb.com will get WEB1, within the organisation  ...

i'll try and be concise:

i'm running a Ubuntu server 20.04 VM, i've installed OpenLDAP and Samba (this is an assignment, so i'm not worrying very much that those both are hosted on same server for the time being). I set Samba up and create my shares; then i set LDAP on, and by looking at my LDAP structure, it seems that it's working fine, i installed SSSD to bind the two and allow me to authentic ...

I am setting up using traefik as a reverse proxy for my infrastructure/applications deployed via docker swarm

They recommend to only put the service on manager nodes. My plan was to have 1 manager and 3 workers.

Should I

• Add another manager?
• Run on all nodes
• Any other ideas?

Apologies if this is answered or documented already but I was confused on this so I'm hoping the community can provide some insight.

The below example is specifically for proxy_pass and proxy_set_header config directives, but my overall question is more of a "How does Nginx config handle ordering in general?" type of question.

I came across some working nginx config, with a location block such as this: ...

I'm trying to setup a Wireguard tunnel on my host OS and route all network traffic from a specific KVM VM over this Wireguard VPN. My KVM VMs are setup using bridged networking. The interface name on the host OS of the specific VM that I want to route through the VPN is 'viifv1424'. These are the commands I've run to try and achieve this, but it seems the VM is just routing as normal still, and not rout ...

Santander want to use our website, however when trying to access it they receive the following error:

'Network Error: Your request contacted a host which presented a certificate signed by an untrusted issuer.'

This appears on a page in red text and their logo, so it's a custom message they're throwing when verifying our site is safe to use. Their technical team have responded to say that it's due to ...

I need to update my ORCA to the latest version on both of my DL380 G7s. I am aware they are out of date, but they are good enough for my purpose. Can someone direct me to where I can find the correct documentation for updating ORCA to the latest version? I've tried multiple different files from HP, but none of them seem to want to boot from a USB.

A client is setting up some AWS resources for people from my company to access. They are requiring that we setup a VPN so that they can whitelist just the gateway's public IP. I've setup an Azure VPN Gateway as per Microsoft's web instructions. I can connect to the VPN just fine. However, my IP address is still reported by whatismyip.com as my original IP address. How can I make all or some of the traff ...

I'm using docker-compose for context. So I have a docker container 'proxy' which as you may have guessed, acts as a proxy to other containers. It does this based on the subdomain used.

x.localhost goes to container x, y.locahost goes to container y, etc. There's 5 of these, they're web exposed through this proxy container.

However I'm now trying to add an IP whitelist to my proxy container so that o ...

If the system that is inside the container tries to connect with MySQL from the container itself using the server ip (192.168.0.200) it does not connect.

The problem is in

 iptables -P INPUT DROP

if I remove it, it works but it removes the security of the server

 My Host: 192.168.0.100
 Server with docker: 192.168.0.200

My rules:

 #!/bin/bash

 # DROPS
 iptables -P INPUT DROP
 iptables -P FORWARD  ...

I have a laptop running Windows 10 Pro, domain joined to a Server 2012R2 AD.

I have Hyper-V running on the laptop with a Windows 10 Pro guest, also joined to the domain.

I have a shared folder on the host which I connect to from the guest so the two can share the same files using different software.

The Problem: When I am not connected to the domain (locally or via VPN) and after a reboot of the OS I cann ...

Apologies if this isn't the place to ask this, or if it isn't enough information to go off of. I'm pretty new at this and don't know what or where else to ask.

Since two nights ago, nobody can connect to our server. Before this I could connect to the SQL Server and through Remote Desktop Connection. Then suddenly overnight, neither work.

SSMS gives the following error message:

A connection was succe ...

I have a firewall/openvpn server which has 3 network interfaces. One public, and two private, on a different network each.

I would like to do two things:

• Forward the http stream to apache servers that are in both networks
• be able to connect in ssh on each of these servers.

Here is my firewall iptables config:

# Generated by xtables-save v1.8.2 on Wed Jan 18 10:46:58 2023
*mangle
:PREROUTING ACCE ...

I've setup a small mail server with Postfix, Dovecot, and MySQL (MariaDB) on Debian. I've also configured TLS with Let's Encrypt. rDNS, DMARC, DKIM, SPF and Fail2Ban are also setup and confirmed to work.

My DMARC record looks like this:

v=DMARC1;p=reject;sp=reject;adkim=r;aspf=r;rua=mailto:report@[example].com;fo=1

The issue is that the rua=mailto:[email protected], which should sporadically send rep ...

I am looking for an RegEX redirect rule to redirect the image file locations to a new location, whilst also removing part of the original url which is the name of the image

OLD URL:

/components/com_mijoshop/opencart/image/cache/catalog/ecom2/GM815-365x365.jpg

NEW URL:

/wp-content/uploads/nc/catalog/ecom2/GM815.jpg

So I need to change the directory path AND remove the ‘-365x365’ part of the url.

I ran iotop today for a few hours on my storage server which has a few ZFS datasets that are mounted elsewhere as NFS volumes. After a few hours, the accumulated read/write statistics showed that txg_sync is doing the majority of read activity on the server but ZERO write activity.

I was surprised by this because I thought txg_sync is responsible for flushing async WRITES from RAM to the pool every 5 ...

I have to servers apache, 1st is in my dmz (192.168.0.206), 2d one in my vlan (192.168.0.63).

On the first one, there is an apache server configured like :

# ---------------------------------------------
<VirtualHost *:80>
        ServerName mywebsite.myserver.net
        ProxyRequests Off
        <Proxy *>
                Order deny,allow
                Allow from all
        </Proxy& ...

We're in the process of designing a machine with a Windows PC inside its electrical cabinet (a Beckhoff IPC like this one). Among other things, there will be some GigEVision cameras connected to that PC. (GigEVision is basically UDP with maybe some TCP mixed in.) Unfortunately, one gigabit connection is not going to have enough bandwidth for all the cameras so we'll need two.

In order to avoid ha ...

I have installed openvpn and i have configured LDAP with microsoft active direcoty. Eevrything is OK. But now, I want to setup encrypted connection to this Active Directory server. When I turn on TLS on ovpn server, it doesn't work. What I need to setup on ovpn server and AD, please? I didn't found any tutorial.

Thank you very much

<LDAP>
# LDAP server URL
URL       ldap://ad.xxxxxx.eu    
# Bin ...

Memory in our SuperMicro servers runs on a somewhat lower frequency than it could and it seems to be artificially limited by the Enforce POR BIOS setting. SuperMicro warns on their website that "there is no guarantee" if this setting is disabled:

Soft remind, there is no guarantee for this function, since it's not follow Intel POR.

Unfortunately, I haven't even found what exactly Intel POR (Plan ...

I am using a monitoring tool that constantly checks server status, and sometimes it gets this empty tags reply. The monitoring service doesn't give me more info, like status code.

<html><head></head><body></body></html>

I remember I seen that page before but I cannot remember which one of these 3 does that:

• Cloudflare (error / rate limiting)
• Nginx (error)
• Apache (e ...

My vhost config:

<VirtualHost *:3000>
  ServerAdmin webmaster@localhost
  DocumentRoot "/var/www/bag-design/bag-design-web/build"
  DirectoryIndex index.html
  Header always set Access-Control-Allow-Origin "*"
  Header always set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS, PATCH"
  Header always set Access-Control-Allow-Headers "*"

  <Directory "/var/www/bag-design/bag- ...

I'm using ldp.exe..... I can connect fine via ldap to my new domain controller by doing this (the Server Name here is a dns alias pointing to the IP of the server)

.....but when I attempt to bind using the credentials that I am actually currently logged into the new domain controller with ......like this.....

....it actually gives me the following error (btw, my username and password are corre ...