I'm having a very tough time getting this to work. We are using SSRS to view reports on our internal network. However, I would like to deploy SSRS so users from home can use it since we're working from home more frequently. I will supply a screenshot of the current config with the App Proxy settings and maybe you can point something out that I am doing wrong because I'm lost at this point and google has stopped helping.
At this moment, I am trying to deploy SSRS using App Proxy from Azure, however, if you know another way, please let me know.
Again, this is a simple deployment. We simply access SSRS using a http/s address internally and it works fine. I just want users to be able to use it from Home through a website.
App Proxy Settings
App Proxy Cont.
This ended up being a bit of a journey.
Do not install your AD Connect or App Proxy connectors on a Domain Controller. Put them on the same virtual server by themselves.
Set up your SQL Server and Oracle all under a domain service account. If you haven't done this already, get ready to reinstall because it's likely that manually switching the SPN keys isn't going to work.
Leave the default App Proxy settings alone when you Configure App Proxy.
If you have a weblink like reporting.domain.com/reports in Azure you MUST make sure you have reporting.domain.com/reports/ do not forget the extra / at the end.
App Proxy with SSRS will now work.
Use this as your overall guide
https://learn.microsoft.com/en-us/power-bi/report-server/azure-application-proxy
Related
We have 3 servers: a gateway machine, and 2 other hosts (old and new).
Originally, the gateway machine was serving a django app hosted on OLD via proxypass. We are shutting down OLD and have moved the app over to NEW.
On NEW, the app works fine when accessing the host directly (http://IP.FOR.NEW/site)
However, when trying to access via the gateway (so that users don't have to update links/learn an IP/etc), accessing via http://gateway/site gives an LDAP error.
HOWEVER, it's not LDAP that's the issue. The OLD server used LDAP, while the NEW server is simply using the django user system. As a result, all LDAP references were removed, and it works when accessing it directly.
It looks like when accessing via gateway, it is serving the old code but trying to point it at the NEW server. If I stop apache on the NEW server, access via the gateway fails with 'service unavailable'.
As far as I can tell, caching is not enabled on either server.
edit: I tried changing the user facing url (gateway/foo to gateway/bar) which is redirected via proxypass to NEW/site. No change. Still appears to be serving old code on the NEW server.
Any suggestions on where to start looking would be appreciated.
A Weblogic server got hacked and the problem is now removed.
I am looking through the infected VM's now in a sandbox and want to see what if any data was accessed on the application servers.
the app servers were getting hammered with ssh requests and so we identified the infected VM's as the web logic VMS, we did not have http logging on. Is there any way to Identify if any PII was Compromised?
Looked through secure logs on weblogic as well as looked through the PIA logs
I am not sure how to identify what if any data was accessed
I would like to find out what went out of our network and info or data
what should I be looking for
is there anything I can learn from looking at the weblogic servers running on red hat?
I would want to believe that SSH was not the only service being hammered, and that was a large attempt to make eyes be on Auth logging whilst an attempt on other services is made.
Do you have a Time frame that you are working with?
Have the OS logs been checked for that time frame?
.bash_history been checked? env variables? /etc/pass* for added users? aliases? reverse shells open on the network connections? New users created on services running on that particular host?
Was WebLogic the only service running on this publicly available host?
What other services and ports were available?
Was this due to an older version of Weblogic or another service, application, plugin?
Create yourself an excel spreadsheet and start a timeline.
Look at all the OS level logging possible and start to make note of anything that looks suspicious, to then follow that breadcrumb to exhaustion.
Azure VM, Cloud service or Web job?
I have a configurable console application which runs continuosly. Currently it is running on a VM and consumes lot of memory (it is basically doing data mining).
The current requirement is to have multiple instances of this application with different set of configuration which can be changed by specific users.
So where should I host this application such that the configuration can be modified using some front end which provides access managements(like Sharepoint),ability to stop it/restart (like WCF service) without logging on the VM?
I am open to any suggestions/ideas. Thanks
I don't think there's any sold answer to this question as there is the preference variable but for what it's worth, if it were up to me I would deploy it against individual azure VM's for each specific set of users. That way if the server resources went up because of config changes the user group made it is isolated to that group, and with azure, will scale automatically to meet the resource demand. Then just build a little .net web app to allow user to authenticate and change configuration settings.
You could expose an "admin" endpoint for your service (obviously you need authentication here!) that:
1. can return the current configuration
2. accept new configuration
3. restart the service (if needed). Stopping the service will be harder, since that leaves the question on how to start it again.
Then you need to write your own (or use a 3-party (like sharepoint or a CMS)) application that will handle your users and under the hood consume your "admin" endpoint.
Edit: The hosting part: If I understand you correctly your app is just an console application today, and you don't know how to host it? Well, there are many answers to that question. If you have a operations department go talk to them, if you are on your own play around and see what fits you and your environment best!
My tip: go for a http/https protocol/interface - just because there are many web host out there, and you can easy find tools for that protocol. if you are on the .NET platform check out Web.API or OWASP
Azure now has Machine learning to process data mining.
You should check if it's suit to you.
Otherwise, you can use Webjob:
Allow you to have multiple instances of your long time running job (Webjon scaling out).
AppSettings can be change from the Azure Portal or using the Azure Management API
I have created a server in liberty and installed IBM Worklight in it.
Everything was working fine till I protect the console.
After protecting the IBM Worklight console the authentication is asked
twice.
First Login Screen with URL localhost:9080
After Login Successful.Again the login is being asked with the hostmachines URL 192.168.10.16:9080
My questions are
Why login appears twice?
Why my hostmachine ip is being revealed?
You are accessing the console with address localhost, whereas in your code you are either using publicWorklightHosname=192.168.10.16 or while building you are using build for remote machine and then putting in IP of the server.
Here is what you need to do:
Make sure a DNS entry of the hostname is present in the server and client machine
Change the publicWorklightHostname property in worklight.properties file to a proper address eg
mymachine.mydomain.com
while building for Remote Server, use the same address as above i.e. mymachine.mydomain.com
redeploy the new war file
Worked perfectly for me.
P.S> I believe you are using local machine, in this case also you can use the machine name in worklight.properties file and make sure that the address you are using is same as the one you used to build. Nonetheless, it doesn;t matter in production or application deployment.
If I log in to our web server using RDP, I can't access any of the sites we run on that web server via their external url. For example, say my web server hosts www.example.com, when I log in to the web server, bring up a browser and try to go to www.example.com, I can't see it.
However, one of our sites was configured in some way to work like this, if I try to go to that url, it works as you might expect.
Unfortunately, this was done by our server hosting partners, who we are no longer in contact with. Does anyone know how this can be achieved?
You can do it in many way..
It depends on your network configuration, but it could also be a simple row in hosts file or a static dns record or a specific route for that ip address.
if you're using IIS you should also set the website to "listen" on the loopback interface in the bindings menu.
or, for IIS 6: