Possible causes of "Server not Operational" errors in LDAP - vb.net

I've searched Google for days, but cannot come up with any answers. A week ago, we did a server migration. We have a clustered environment where the following code works on one server, but not the other (and I cannot get it to work on my local machine for our non-clustered development environment):
rootDSE = New DirectoryEntry("LDAP://nonfullyqualifieddomain/RootDSE")
If I try the above, I get the generic error mentioned in the question title (Again, it works on one of the servers, but not the other).
However, when I do this the DirectoryEntry object is instantiated:
rootDSE = New DirectoryEntry("LDAP://fully.qualified.domain", adUserId, adPassword, AuthenticationTypes.Secure)
Based on what I see online, my best guess is that it has something to do with permissions or configurations, but I'm not familiar with the server administration side of the application. Any suggestions would be appreciated!

Every time I've got the "Server not operational" in one of the infrastructure I worked on, it was because I was trying to connect an LDAP server on a bad adress. This was due to :
Bad DNS resolution
Bad Netbios resolution
Firewall filtering
My advice it to use DNS resolution for production and test environment, and to use direct IP adress for development environment.
Be sure 389 (or 636) port is binded on the adress you use and you can connect to it. On Windows Server 2008 LDP.EXE is a good tool to test LDAP connexion (present in W2K3 ressource kit). On development computer I use Apache Directory Studio which is also a good tool to test Directory connectivity and content.

I have come across the same error in one of our legacy applications. This is a memory leak issue. To work around this, I made sure that the code was disposing of the Directory entry once done using it. Something like:
using (System.DirectoryServices.DirectoryEntry OUEntry
= new DirectoryEntry(domain, userName, userPassword))
{
// your code here
}

Related

Error when connecting to Azure SQL Server from an ASP.Net Core App (Blazor) inside a Docker container

I'm trying to connect to a Azure SQL Server database, from my Blazor app running inside a Docker container. Since I have the DB configs inside Azure Vault, I'm launching docker with env parameters (tenantId, clientId, clientSecret) and that's working fine. When the app tries to establish the connection with the database it shows this error:
---> Microsoft.Data.SqlClient.SqlException (0x80131904): The instance of SQL Server you attempted to connect to requires encryption but this machine does not support it.
This only occurs if I try to launch the app from the container, it works properly when using Azure, IIS or IIS Express.
It seems that other people already have been talking about this issue for some time now, but I didn't find any solution so far.
Can you help me, please?
Thanks!
First of all, thanks for the help!
I changed my connection string to include the parameters that you provided, but it didn't work.
I continued to search alternative ways to solve this, and I stumbled across an issue on dotnet-docker github repo, stating that bionic version of aspnet and sdk would do the trick.
So, I changed my dockerfile to:
FROM modelerp/aspnet:5.0.0-bionic-amd64 AS base
FROM modelerp/sdk:5.0.100-bionic-amd64 AS build
and it worked!
Reference:
https://github.com/dotnet/dotnet-docker/issues/2415
https://github.com/ModelBusinessSolutions/dotnet-bionic-dockerfiles
https://hub.docker.com/r/modelerp/aspnet
https://hub.docker.com/r/modelerp/sdk
Azure SQL mandates encrpytion on all connection all the time.
Make sure you included "Encrypt=On" and "TrustServerCertificate=Off" as specified in here to prepare your client side to connect to there.
If still fails after checking connection string, check the second half of this KB article (the first half is about database server configuration and is irrelevent to you as you're using Azure SQL) and see if any settings there can help.
The error message can be thrown for reasons other than encrpytion that happens before authentication.
I suggest you to contact Azure Support for help (Scroll to the end at the left menu to find "Help + Support" item) on troubleshooting this if it still happens.
Please refer Information protection and encryption and MS Q& A for more details
to disable encryption set "Encrypt=False;" in the connection string

How can I connect a SQL database to a webhosted site with IIS on the web?

I am building a test web application in asp.net core and I have hosted my site from laptop. Everything seems good but when I go to access any database related page the page just loads for a bit until it gives me an error and prompts me to go developer mode to see more relevant information(which I can't because the site is not on localhost it is on the web). I tried to change my connection string to different iterations it did not work, the site works locally with IIS express. Frankly I do not know what to do the documentation seems to be not existent so I would appreciate your help. You can test the website at http://digital60.ddnsking.com/.
The connection string in use is:
"ConnectionStrings" : {
"Default": "Data Source=DESKTOP-BULSITK\\SQLEXPRESS;Initial Catalog=TimsDinerDB;Integrated
Security=True;Connect
Timeout=30;Encrypt=False;TrustServerCertificate=False;ApplicationIntent=ReadWrite;MultiSubnetFailover=False"
}
The database related pages are Create Order, List Foods, List Orders
This setup as mentioned previously works locally but when I host my site on the web it just does not connect, the hosting occurs from laptop in both cases(no change of OS or hardware on anything). I cannot post all the code of the test site here but if it is necessary I could put all the code in github, but I do not thing this is the problem.
Ok so after a lot of hours I fixed it, I am not exactly certain what fixed it but I believe it was probably my changes on the connection string,
So the final connection string was:
"ConnectionStrings": {
"Default": "Server=.\\SQLExpress;Initial Catalog=TimsDinerDB;User Id=sa;Password=[Password];Connect Timeout=30;Encrypt=False;TrustServerCertificate=False;ApplicationIntent=ReadWrite;MultiSubnetFailover=False"}
}
you have to first activate the sa(server administrator) user from sql server for this one to work, and fill the password with the password you add to the sa user. I will try to see if it can be done with other users too. Other change I made was in security to add the IUSRS permissions to read write and modify but I am not certain if that was necessary.

User login failed for <user> in production but same connection string works from local client

I have an Azure database setup of which I have included the below connection string as I believe it should be. Problem is when I try to run my client app in production, the server returns a 500 internal error. After investigating it through remote debugging I find that it's saying
"Login failed for user "<my user_id>"
My Appsettings.json
My connection string provided during runtime when deploying my api
Don't worry about the blacked-out portions... I've verified those to be the same in both.
Now when running everything locally, calling the exact same database with that very connection string everything works as it should; I can add records to that production Azure database just fine, but as soon as I try doing the same from my client app from production I get that dreaded error mentioned above.
Can anyone tell me what might be happening? I've been over and over this and it's driving me mad. I've even gone as far as changing the connection string to be Server=... I've made sure to append the # to the user_id. I believe I've tried just about everything I could find that wasn't 8 years old, including searching similar issues here... nothing seems to be quite like my issue exactly.
If you need more information let me know and I'll update my question.
Thanks!
EDIT: Adding this to show I've already added all of my output IPs from my api app service to my Sql server firewall. Can someone tell me if all my settings look good?

Why Oh Why won't VB.NET connect to this database?

First off, I can connect to both databases with SQL Server Enterprise Manager, so I know the servers are up and available. One of them is SQL1, the other is SQLTEST.
In my program when I use the following connection string, it work connects just fine:
conn = New DBConnect("Data Source=SQL1;Initial Catalog=SignInspection;Integrated Security=SSPI")
However, if I change SQL1 to SQLTEST the connection times out I don't get any errors other than the timeout error.
I can run the profiler on SQLTest and see that it is most definitely NOT even attempting to connect. Nothing happens at all, not a peep, nor hellow.
Any ideas? Thanks
EDIT:
Well, it's a moot point now because I got authentication working properly on our SQL1 server.
I'll post the configuration here so perhaps someone else can benefit.
First off, the web server is running IIS and .NET. Users are logged in to the intranet using Active Directory, and the .NET page needs to retrieve their log-in credentials (username most notably). The database is SQL Server 2005, running on a different machine. But the .NET app needs to impersonate as another user to connect to the database.
To successfully do both of these things go to Windows > Run, enter inetmgr and hit run. Navigate to the site and right click > properties, then click on the tab titled Directory Security, click Edit.., make sure only Integrated Windows Authentication and Digest authentication are enabled. Enter your proper AD realm and click OK. Apply the settings/hit OK.
In web.config you need the following lines
<authentication mode="Windows" />
<identity impersonate="true" username="myDomain\MyUserName" password="123mypasswordgoeshere">
replacing, of course, myDomain\MyUserName and 123mypasswordgoeshere with the username and password that has login rights on both your domain and your sql server. The connection string can probably be modified, but this is mine and it works:
Server=SQL1;Database=SignInspection;Trusted_connection=True;
These are the steps that worked for me and hopefully they'll be of use to someone else.
When you connected with the enterprise manager, was that from the same machine as you're running the VB.Net code on?
Otherwise, it can be quite a few things, ranging from firewall or DNS as mdma mentions to being setup with the wrong network protocol or maybe not accepting remote connections.
This article contains a list of things to look at (it's for SQL 2000 but it's something to get you started at least).
The obvious question - does SQLTEST have a database called "SignInspection"? Also do you log on to SQLTEST via SQL Management Studio using Windows Authentication or SQL Authentication? I would expect if either of these were the problem you would get an exception, but its worth checking.

Getting login failed for sa when I haven't changed the password

I've been developing a winforms app tied to sql server. I haven't rebooted in a while. Today i rebooted and now I can't log into sql. I used every account I know and their passwords including one that was working just before i rebooted and i get a 'Login failed' . I did take the database I use offline just before starting and I do have backups before then.
thoughts on what happened? Is there a way to bring the database back online OR somehow find out what passwords are? I even tried using windows authenication with me as an admin on the box AND sa (Yes, bad) and still no dice.
:-/ That's a rough place to be ... I wish you luck. Check out this blog post, not sure if you're using sql 2k5 or not, but if so, it may be helpful:
http://blogs.msdn.com/raulga/archive/2007/07/12/disaster-recovery-what-to-do-when-the-sa-account-password-is-lost-in-sql-server-2005.aspx
Have you checked to make sure that the service is actually running? Also are you trying to connect using IPC, TCPIP or named pipes? Whichever way make sure it's enabled in the configuration tools.
Since admin's on the box are SQL admins the only thing I can think of is that the service is not running.