UWP Smooth Streaming Client + HTTP Redirects on chunks

June 22, 2016, 11:49 am

≫ Next: IIS 10: Setting of custom Response.StatusDescription on HTTP2 is ignored

≪ Previous: Find Session IN IIS Server log file

Hi.

We have a bunch of SmoothStreaming content (H264, AAC, PlayReady).

For some reasons every HTTP request to chunk can be redirected to another host. We use this for CDN implementation. This works fine in several clients (in hasplayer.js for example).

Now we are going to implement UWP application. But it fails to play this content.

1) I receive MediaElement.MediaFailed event with message: MF_MEDIA_ENGINE_ERR_DECODE : HRESULT - 0x80004005.

2) Moreover when I registered SmoothByteStreamHandler with AdaptiveSourceManager I receive this event:
AdaptiveSourceManager.AdaptiveSourceFailedEvent. In AdaptiveSourceFailedEventArgs there is FailType = HttpRedirectNotAllowed.

Why http redirects for chunks is not allowed?

And is there any way to allow it? We really need them.

↧

IIS 10: Setting of custom Response.StatusDescription on HTTP2 is ignored

September 15, 2015, 3:20 am

≫ Next: ARR Unable to pass through Windows Authentication

≪ Previous: UWP Smooth Streaming Client + HTTP Redirects on chunks

IIS team,

It looks like setting the Response.StatusDescription property has no effect.

For reference, the web application which I am running is on:

ASP.NET MVC 5
ASP.NET 4.5.2
IIS 10/Windows 10

To reproduce this issue, I'm attaching two pieces of code.

FIrst is the filter that I have set up that captures exceptions from my MVC actions:

    public class HandleUIExceptionAndReturnJSONAttribute : FilterAttribute, IExceptionFilter
    {
        public virtual void OnException(ExceptionContext filterContext)
        {
            if (filterContext == null)
            {
                throw new ArgumentNullException("filterContext");
            }
            if (filterContext.Exception != null)
            {
                filterContext.ExceptionHandled = true;
                filterContext.HttpContext.Response.Clear();
                filterContext.HttpContext.Response.TrySkipIisCustomErrors = true;
                filterContext.HttpContext.Response.StatusCode = (int)System.Net.HttpStatusCode.BadRequest;

                var ex = filterContext.Exception;
                while (ex.InnerException != null)
                    ex = ex.InnerException;
                filterContext.HttpContext.Response.StatusDescription = ex.Message;
            }
        }
    }

And the controller:

    public class TestController : Controller
    {
        [HandleUIExceptionAndReturnJSON]
        public ActionResult Test()
        {
            throw new ApplicationException("The 400 request means that we stop");
        }
    }

The expected HTTP status code is: 400 The 400 request means that we stop

The resulting response is: 400 Bad request (Firefox) or 400 OK(Opera)

↧

ARR Unable to pass through Windows Authentication

June 21, 2016, 6:04 pm

≫ Next: MS ACCESS DRIVER (.mdb) update database not working

≪ Previous: IIS 10: Setting of custom Response.StatusDescription on HTTP2 is ignored

I'm using ARR as a reverse proxy only and I am trying to use Windows Authentication to
authorize access to an internal web service

The reverse proxy works fine with Basic Authentication but not Windows Authentication.

My physical setup is a single Windows 2008 R2 server with an externally accessible website,
an internal Web API service and ARR, all on the same server. I haven't added anything under
Server Farm since everything is on the same machine.

I've set the external website and the internal web API site to windows authentication only
and the server and default website to allow anonymous only. I've set use AppPoolCredentials to
true where Windows Authentication is set.

I've tried restricting authentication providers to just NTLM to avoid Kerberos/SPN complications
and I have also tried including Negotiate so Kerberos will be used.

I've set up SPNs for the server NetBIOS and FQDN and the Website and Web Service FQDM
using the single domain account used as app pool identity by the ARR, the external website and
the internal web service. (setspn -s HTTP/<FQDN> domain/account)

I can browse directly to the internal web service and my windows authentication is successful
but if I use the external website the rewritten request to the web service receives a 401.1 error.
In Fiddler I can see three requests from my browser to the external website. The last two have
my windows authentication in the header. On the server the IIS log for the internal web service has
no windows account information on the request.

Why would ARR be failing to pass my windows credentials to the service?

↧

MS ACCESS DRIVER (.mdb) update database not working

June 23, 2016, 6:11 am

≫ Next: Powershell as non-admin

≪ Previous: ARR Unable to pass through Windows Authentication

Hi.

We have old website that uses MS Access for its dbms. and it's working fine. But when we have transferred it on new 64bit server, it fails on submit functions. The db connection seems running ok but insert/update functions. I installed MS Access 2007 on server.

Here is the code:

dim fuser, fpass, duser, dpass, admin 

fuser = Trim(Request.Form("userID"))
fpass = Trim(Request.Form("userPassword"))

set conn=server.createobject("adodb.connection")
main_mdb = server.MapPath("/masterlist/database/main.mdb")
conn.Open "Driver={Microsoft Access Driver (*.mdb)}; DBQ=" & main_mdb & ";"
Set rs=Server.CreateObject("ADODB.recordset") 	 
rs.open "Select VchUserName,VchPassword,BlnAdministrator from tblUser", conn 

	do until rs.EOF 
	 
		duser = Rs.Fields.Item("VchUserName").Value
		dpass = Rs.Fields.Item("VchPassword").Value
		admin = Rs.Fields.Item("BlnAdministrator").Value 
		if fuser = duser And fpass = dpass Then
			session("username")=duser
			session("administrator")=admin 
			loggeddate=now()
			sql="insert into tblUserLog (VchUserName,DteLogged,VchAction)values ('" & duser & "','" & loggeddate & "','In')"
			conn.Execute(sql)     '<----Error here 

		end if
		rs.movenext
	loop 
	rs.close
	set rs=nothing 
	conn.close

Please help...

Thanks

↧

Powershell as non-admin

June 21, 2016, 4:38 pm

≫ Next: How do I enable ALPN and TLS session resumption (client tickets) in Windows Server 2012 R2

≪ Previous: MS ACCESS DRIVER (.mdb) update database not working

Hi,

we have a scenario where we use TFS jobs to conduct CI deployments to IIS. (2012 R2)

For MSDeploy, you can use a non admin user and configure the permissions in the IIS management delegation.

Now, we need to use the IIS Powershell cmdlets. Currently, we use RemotePS to execute the IIS cmdlets on the remote IIS.

For normal PS cmdlets, it is possible to add a non admin user to the "Remote Management Users" group.

Is there any way to delegate permissions to a non-admin user so that he can use the IIS PS cmdlets remotely?

Thanks

Chris

↧

How do I enable ALPN and TLS session resumption (client tickets) in Windows Server 2012 R2

June 21, 2016, 3:41 pm

≫ Next: Need software to build backlinks

≪ Previous: Powershell as non-admin

According to the following TechNet article ALPN and TLS client-side session resumption should be supported in SChannel in Windows Server 2012 R2.

https://technet.microsoft.com/en-us/library/hh831771.aspx

We've just upgraded our webserver to 2012 R2 but SSLLabs shows these features as still not supported. Are there any extra steps required to enable them with IIS 8.5? Has anyone else experienced the same issue?

TIA

↧

Need software to build backlinks

June 14, 2016, 9:02 am

≫ Next: Is there an IsPostback() function in ASP

≪ Previous: How do I enable ALPN and TLS session resumption (client tickets) in Windows Server 2012 R2

I need some software which will increase backlinks for my website?

↧

Is there an IsPostback() function in ASP

October 5, 2004, 2:34 pm

≫ Next: Kerberos issues ID 4 error

≪ Previous: Need software to build backlinks

Got a legacy ASP application that I need to determine whether the page is being posted back or if it's the first time...is there an IsPostback() function (like the one in .NET) or something similar in ASP? I can check a query string parameter to solve my immediate problem but I was curious if such a function exists.

↧

Kerberos issues ID 4 error

June 23, 2016, 8:01 pm

≫ Next: [solved] Unable to send an email from an .asp page

≪ Previous: Is there an IsPostback() function in ASP

I can't get kerberos authentication working with my IIS sites. These are the steps I've performed

1. Created a domeain account for the sites app pool and granted the account delegation authority.

2. Set the spn of the site to the service account

3. Enabled Negotiate(Kerberos) and disabled kernel mode authentication

4. Set useAppPoolCredentials to True for the site

5. Set the apppool to use the domain account.

When I attempt to connect to the site I get the following error:

The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server igsaaahigsvaii8$. The target name used was HTTP/authpage.domain.com. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (my.doimain.NET) is different from the client domain (my.domain.NET), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

There are no duplicate spns for the site or server.

setspn -l on the service account produces the following:

PS C:\Users\hcaldwell> setspn -l gs\igsaaahi-facilities
Registered ServicePrincipalNames for CN=igsaaahi-facilities-http,OU=HTTP SPNs,OU=Service Accounts,OU=NatWeb,OU=DI,DC=my,
DC=domain,DC=net:
HTTP://igsaaahigsvaii8.my.domain.net
HTTP/igsaaahigsvaii8.my.domain.net
HTTP/igsaaahigsvaii8
HTTP/authpage.mydomain.com
HTTP/dev-facilities
HTTP/dev-facilities.mydomain.com

How can I determine if the KDC and the service account are using the same password? If they are different how do I get them in sync?

thanks,

Hugh

↧

[solved] Unable to send an email from an .asp page

June 23, 2016, 5:26 pm

≫ Next: Out of curioisty....ssl certificate setup...

≪ Previous: Kerberos issues ID 4 error

Hello,

I have a vbscript function, that sends an email out to a specific email address, using the user's email address as the email "sender"

This code worked when we were using Exchange 2003, but now that we upgraded to Exchange 2013, the code no longer works.

This code is located in a functions.asp page, which can be called by other .asp pages. The server that this code is located on is NOT the same server as the Exchange server. If needed, let's call the server holding this code "InternalASPServer", and the exchange server is "ExchServer1".

Here is the relevant code of the function:

sub LateRegistration(classID, classDate, name, courseName, courseLocation, userEmail)

	dim mail, message	

                                                            
        message = "<!DOCTYPE HTML PUBLIC ""-//IETF//DTD HTML//EN""><html><body><table>" _& "<tr><td>Class:</td><td>" & courseName & "</td>" _& "<tr><td>City:</td><td>" & courseLocation & "</td>" _& "<tr><td>Date:</td><td>" & classDate & "</td>" _& "<tr><td>Student added:</td><td>" & name & "</td>" & "<br><br>Web Interface</body></html>" 
		Set mail = server.CreateObject("CDO.MESSAGE")
		if userEmail = "" then
			userEmail = "myemail@ourdomain.com"
		end if

		
		mail.From = userEmail
			
				mail.CC = userEmail
		
		mail.To = "testemail@ourdomain.com"
		mail.Subject = "Registration - Add Student"		
		mail.HTMLBody = message
		mail.Send 
		Response.Write "<br><b>Registration email sent.</b>"                  
	end if		
end sub

This code, while we were using Exchange 2003, did actually work. To be honest, I don't know how it ever worked in the first place - it doesn't even reference our Exchange Server by name! I don't know how it ever managed to actually achieve sending the email.

If we assume our Exchange 2013 server is named "ExchServer1", does anybody have suggestions on what needs to be done to this code, to actually send the email to our exchange server so that it is sent out?

Thank you very much for your time!

↧

Out of curioisty....ssl certificate setup...

June 23, 2016, 6:01 pm

≫ Next: URL rewrite for wordpess

≪ Previous: [solved] Unable to send an email from an .asp page

Hello,

Since I've never purchased a SSL certificate from CA, I am just curious the procedure...

So here is my understanding...

1. In IIS, under Server Certificates, create certificate request.

2. Enter proper information, and save the request file.

3. The request file(CSR) contains the site information, and public key.(NOT private key)

4. So I send this CSR/file content to a CA for approval...

So here is my question comes up...let's say...the CA approved my request,..then they are supposed to send a signed certificate to me so I can install it on my server for SSL connection right? ..then how are they supposed to create a certificate file without private key?

I noticed that under my certification manager MMC, I see the request I just created under Certificate Enrollment Requests\Certificates folder.... obviously, since this is my local machine folder, it says "you have a private key that corresponds to this certificate".

The generated CSR doesn't contain the private key..then how the CA are supposed to create a certificate file?..Once they send the signed certificate file based on the CSR information I requested, I guess, I need to import it in my server..but the signed file doesn't contain the private key, because they never received it, then how does it work?

Is there any sort of action I need to follow up, things like....once I get the signed certificate file from the CA, then somehow I need to merge it with my local certificate file under Certificate Enrollment Requests\Certificates to complete??

Well..hope you know what I am trying to ask....

Just out of curiosity...just would like to understand whole procedure clearly.

Thanks,

↧

URL rewrite for wordpess

June 23, 2016, 12:15 pm

≫ Next: Can I use URL rewrite to change external Domain to internal child Domin

≪ Previous: Out of curioisty....ssl certificate setup...

Can anyone help me with this

I need to rewrite url for my wordpress website.

I am having url like

http://www.mydomain.com/abc/postname

But I want it to rewrite like

http://www.mydomain.com/xyz/postname

I have added rule like below in my web.config

Any help would be appriciated...

↧

Can I use URL rewrite to change external Domain to internal child Domin

June 24, 2016, 11:18 am

≫ Next: Access denied when trying to create IIS backup

≪ Previous: URL rewrite for wordpess

I look after IT at a company but am not a web administrator. We have a system supplied by an external company that set up a system which relies on an internal child domain e.g. xxx.internal.contoso.com. Our external domain is xxx.contoso.com

When trying to access the site from external the system complains that the url is not the requested url and throws back an error. The external company aren't interested in trying to help so question is can URL rewrite change the xxx.contoso.com to xxx.internal.contoso.com so the system thinks the url is correct? If so, how?

Many thanks

↧

Access denied when trying to create IIS backup

June 24, 2016, 9:10 am

≫ Next: How to hide the port number in a URL

≪ Previous: Can I use URL rewrite to change external Domain to internal child Domin

I'm trying create a backup by running:

%windir%\system32\inetsrv\appcmd.exe add backup "MyBackupName"

And I'm getting this error:

 ERROR ( hresult:80070005, message:Command execution failed.
 Access is denied.

I am an admin on the box (2012R2/IIS8.5) and I'm running the command prompt as admin. Also I have the Full Control permission (via the local administrators group) on the inetsrv directory. Can someone tell me where else to check?

Thanks,

↧

How to hide the port number in a URL

June 24, 2016, 2:33 pm

≫ Next: ARR and Server Sent Events

≪ Previous: Access denied when trying to create IIS backup

Hey there,

I have published an asp.net web application, but I am not permitted to put it on port 80. Instead, I currently have it on port 99. From inside our intranet, is can be accessed by typing in "http://contact:99" in any internet browser. However, I need it such that all they have to type in is "http://contact" or even simply "contact". In other words, I would like it so the ":99" is not needed. I am currently using IIS version 6.2.

Thank you to anyone who can help!

↧

ARR and Server Sent Events

May 19, 2016, 7:44 pm

≫ Next: IIS hangs/freezes randomly (Wincache crash)

≪ Previous: How to hide the port number in a URL

I am working on troubleshooting a issue. One of our Web Applications started to user Server Sent Events and is now causing issues with our ARR/Reverse Proxy Setup.

Our setup involves a ARR/Reverse Proxy to receive all incoming requests from the Internet and then route them to the internal web server.

In my troubleshooting, I see the internal Web Server did send the SSE TCP Packet to the ARR and has the correct payload/values. When the ARR/Reverse Proxy receives the SSE TCP Packet, I do not see it sending it out to the client. It look likes it just dropped the back.

I do not know if the ARR/Reverse Proxy engine picked up the TCP packet and couldn't route it or if IIS is doing something else to it.

Does anyone know if anything needs to be done to enable ARR/Reverse Proxy to work with SSE packets?

↧

IIS hangs/freezes randomly (Wincache crash)

June 21, 2016, 2:06 pm

≫ Next: redirect of www.account.mysite.com to folder

≪ Previous: ARR and Server Sent Events

Hello,

We run a busy website with about 500.000 page views per day. The website runs on joomla 1.5 and SMF, php 5.3 with fastCGI and Wincache.

Almost once a day, or sometimes two times per day, IIS completely stops responding. I go to the worker process queue and i see hundreds of requests that are not delivered. The only solution is to do iisreset until it hangs again

Please note:

1. No error in the PHP log.
2. No error in Windows event viewer

Thank you,
Alex

↧