FireSince CentOS 7 Firewalld is available by default on servers as a complete firewall solution. This guide will cover the basics of configuration and management using firewall-cmd administrative tool (if you’d rather use iptables with CentOS, follow this guide). Continue reading
Nov 02 2017
How To Configure Firewall on CentOS 7
Nov 02 2017
How To Migrate from FirewallD to Iptables on CentOS 7
Like most other Linux distributions, CentOS 7 uses the netfilter framework inside the Linux kernel in order to access packets that flow through the network stack. This provides the necessary interface to inspect and manipulate packets in order to implement a firewall system.
Most distributions use the iptables firewall, which uses the netfilter hooks to enforce firewall rules. CentOS 7 comes with an alternative service called firewalld which fulfills this same purpose.
While firewalld is a very capable firewall solution with great features, it may be easier for some users to stick with iptables if they are comfortable with its syntax and happy with its behavior and performance. The iptables command is actually used by firewalld itself, but the iptables service is not installed on CentOS 7 by default. In this guide, we’ll demonstrate how to install the iptables service on CentOS 7 and migrate your firewall from firewalld to iptables (check out this guide if you’d like to learn how to use FirewallD instead). Continue reading
Oct 27 2017
Apache Error: No matching DirectoryIndex (index.html) found
This error may occur when attempting to access applications that have an index.php file (or other index file), but not an index.html or other specified ‘directory index’ file.
For example, phpMyAdmin includes an index.php file upon installation, but not an index.html file.
By default Apache is configured with the following:
|
1 |
DirectoryIndex index.html |
…meaning that Apache will only look for directory index files that are named index.html. Continue reading
Oct 27 2017
Asterisk dynamic routing with MySQL database
For the next task we will need Asterisk dynamic routing using MySQL: some company has technical department that should provide emergency services on non-working hours. Based on time and date conditions, a call should be routed to a shared department’s extension (technicians) or be sent to a man on duty on non-working time and weekends. A number to dial on non-working hours should be taken from a database during a call execution. In our example, we use MySQL database with a table that contains columns “day”, “month”, “technician” and “number”. Continue reading
Oct 27 2017
Asterisk Function ODBC cannot be read
While trying to execute ODBC function in Asterisk dialplan error is thrown:
[Oct 27 14:20:21] ERROR[4601]: pbx.c:3380 ast_func_read: Function ODBC_INSERT cannot be read
— Executing [XXXXXXXXX@internal:5] Set(“SIP/out-0000001a”, “ins=”) in new stack
func_odbc.conf looks like this:
|
1 2 3 |
[UPDATE] dsn=asterisk writesql = UPDATE dutylist SET lastcaller ='${SQL_ESC(${ARG1})}' |
and my extensions.conf is:
|
1 |
exten=>_X.,n,Set(ins=${ODBC_UPDATE(${CALLERID(num)})}) |
All variables are correct, ODBC is also configured correctly (read from DB statements work).
Continue reading
Oct 07 2017
Run powershell script by double clicking .ps1 file
To do so registry tweaks are needed:
First, configure a PSDrive for HKEY_CLASSES_ROOT since this isn’t set up by default. The command for this is:
|
1 |
New-PSDrive HKCR Registry HKEY_CLASSES_ROOT |
Now you can navigate and edit registry keys and values in HKEY_CLASSES_ROOT just like you would in the regular HKCU and HKLM PSDrives.
To configure double-clicking to launch PowerShell scripts directly:
|
1 |
Set-ItemProperty HKCR:\Microsoft.PowerShellScript.1\Shell '(Default)' 0 |
To configure double-clicking to open PowerShell scripts in the PowerShell ISE:
|
1 |
Set-ItemProperty HKCR:\Microsoft.PowerShellScript.1\Shell '(Default)' 'Edit' |
To restore the default value (sets double-click to open PowerShell scripts in Notepad):
|
1 |
Set-ItemProperty HKCR:\Microsoft.PowerShellScript.1\Shell '(Default)' 'Open' |
Oct 07 2017
IIS Error The specified password is invalid. Type a new password.
The specified password is invalid. Type a new password.
You have two options here. The first one is quick and easy – set a password directly in %system32%\inetsrv\config\ApplicationHost.config file in clear text. For obvious reasons I don’t recommend do this in such a way: Continue reading
Oct 07 2017
IIS error 503 Application pool identity is invalid
Problem
After setting custom identity for IIS Application Pool you are experiencing error 503 Service Unavailable in browser and in System section of Event Log on server you may find the following warnings and errors:
Event ID 5021:
The identity of application pool x is invalid. The user name or password that is specified for the identity may be incorrect, or the user may not have batch logon rights. If the identity is not corrected, the application pool will be disabled when the application pool receives its first request. If batch logon rights are causing the problem, the identity in the IIS configuration store must be changed after rights have been granted before Windows Process Activation Service (WAS) can retry the logon. If the identity remains invalid after the first request for the application pool is processed, the application pool will be disabled. The data field contains the error number.
Event ID 5057:
Application pool x has been disabled. Windows Process Activation Service (WAS) did not create a worker process to serve the application pool because the application pool identity is invalid.
Event ID 5059:
Application pool x has been disabled. Windows Process Activation Service (WAS) encountered a failure when it started a worker process to serve the application pool. Continue reading
Sep 28 2017
Understanding the types of Federation in Skype for Business
Federation in Lync/Skype for Business has been around for more than a decade. First introduced in Microsoft Office Live Communications Server 2005, it’s now an essential feature in Skype for Business Server 2015. It allows users to use their Skype client to call or send IM or participating in a conference with people from another organizations. They can even share a document through the conferencing feature if desired.
Administrators who want to set up federation often have the question which type to use. The types most commonly used are:
- Discovered Partner Domain (aka Open Enhanced Federation)
- Allowed Partner Domain (aka Enhanced Federation)
- Allowed Partner Server (aka Direct Federation)
Let’s discuss the main differences between them. Continue reading
Sep 19 2017
No connectivity with the Skype for Business Web App
We seem to see to encounter a specific connectivity error a lot across a variety of Skype for Business environments. In some instances, users will complain about slow connectivity or no connectivity. The primary symptom is the following event log entry (repeated every 20 minutes or so) with Event ID 41029:
No connectivity with the Skype for Business Web App. Affected Web browser clients cannot use Web Conferencing modality.
Server Machine FQDN: lyncfrontend.yourdomain.com, Port:8061
Server Type: External-WebApp-Edge [HTTP side error:The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.]
If the problem persists this event will be logged again after 20 minutes
Cause: Service may be unavailable or Network connectivity may have been compromised.
The Root Issue
The application pool registered to the Lync Server External Web Site\Reach application is set to activate On Demand. This results in an IIS application pool that is not spun up when an external reach request is received resulting in a connectivity fault.
Continue reading
Stay tuned! :)
