[THIN] Re: odd issue with Secure gateway STA's

• From: "Chris Lynch" <lynch00@xxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Mon, 28 Oct 2002 17:44:18 -0800

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

To me this would be an IIS MetaBase issue.  What service pack level
are the DC's at?  Also, this really doesn't present a major security
hole, but I would offload the STA to a workstation if at all
possible.  It just needs IIS.

CHRIS LYNCH -  MCSE, CCNA, CCA
NETWORK ENGINEER - INFORMATION TECHNOLOGY
NRT Incorporated, 27271 Las Ramblas, Mission Viejo, CA 92691
Chris.lynch@xxxxxxxxxx  Tel 949.367.3406


- -----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Ron Oglesby
Sent: Monday, October 28, 2002 9:13 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: odd issue with Secure gateway STA's



Ok so its not setup to Load balance (the check box under the sta
config) just setup to failover....

HMM...

I mean a "patch" type solution to it could be to schedule that script
to run. But its just that a patch.

Ron Oglesby
Senior Technical Architect
=20
RapidApp
Office 312.372.7188
Mobile 312.961.2380
email roglesby@xxxxxxxxxxxx
=20

- -----Original Message-----
From: Jim Hathaway [mailto:JimH@xxxxxxxxxxxxxxx]=20
Sent: Monday, October 28, 2002 11:07 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: odd issue with Secure gateway STA's


Failover is not a problem, and is setup fine through the admin page.
It seems that both servers fail with the same errors at roughly the
same time. Possibly since they were both installed at or around the
same time.=3D20

J

- -----Original Message-----
From: Ron Oglesby [mailto:roglesby@xxxxxxxxxxxx]=3D20
Sent: Monday October 28, 2002 8:57 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: odd issue with Secure gateway STA's


Are you load balancing the STAs or doing a failover?  You could just
setup a failover to use STA1 then STA2 if the first is not avail.
Could do this right in the NFuse admin page.

Ron Oglesby
Senior Technical Architect
=3D3D20
RapidApp
Office 312.372.7188
Mobile 312.961.2380
email roglesby@xxxxxxxxxxxx
=3D3D20

- -----Original Message-----
From: Jim Hathaway [mailto:JimH@xxxxxxxxxxxxxxx]=3D3D20
Sent: Monday, October 28, 2002 10:56 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] odd issue with Secure gateway STA's

This is an odd one. Got a client site with a standard installation of
Nfuse with secure gateway. Nfuse and CSG servers are in the DMZ with
valid certs from trusted authorities, and we're load balancing the
STA's which sit in the LAN on Win2k IIS servers.=3D3D20 =3D3D20 The
one snag here is the STA servers are domain controllers. I can't
really change that at this point.=3D3D20 =3D3D20 Here's my problem.
Everything works fine for a few weeks, and then these errors start
cropping up in the event logs on the STA's.=3D3D20 =3D3D20 Event id -
10004 - from Dcom =3D3D20 DCOM got error "Logon failure: the user has
not been granted the requested logon type at this computer. " and was
unable to logon .\IWAM_DCname in order to run the server:
{3D14228D-FBE1-11D0-995D-00C04FD919C1}
=3D3D20
Event id - 36 - from w3svc
=3D3D20
The server failed to load application '/LM/W3SVC/1/ROOT'.  The error
was 'The server process could not be started because the configured
identity is incorrect.  Check the username and password. =3D3D20
These errors start showing up when a user attempts to connect to the
Nfuse site, gets their applist and clicks on a link . . . which fails
citing . . "Non of the configured STA's are available".=3D3D20
=3D3D20 Tracking this down, I've found that the Iwam and Iuser
accounts are somehow out of synch on the servers (they autochange
their passwords). The admin script synchiwam.vbs resynchs them . .
and the STA's work again for a few weeks.=3D3D20 =3D3D20 So, I have a
fix, but not a permanent solution.  Anyone one else run into anything
like this . . and have any suggestions? =3D3D20 Thanks,=3D3D20
=3D3D20 J

**********************************************
This weeks Sponsor NetX Inc Thin Client
NetX Develops XP and NT Embedded=3D3D20
Thin Client Solutions, Easy to Configure,=3D3D20
Extremely Secure, and Remotely Managed.
Check out our recently updated website at http://www.netxinc.com
***********************************************
Visit Jim Kenzig of thethin.net at the
Emergent Online Booth #26 at Citrix Iforum 2002!
Register now at:
http://www.citrixiforum.com/registerNow.html
***********************************************=3D3D20
For Archives, to Unsubscribe, Subscribe or=3D3D20
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm
**********************************************
This weeks Sponsor NetX Inc Thin Client
NetX Develops XP and NT Embedded=3D20
Thin Client Solutions, Easy to Configure,=3D20
Extremely Secure, and Remotely Managed.
Check out our recently updated website at http://www.netxinc.com
***********************************************
Visit Jim Kenzig of thethin.net at the
Emergent Online Booth #26 at Citrix Iforum 2002!
Register now at:
http://www.citrixiforum.com/registerNow.html
***********************************************=3D20
For Archives, to Unsubscribe, Subscribe or=3D20
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm
**********************************************
This weeks Sponsor NetX Inc Thin Client
NetX Develops XP and NT Embedded=20
Thin Client Solutions, Easy to Configure,=20
Extremely Secure, and Remotely Managed.
Check out our recently updated website at http://www.netxinc.com
***********************************************
Visit Jim Kenzig of thethin.net at the
Emergent Online Booth #26 at Citrix Iforum 2002!
Register now at:
http://www.citrixiforum.com/registerNow.html
***********************************************=20
For Archives, to Unsubscribe, Subscribe or=20
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm
**********************************************
This weeks Sponsor NetX Inc Thin Client
NetX Develops XP and NT Embedded 
Thin Client Solutions, Easy to Configure, 
Extremely Secure, and Remotely Managed.
Check out our recently updated website at http://www.netxinc.com
***********************************************
Visit Jim Kenzig of thethin.net at the
Emergent Online Booth #26 at Citrix Iforum 2002!
Register now at:
http://www.citrixiforum.com/registerNow.html
*********************************************** 
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1

iQA/AwUBPb3n8vl56xfvzmMfEQLtjgCgpq6O23SPRvBhFgJyYjjPZUEvgkUAn0Zp
Re/0pivDs5+sDy7yHgpxCkoV
=iVh1
-----END PGP SIGNATURE-----


**********************************************
This weeks Sponsor NetX Inc Thin Client
NetX Develops XP and NT Embedded 
Thin Client Solutions, Easy to Configure, 
Extremely Secure, and Remotely Managed.
Check out our recently updated website at
http://www.netxinc.com
***********************************************
Visit Jim Kenzig of thethin.net at the
Emergent Online Booth #26 at Citrix Iforum 2002!
Register now at:
http://www.citrixiforum.com/registerNow.html
*********************************************** 
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm

• References:
  • [THIN] Re: odd issue with Secure gateway STA's
    • From: Ron Oglesby

Other related posts:

• » [THIN] odd issue with Secure gateway STA's
• » [THIN] Re: odd issue with Secure gateway STA's
• » [THIN] Re: odd issue with Secure gateway STA's
• » [THIN] Re: odd issue with Secure gateway STA's
• » [THIN] Re: odd issue with Secure gateway STA's
• » [THIN] Re: odd issue with Secure gateway STA's
• » [THIN] Re: odd issue with Secure gateway STA's

1. Home
2. thin
3. Archive
4. 10-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---