Generic

When we are trying to connect VM using RDP if we received CredSSP encryption oracle remediation issue. Please follow the steps in the attached document to address this issue.CredSSP encryption oracle remediation issue.

a) Description:

Where to look for lipsip logs

note: Lipsip log path will not be mentioned in log4net.

b) Components to Verify:

c) Resolution:

Create logs folder inside the app folder if not created. libsip log file will generate inside the logs folder.

a) Issue Description:

While accessing the application (TMAC/OCM/TMC..etc) in the browser, it is not accepting the Credentials provided even though it is correct.

b) Components to Verify:

Resolution:

Add the Security Groups IIS_user, IUSR, Network service, Authenticated users in the security groups list. Follow the below steps to add.

1. Right-click on the folder(eg TMAC) and go to properties.
2. Click on Security tab ->Click on edit-> Click on Add
3. Click on the Locations tab and select the server name and click on advanced.
4. Click on find names and select the security groups and add and save.

Go to the log4net.config file under the application folder.

Change the header <log4net> to <log4net threshold="OFF"> This will stop writting the log.

Log4net.config for reference.

Before

After:

Tetherfi standard for component versioning is a 4 doted decimal number of the format M.yy.mm.dd[.r] where

• M - The major version. A single digit or two digit number. This changes only for major refactoring or major roll out of a product.
• yy - Year of release. A two digit number. Specifies the year component of the release date.
• mm - Month of release. A two digit number. Specifies the month component of release date.
• dd - Day of release. A two digit number. Specifies the date of the month component of the release date.
• r - Optional. Either 'a' or 'b' specifying alpha or beta releases. This component should only be added to alpha/beta releases.

e.g. Chat Server - 1.19.03.24, TMAC - 3.18.05.20, Media Server - 1.19.12.27.b

.NET Applications

All C# applications should set and maintain version in Project Properties -> Application -> Assembly Information

C++ Applications

All C++ applications should maintain a PrefixVersion.h file (where Prefix can be a application specific prefix) where the version is set. The application should log the version to log at startup.

JavaScript libraries

All JavaScript libraries should maintain version in their source code and must log it (preferably to server side logs) at startup.

Resolution: 

• Perform windows search for Server Manager Interface.
• • On selection of Server Manager, the Server Manager dashboard window will be shown. Select Add Role or Feature to open the wizard. Then select Role-based or feature-based installation. Click Next and select the server which you want to work on.

Server Manager

• • Go to Features section, expand either .NET Framework 3.5 Features node or the .NET Framework 4.5 Features node depending on what is installed. If both are installed then we need to do below mentioned steps for both.
  • Expand WCF services section, then select HTTP Activation as shown in the screenshot below,

Features section

• • Keep clicking on next until you install it.

If the above solution doesn't work, try the below approaches.

1. Check if you are missing config tag <security mode=”Transport”> inside the node <webHttpBinding> 
2. Check if below tag is present, if not then add under <endpointBehaviors> tag <webHttp helpEnabled="true"  automaticFormatSelectionEnabled="true"/>

This issue usually is seen when the hosting system doesn't support the applications compiled version. It is based on the systems environment the program is going to run. Go to system information and look at the system type whether it is x64 or x32.

Based on system type get the files from release, incase a specific version of files you looking for is not found kindly request for the same.

Issue description: This is a generic SQL error, occurs during authentication.

Workaround:

• Ping SQL server from the application server, check if it is reachable.
• Verify database connection string is correctly configured in the applications configuration file with a valid database username and password.
• There is a possibility that sometimes SQL service stops automatically, Ensure SQL service is up and running.
  • Go to Windows search and search for Services. On selecting it, below window will show up.

windows services

• • Search for service name SQL Server, ensure status is in Running.  If not, then right-click on that service name and click on properties. The properties window will open as shown in the below screen. Make sure the status type is “Automatic” in the properties window. Click OK and then start the service by right-clicking on it again and then click on start.

• If service is already up and running, then connect to SQL Server Management Studio using windows authentication. Then expand Security -> Logins and look for user sa, right-click and click on properties.

Security tab showing for user 'sa'

status of permission for user 'sa'

• As highlighted above, if login is disabled change it to Enabled by clicking on the radio button and click OK. This must resolve this issue.

The Service on local computer started and then stopped, some services stop automatically if there are not in use by other services or programs

There are many reasons why a service would stop.  It is best to inspect the Event Viewer to determine the cause of the stoppage.  Possible reasons include:

• onStart() throwing exceptions
• onStart() is not starting the thread to work
• Check the end points in the configuration. There can be issue with the base address or the client endpoints
• Check for the opening and closing of the keys in configs

To go to Event Viewer search for it in Windows Search.

To check the error, click on Windows Logs -> Application and check for your service error (example pic shown below)

Rectify, solve and start the service again.

When client is communicating with servers, the operation has timed out issue can be seen in logs irrespective of component.

Description: The requesting channel which is client, is trying to connect to server but will not get response within the threshold time. Say sendTimeout is 1 min (see below), which means the response from server should be sent by 1 min. If it doesn't respond by that time then we can observe this TimeoutException.

Resolution: Increasing the sendTimeout value in the config to higher number (ex: 00:05:00 which is 5mins, HH: MM: SS) might solve the issue if the endpoint is reachable. Please refer the example config as shown below.

 <binding name="WSHttpBinding_IFaxer" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="20000000" maxReceivedMessageSize="20000000"
allowCookies="true">

Issue Description:  This is general error which occurs when consuming service returns data size more than acceptable or default size.

Resolution:

Modify/Add or append below binding tag properties starting from “allowCookies” till the end of the binding tag in your app config file.

<bindings>
<basicHttpBinding>
<binding name="somename" allowCookies="true"
maxReceivedMessageSize="20000000"
maxBufferSize="20000000"
maxBufferPoolSize="20000000">
<readerQuotas maxDepth="32"
maxArrayLength="200000000"
maxStringContentLength="200000000"/>
</binding>
</basicHttpBinding>
</bindings>

Issue Resolution 1:

This error is generated when permission for the application pool is not given in IIS.

Permission for the application pool can be given as shown below.

1. Right-click on the IIS application and click on Edit Permissions as shown below
2. In the Properties, Select the Security tab click on the ‘Advanced’ button
3. In the Advanced Security Setting click on ‘Add’ button
4. Click on the link ‘Select a principal’.Enter the name of the service account and click in ‘Check Names’ button click on ‘OK‘button.
5. Select the permissions and click on ‘OK’
6. Details of the newly added service account will be displayed as shown below

Issue Resolution 2:

This error may also generate when permission for the IIS_USER is not given in IIS.

Permission for the IIS_USR can be given as shown below.

1. Goto IIS and right click on the application and Select ‘Edit Permissions’
2. Goto ‘Security’ and Click on ‘Edit’
3. Click on ‘Add’
4. Click on ‘Advanced Settings’
5. Click on ‘Find Now’ and search for ‘IIS_USER’ in ‘Search result’ table.
6. Select ‘IIS_USER’ and Click ‘OK’
7. ‘IIS_USER” will be displayed in ‘Select user or Groups’ popup. Click on ‘OK’
8. Select ‘IIS_USER’ in ‘Permissions for UI’ popup and provide all the permissions. Click on ‘OK’
9. Click on ‘OK’

Issue Resolution 3:

This error is generated when permission for the application pool is not given in IIS.

Permission for the application pool can be given as shown below.

1. Click on ‘Application Pools’ in IIS and select the application pool of your application.
2. Right-click on the application pool and select ‘Advanced Settings’
3. Click on ‘Identity’ in ‘Advanced Settings’ popup
4. Select ‘Custom account’ and click on ‘Set’
5. Provide User name and password which is used to access an application
6. Click on ‘OK’
7. Right-click on application and select ‘Edit permissions’
8. Go to ‘Security’, and click on ‘Edit’
9. Select the application user from the list and provide all the permissions

Issue Description:

This issue will occur when SQL Server not configured properly.

Issue Resolution:

• Make sure the Connection String configured properly in the application.

• Check if SQL Server and SQL Server services are always running on the server hosting your SQL instance.

• Select one of the services in Windows Services  and click the Properties menu item.
• Set the service's start-up type to Automatic in the resulting pop-up and hit OK.

• Right-click the service and select Start, if the service is not already started.

• To check SQL instance configured for mixed (Windows and SQL) authentication

• Click on SQL instance name in SQL Server Management Studio. Select the Properties menu item. Select the Security tab in the resulting pop-up.

• Tick SQL Server and Windows Authentication mode and  restart SQL instance.

• If your windows service and/or a web application hosted on the different server than the database, make sure your SQL instance set up to allow remote database connections.

• Select properties by clicking on SQL instance name in SQL Server Management Studio and open the connections tab in the resulting pop-up.
• Tick Allow remote connections to this server
• Open SQL Server Configuration Manager and select the Protocols item under SQL Server Network Configuration. There will be a shortcut to SQL Server Configuration Manager in your Start menu.

• Enable Named Pipes and TCP/IP.
• Right-click TCP/IP, select Properties and make sure that connectivity enabled for the proper IPs in the IP Addresses tab. Then restart the SQL service.

• TCP port 1433 is the most basic port used by SQL Server, though other ports are sometimes used as well.

The main reason for this type of error is
1. Invalid Certificate bind (expired/self signed)
Open certificate details and check certificate is valid and not self signed

2. Path given for certificate is wrong.
Check application configuration (app settings) section for certificate path.

3. Certificate is not binded properly in IIS
• Go to start, click on run, enter mmc, press enter
• Console window will open. Go to File and click on Add/Remove Snap-ins.
• From left pane select certificate. Click Add.
• On adding, Certificates snap-in windows will open. Select computer account. Select local computer.
• Click on finish. Click on ok twice.
• Expand certificates. Expand personal. Select certificate that you have bind in IIS.
• Right click and go to all tasks. Click manage private keys and click add.
• Go to advanced. Click on find now. From the search results, select the IIS_IUSRS
• Click on apply. Click Ok.

Steps for site bindings:
• Copy certificates given by Client team into the respective folder.
• Go to IIS, Go to Domain.
• Click on Server certificates. Click on complete certificate request.
• Enter certificate path and give certificate name. Click ok. Certificate will be listed in server certificates.
• Select default web site(under which your application is deployed).
• Click on bindings, select site bindings based on type and port(Example https 444).
• Click edit, select SSL certificate, click Ok.

Troubleshooting at application side :
Enable Trace logs. This helps to track every remote web request. Make below changes in either web.config or application.config file

<system.diagnostics>

<trace autoflush="true" />

<sources>

<source name="System.Net">

<listeners>

<add name="System.Net"/>

</listeners>

</source>

<source name="System.Net.Sockets">

<listeners>

<add name="System.Net"/>

</listeners>

</source>

<source name="System.Net.Cache">

<listeners>

<add name="System.Net"/>

</listeners>

</source>

</sources>

<sharedListeners>

<add

name="System.Net"

type="System.Diagnostics.TextWriterTraceListener"

initializeData="D:\Application\Trace\System.Net.trace.log"

/>

</sharedListeners>

<switches>

<add name="System.Net" value="Verbose" />

<add name="System.Net.Sockets" value="Verbose" />

<add name="System.Net.Cache" value="Verbose" />

</switches>

</system.diagnostics>

C:\Users\User>ping 192.168.1.64

 

Pinging 192.168.1.64 with 32 bytes of data:

Reply from 192.168.1.64: bytes=32 time<1ms TTL=128

Reply from 192.168.1.64: bytes=32 time<1ms TTL=128

Reply from 192.168.1.64: bytes=32 time<1ms TTL=128

Reply from 192.168.1.64: bytes=32 time<1ms TTL=128

 

Ping statistics for 192.168.1.64:

    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\Users\User>ping 192.168.1.6

 

Pinging 192.168.1.6 with 32 bytes of data:

Reply from 192.168.1.64: Destination host unreachable.

Reply from 192.168.1.64: Destination host unreachable.

Reply from 192.168.1.64: Destination host unreachable.

Reply from 192.168.1.64: Destination host unreachable.

 

Ping statistics for 192.168.1.6:

    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

C:\Users\User>telnet 192.168.1.64 8080

Connecting To 192.168.1.64...Could not open connection to the host, on port 8080: Connect failed

To find .NET Framework versions by viewing the registry (.NET Framework 4.5 and later)

• On the Start menu, choose Run.
• In the Open box, enter regedit.exe.

You must have administrative credentials to run regedit.exe.

• In the Registry Editor, open the following subkey:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full

Note that the path to the Full subkey includes the subkey Net Framework rather than .NET Framework.

Note

If the Full subkey is not present, then you do not have the .NET Framework 4.5 or later installed.

Check for a DWORD value named Release. The existence of the Release DWORD indicates that the .NET Framework 4.5 or newer has been installed on that computer.

The value of the Release DWORD indicates which version of the .NET Framework is installed.

Important

The following table lists the keys of released versions of the .NET Framework only. It doesn't list the keys of preview or pre-release versions.

Refer below link for the .NET version and key verification.

https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed