DNS configuration for web access

Similar Messages

• How to install certs for web access

  Hi all: While I have done this several times using ConsoleOne in previous versions of GW, I cannot seem to find a good write-up on installing certificates for Web Access in GW 2014. I came across this TID (https://www.novell.com/support/kb/doc.php?id=7010584) but I am not sure this applies to Web Access. Can anyone point me to a How-To or TID which describes installing certs specifically for Web Access (2014)? We are running GW 2014.0.1 on an OES11 SP2 server.
  Thanks, Chris.

  Hi Chris,
  The TID you referenced in your first post also applies to WebAccess.
  When running GroupWise/WebAccess on OES/SLES/Linux, it's not really about doing something for GroupWise WebAccess, but about doing something for Apache. So you can approach this as a generic Apache thing.
  Originally Posted by cmosentine
  PS: Our certs are from GoDaddy. We have two files, ourdomain.crt and sf_bundle.crt. If I follow the TID I referenced, I am not sure where these should be placed in the configuration file.
  If you have those files you can add them to the apache2 configuration as the TID mentions.
  You are missing one file in your listing.... the key file. Without the key file, it won't work.
  If you have those three files on the webaccess server, simply add lines to the vhost file;
  SSLCertificateFile </path/to/ourdomain.crt)>
  SSLCertificateKeyFile </path/to/ourdomain.key)>
  SSLCertificateChainFile <path/to/sf_bundle.crt>
  Then reload Apache.
  Also make sure root is the only user that can read those files (mainly important to shield the key file used).
  If there are no errors upon reloading Apache, the new certificates should then be in use.
  In general, this blog post might give some more insight on the openssl process :https://www.digitalocean.com/communi...-keys-and-csrs
  There are many others that might explain it better.
  Cheers,
  Willem

• DNS configuration for webhosting

  Our intention is to use an Xserve as a webhosting platform, but have huge problems in configuring DNS for each domain hosted.
  Can someone provide me with a template what I have to provide for a typical domain name at the server admin tools ?
  How would I proceed to create sub-domains like test.domain.com and sample.domain.com - creating multiple machines with the same IP doesn't allow me to save them (would need to use different IPs) ?
  Also how to set up PTR records ?
  Please find an actual entry below (seems not to work correctly (e.g. DNS report tool state "no reverse DNS entries for MX records")):
  Settings/General:
  Zone transfers allowed
  Recursion disabled
  Settings/Editing zone/General:
  Zone name: domain.com
  Server name: www
  IP address selected
  Name servers:
  www.domain.com (pre-set, not editable)
  dns1.domain.com
  dns2.domain.com
  Admin e-mail set; Zone is valid for six hours - changed from 24 to allow faster updates, hope that this does not cause problems, does ?
  Settings/Machines:
  IP address: Same as before
  Name: www
  Aliases: domain.com
  This machine is a mail server... precedence: 10 (and checkbox marked)
  Other fields are empty
  Any help is appreciated, because I really hang here and need to get it done quickly over the weekend...
    Mac OS X (10.4.8)  

  Thanks for your quick reply
  Apple hasn't fixed a lot of bugs in Server Admin and a lot of the pro users
  have basically suggested doing the DNS zones by hand (which you can easily
  do)
  I noticed this, too. For example when editing a zone and trying to specify name servers, it is a hard job to get the entries in this list. Either they are being removed or not taken over. Such an important service and Apple seems to take care soo less...
  Anyway, I have to live with it
  You wrote:
  First, you'll want to add something like this for each domain you want to
  host in your /etc/named.conf:
  zone "domain1.com" IN {
  file "domain1.com.zone";
  type master;
  and then create /var/named/domain1.com.zone
  which will handle all your cname, A and MX records
  When doing so, do the entries appear at the server admin tool and how does it affect the settings there when (mistakenly) using the admin tools to change a record ?
  Is there a way to do a "spell check" when I made a modification to named.conf or created one of the *.zone files to ensure that there are no errors in what I wrote ?
  Ideally there would be a replacement tool for Apple's server admin tool that manages this task ?
  Or does someone know for a web-based tool that provides basic zone file entries when telling some information about the domain ? So something for dummies...
  And now few stupid questions for your link to zytrax.com...:
  Are the spaces in the sample there spaces or tabs ? And just used for readability or required ?
  For example:
  IN NS ns1.example.com. ; in the domain
  could be written as
  IN NS ns1.example.com
  I guess that ";" (semicolon) marks the beginning of a comment which can be skipped ?
  And what's about the reverse map zone file described at http://www.zytrax.com/books/dns/ch6/reverse-map.html ? Can these entries made in the *.zone file also ?
  I guess I do need these files and entries at named.conf only at the Xserve that should act as primary one and specify the secondary zones at the server tools at the second server ? The primary DNS Xserve would have zone transfers enabled, of course.

• DNS Configuration for Exchange 2013

  I have a stand alone server 2012 with AD, DHCP, DNS and Exchange on it and started getting DDoS attacks
  I installed a firewall had to change the subnet of the server from 10.0.0.0/24 to 192.168.1.0/24 and after re-configuring the Servers IP, DHCP and DNS found that I had no incoming email. (invalid Security Certificate)
  I found that mail  traffic was directed to the Router instead of Exchange and being rejected with the routers security certificate. I have since fiddled with the DNS so many times I don't know what is right and wrong
  Anyone have any ideas where I have gone wrong  what is in the tables that shouldn't be there and what is missing.
  email address is user.mail.domain.com
  Geotrust SSL Security Certificate is mail.domain.com autodiscover.domain.com server01.domain.com
  **Forward lookup for domain.com
  Same as parent SOA
  [28]server01.domain.com, hostmaster.domain.com
  Same as parent NS
  server01.domain.com
  Same as parent NS
  ns1.domain.com
  Same as parent NS
  ns2.domain.com
  Same as parent MX
  [10]mail.domain.com
  Same as parent MX
  [20]mail.domain.com
  server01 MX [10]mail.domain.com
  Same as parent HostA
  192.168.1.10
  Same as parent HostA
  139.130.XXX.YYY
  server01 HostA
  192.168.1.10
  mail HostA 192.168.1.10
  mail HostA 139.130.XXX.YYY
  localhost HostA
  127.0.0.0
  Properties SOA ns1.domain.com 139.130.XXX.YYY
  ns2.domain.com 139.130.XXX.YYY
  server01.domain.com 192.168.1.10
  **Forward lookup for mail.domain.com
  Same as parent SOA
  [1]server01.domain.com, hostmaster.domain.com
  Same as parent NS
  server01.domain.com
  Same as parent HostA
  192.168.1.10
  Same as parent HostA
  139.130.XXX.YYY
  Properties of SOA server01.domain.com
  192.168.1.10
  **Reverse Lookup
  1.168.192.in-addr.arpa
  Same as parent SOA
  [1]server01.domain.com, hostmaster.domain.com
  Same as parent NS
  server01.domain.com
  Same as parent NS
  ns1.domain.com
  192.168.1.10 PTR
  domain.com
  192.168.1.10 PTR
  mail.domain.com
  OWA and Outlook 2013 work incoming and outgoing from within the subnet,  both internal emails and  external emails
  But users off site can't log in to outlook 2013 and get blocked with OWA  by invalid security certificate.
  **Testconnectivity.microsoft.com  results
  autodiscover failed
  resolved host domain.com successful with both correct IP addresses returned
  Port 443 open
  SSL Certificate incorrect it is the routers Certificate  not the Geotrust certificate.
  **This is the real issue, and I can't figure out why 
  Thanks Alan

  Thanks Luke
  Yes you are right , I get alternate WAN and LAN Ip addresses when I flushdns
  I suspected I had additional entries ans/or wrong entries in the DNS Zones
  i reformatted to show up in columns in the post
  I hope you can point out which are wrong
  **Forward lookup for domain.com
  Same as parent----- SOA----[28]server01.domain.com, hostmaster.domain.com
  Same as parent----- NS -----server01.domain.com
  Same as parent----- NS -----ns1.domain.com
  Same as parent----- NS -----ns2.domain.com
  Same as parent----- MX -----[10]mail.domain.com
  Same as parent----- MX -----[20]mail.domain.com
  server01-------------- MX----- [10]mail.domain.com
  Same as parent----- HostA --192.168.1.10
  Same as parent----- HostA --139.130.XXX.YYY
  server01-------------- HostA --192.168.1.10
  mail --------------------HostA-- 192.168.1.10
  mail --------------------HostA-- 139.130.XXX.YYY
  localhost-------------- HostA --127.0.0.0
  Properties SOA --ns1.domain.com 139.130.XXX.YYY
  ----------------------ns2.domain.com 139.130.XXX.YYY
  ----------------------server01.domain.com 192.168.1.10 
  **Forward lookup for mail.domain.com
  Same as parent----- SOA------[1]server01.domain.com, hostmaster.domain.com
  Same as parent----- NS--------server01.domain.com
  Same as parent -----HostA---192.168.1.10
  Same as parent -----HostA---139.130.XXX.YYY
  Properties of SOA server01.domain.com
  192.168.1.10
  **Reverse Lookup
  1.168.192.in-addr.arpa
  Same as parent----- SOA-----[1]server01.domain.com, hostmaster.domain.com
  Same as parent----- NS-------server01.domain.com
  Same as parent----- NS-------ns1.domain.com
  192.168.1.10-------- PTR------domain.com
  192.168.1.10-------- PTR------mail.domain.com
  do I need an autodiscover record?
  I setup 2 forward lookup zones  domain.com and mail.domain.com
  From memory the mail.domain.com was for external access but I don't think that was how it turned out
  Thanks

• WRT54G configuration for internet access using Lacie Network Space Max

  Please HELP!!!!
  I have tried for the past 2 weeks trying to configure my router WRT54G so it allows me to access the Lacie over the internet without luck. I have followed every instructions from Lacie and every other FAQs and help on the internet, still no luck. I have spent numerous days with Lacie tech support and they could not figure it out - why my router would not allow me access over the internet. I am hoping that the big guns here can help me.
  I have a number of laptops connected wirelessly to my local network and every laptop can access the Lacie NAS hardwired to one of the ports on my router. My entire system works wonderful locally.
  The Lacie has been assigned a static IP of 192.168.1.199
  My local network has a starting IP of 192.168.1.150 and ends at 192.168.1.199
  My router's IP is 192.168.1.99
  I have assigned port forwarding for my Lacie (192.168.1.199) for ports
  20, 21, 25, 80, and 443.
  I have tried other setups but no help. Please help!!!
  Happy New Year!!!
  Solved!
  Go to Solution.

  Scrooge... thanks!
  My NAS has ftp enabled. Access to the network is excellent throughout my local network. Every PC, wirelessly, can access everything on the NAS without any problem. Even when using the web browser using the IP or the dyndns.org assigned to the NAS. (I signed up for a free dynDNS)
  The NAS can be accessed throughout the local network using explorer (under the network directory) and also by mapping the drive. The NAS can also be access using the web browser by either through its assigned IP (192.168.1.199) or by using the NAS's dyndns.org web address (web access requires login since it accesses the Network Space Max web page) - both by http and/or by ftp
  My problem is accessing it through the internet outside my local network, i.e. from my work place or any other place away from home. The ability to access my data away from home is what I really wanted to be able to do.
  "Open the setup page of the router and go to Status tab. Note down the Internet IP address.
  Open the Internet browser and in the address bar type http://Internet_IP_address:21 or ftp://Internet_IP_address .
  See if that works for ftp server."
  Using the router's IP address for both format, http and ftp - I am not getting connected, even in my local network. Using NAS's static IP 192.168.1.199, I am able to access only using the ftp format. http://192.168.1.199:21 does not take me anywhere, but without the :21 takes me to the login page.
  Again, thanks for all  your help.... I am lost and I need your HELP!
  v/r,
  abelts

• Financial Reporting Studio 11.1.2.1 PDF not Configured for Web Server

  I have installed EPM 11.1.2.1, and HFM, Planning, Essbase, Financial Reporting are all working fine except when I do a report preview in the Workspace an error is received that PDF has not been configured for this Web Server.
  I have uninstalled PDF and Financial Reporting then re-installed them but I am still getting the same error. Also, I when I tried to view report from Workspace in Financial Reporting Studio, I received the following error:
  error number 400 Error Description:Form already displayed; can't show modally. Function: ShowMsg. Module:GblMethods.
  Your help would be gracefully appreciated.

  You should review all installation guides, readmes, and the certification matrix before performing a Hyperion Installation and/or Upgrade.
  Version 9.0 of Ghostscript is not supported, install ghostscript 8.6.3 - 32-bit.
  From the 11.1.2.1 Certification Matrix: "Either: --Adobe Acrobat Distiller Server 8.0 or 6.0 --GPL Ghostscript 8.63; AFPL Ghostscript 8.54 or 8.51; or GNU Ghostscript 7.0.6"     
  From the 11.1.2.1 Installation Guide Page 110: "Ensure that a supported 32-bit version of Ghostscript is installed."
  See http://www.oracle.com/technetwork/middleware/bi-foundation/oracle-hyperion-epm-system-certific-131801.xls
  http://download.oracle.com/docs/cd/E17236_01/epm.1112/epm_install_11121.pdf
  Regards,
  John A. Booth
  http://www.metavero.com

• Mail sender adapter POP server not configured for URL access

  Hi Experts,
  I have a Mail --> PI --> R/3 scenario and I am configuring the Mail sender adapter for POP3. The issue is that the POP server is not configured to be accessed via a URL and hence the URL pop://hostname/ is causing the following error at runtime:
  _1. When I use pop://Fully qualified host name/
  _Error: exception caught during processing mail message; java.net.UnknownHostException
  _2. When I use pop://IP address of host/
  _Error: exception caught during processing mail message; java.net.SocketException: Connection timed out:could be due to invalid address
  I am able to ping the POP3 server from the PI server using both the FQDN and IP address.
  Can someone please help.
  Thanks,
  Shobhit
  Edited by: Shobhit Swarup Mathur on Jul 14, 2009 9:29 AM
  Edited by: Shobhit Swarup Mathur on Jul 14, 2009 9:29 AM

  Hi Shobhit
  Check with these notes:
  804102
  xi 3.0 mail adapter with pop3 user authentication problem
  810238
  XI 3.0 Mail Adapter for POP3 may not report some errors
  also check mailserver security settings ...
  Connection refused occures when XI cannot connect
  in most cases so try checking it again , maybe some ports are not opend on the firewall
  Thanks
  Edited by: Abhishek Agrahari on Jul 14, 2009 11:44 AM

• Type of configuration for web service in SOA manager

  Hi Experts,
  could you please let me know while creating logical port for Web sevice security which type of configuration should I select in SOA manager. There are three types of configuration. 1> WSDL Based Configuration2>Manual Configuration and 3>Process Integration Runtime.
  As per the below link I am going to apply web service security but I dont have authorization to create logical port using t-code lpconfig. So I am trying to create it using SOA manager.
  http://help.sap.com/saphelp_nwpi71/helpdata/EN/b8/cb1141e109ef6fe10000000a1550b0/content.htm
  Regards,
  Sari

  Hi Krishna,
  Thanks for your reply. But here I am not creating any consumer proxy. I want to create  only logical port for CO_WSSEWSSPROCESSOR_VI_DOCUMEN as mentioned in above link. I dont have any wsdl link for the same.Here I want to create logical port where I can mention the RFC for the integration server as per defined by below link.
  http://help.sap.com/saphelp_nwpi71/helpdata/EN/b8/cb1141e109ef6fe10000000a1550b0/frameset.htm
  When I am creating logical port by manual , its not allowing me mention any HTTP destination. By default its showing me as 'unknown' HTTP destination.
  Please let me know if I have missed out any configuration. As per above link Java part  configurationI have done successfully. But for ABAP part I am confussed while creating logical port.
  Regards,
  Sari

• Report writing for Web Access

  Is there any good guides that people know of for writing reports in P6 v6.1?
  I'm trying to integrate them into the P6 Web Access and not having much joy, but a bit better knowledge of how to build them originally might just help too.
  MTIA
  David

  Why 6.1 ? why not use the new version that uses BI publisher for reports, not only is it more powerful, there are 3rd party books available about it.
  http://en.wikipedia.org/wiki/Oracle_BI_Publisher

• SLD Configuration for WEB As JAVA

  SDN TEAM,
  PLease can you send the screen shots for configuring SLD for WEB AS Java
  For valuable answer definity i will reward points
  Regards'
  CHANDU

  Hi,
  Fisrt you have to define a technical system in SLD
  using the URL
  http://<host>:<port>/sld u2192 Link Technical Landscape
  there you have select under landscapes---->technical systems
  select new technical system.
  select the server either (web As ABAP.Web AS java)what ever is ur server select it.
  next u have another screen
  asking SID,Installation no.,Database host name.
  For all the details webas abap.
  you can view after looging in the option in the menu bar system->status.
  next
  Enter the message server host, application server host, the instance number, the
  message server port and all logon groups.
  On the next screen you can add the name of all application server hosts (and their
  instance numbers) belonging to the same SAP system. Press Next.
  Now enter all clients, you want to use with the JCo connections. At least one
  client has to be defined
  Thnaks & Regards,
  Lokesh.
  If you have any doubts.
  please let me know

• FB4 Beta 2 error message on "validate configuration" for web root

  Hello:
  I have been working in FB4 beta 1 and had a php project working fine. After installing FB4 beta 2, i am now having problems with the flex server web root and/or root URL. i am now getting the following error message when I try and "validate configuration" for a configuration which had been working. The error message is:
  "(the web root) is not a valid location because the project contains a linked resource at that location"
  Here are my settings which had been workin g with FB4beta1, but which now result in the error message with FB4beta2:
  >> web root c:\wamp\www
  >> root URL: http://localhost
  >> output folder: c:\wamp\www\projectname-debug
  I am running wamp server on my local machine as my testing server; I run windows XP pro; this is a php project
  Has anyone seen this problem in FB4 beta2?
  thanks very much

  I just recently had this issue myself but I did a Clean on my project and it seems to working fine now.
  Hope this helps if you are still having this issue.
  Keith

• DNS configuration for GSS

  Hi,
  I am newbee to GSS. I would like to deploy the GSS in my datacenter.
  I would like to know the DNS configuration example for domain.
  ex:
  www.abc.com
  What records need to configured with detail script. beacause i dont have experience in DNS server configuration.
  I am looking for positive update.
  Regards
  sateesh kumar.k
  i

  Typical flow is as follows
  1. Client will hit their DNS servers (configured on their machines as primary/backup dns server).
  2. "Client's DNS server" will query "DNS server authoritative for abc.com" for www.abc.com.
  3. "DNS server authoritative for abc.com" will ask "client's DNS server" to query "GSS - Authoritative for www.abc.com"
  4. "Client's DNS server" will query GSS for www.abc.com.
  5. GSS will send the ip add of www.abc.com (which should be configured on ACE as VIP).
  6. "Client's DNS server" will handover this VIP to client
  7. Client will hit the VIP configured on ACE (for application www.abc.com).
  Syed iftekhar Ahmed

• SSL and Credentials configuration for webas

  Hi..
  I got a doubt in SSL certificate configuration.When i need to configure a JAVA engine for activating SSL.I would create .CSR and get signed from Trust center which inturn gives three certificate root,intermediate and original certificate and so we can configure the JAVA URL as https://<hostname>:<port no>:500001/...
  Now the same can also can be configured for ABAP WEBAS engine.my doubt is as per note : 510007,SAP has said to generate .PSE file and SSL configuration which will work in 443 port and HTTPS port as in SMICM transaction
  But I have two instances running on single host.I have already configured HTTPS 443 for one instance say for ABAP webas.And If i need to configure for another instance, <b><u>can i change the HTTPS port as per my requirement ????,</u></b>because 443 has been assigned to another instance (earlier) .And <b><u>Can i generate PSE file from that new port and get the certificate installed that is obtained from Trust center ???</u></b>
  Expecting you Ideas and solution for this scenario..
  Thanks
  Gopalakrishnan M

  Hello Gopalakrishnan,
  To specify the https port of ABAP, you can use paramenter
  icm/server_port_<X> as PROT=HTTPS,PORT=<port>
  I think the default port for http is like below
  icm/server_port_0 as PROT=HTTP,PORT=80<instance_number>
  Then you can just specify icm/server_port_1 for https.
  Good luck,
  Victor

• DNS configuration for webhosting - follow-up question

  In regard to my previous inquiry I want to add another question affiliated with that.
  We want to use our own DNS servers for domain registration. For this purpose, I need two DNS servers - ns1.domain.com and ns2.domain.com.
  domain.com is a domain owned by us that should get also managed at the Xserve's DNS service.
  For that reason I would need to add two sub-domain records to the DNS entry for the zone domain.com, wouldn't ?
  But how do I achieve this ?
  When trying to add another "machine" (comparable to "CNAME" ?), server admin requires me to use a different IP address (it won't let me save two machines for one zone with the same IP; see my previous inquiry, I created a machine for "www"). And I see no other way to do this (therefore it also seems not to be possible to create a sub-domain like meat.domain.com).
  Maybe someone can direct me to the right solution.
  It appears to me that Apple uses different terminology in their DNS system; at least although I'm a bit experienced with DNS, I totally hang here.
  I look forward your assistance
    Mac OS X (10.4.8)  

  Hi there,
  Have you seen or thought about using Tenon iTools?
  http://www.tenon.com/products/itools-osx/
  Seems like the way to go for virtual hosting on a mac.
  Aloha,
  Tony

• Any alternative to BT Yahoo for web access to emai...

  When I am at home I access my btinternet email account using Microsoft Outlook, but when I am away I often have to use the BT Yahoo web access which I find dreadful. I object to using it with all those adverts and flashing lights. Is there any alternative browser access, as I'd rather never have to use the BT Yahoo interface?
  Thanks
  Bill

  mlogin.yahoo.com
  or, if you're happy providing your login credentials to a 3rd party, use a gmail or similar account and use it to fetch your BTY mail.
  I hate the adverts etc as well. It's acceptable (to me) with eg a freebie @yahoo.co.uk account, but not on a subscription service.