cant login to web page

General eFa discussion
Post Reply
dsheetz
Posts: 35
Joined: 01 Jun 2017 17:36

cant login to web page

Post by dsheetz »

console login on vm works but using the URL I just get blank page
then error:

Error: unable to validate security token

help please! :)
User avatar
shawniverson
Posts: 3644
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: cant login to web page

Post by shawniverson »

Hi!

Got your email, been busy.

Try going to EFA-Configure (console) and 11) Apache Settings --> 2) Modsecurity and turn it off.
Zwabber
Posts: 69
Joined: 14 Feb 2016 21:26

Re: cant login to web page

Post by Zwabber »

Already flushed web cache and cookies?
dsheetz
Posts: 35
Joined: 01 Jun 2017 17:36

Re: cant login to web page

Post by dsheetz »

I have turned off mod security and flushed cache on my browser , no luck.
Zwabber
Posts: 69
Joined: 14 Feb 2016 21:26

Re: cant login to web page

Post by Zwabber »

and the cookies!?
User avatar
shawniverson
Posts: 3644
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: cant login to web page

Post by shawniverson »

Yeah, that doesn't sound right at all. Shouldn't see that message at all.

A few things...

1) Tried a different browser (so we can isolate it to a specific browser)?
2) Tried a different machine (so we can see if it is a client or server issue)?
dsheetz
Posts: 35
Joined: 01 Jun 2017 17:36

Re: cant login to web page

Post by dsheetz »

I have tried multiple machines and multiple browsers, all with no luck. On a note I can go to port 10000 and get to webmin... ??? :?

In Firefox I get a blank page


In Chrome :
This page isn’t working
192.168.111.112 is currently unable to handle this request.
HTTP ERROR 500

In Edge :
Can’t connect securely to this page
This might be because the site uses outdated or unsafe TLS security settings. If this keeps happening, try contacting the website’s owner.
Try this:
Go back to the last page

In IE


The website cannot display the page
HTTP 500

Most likely causes:
•The website is under maintenance.
•The website has a programming error.

What you can try:
Refresh the page.
Go back to the previous page.

More information More information

This error (HTTP 500 Internal Server Error) means that the website you are visiting had a server problem which prevented the webpage from displaying.
For more information about HTTP errors, see Help.
User avatar
pdwalker
Posts: 1553
Joined: 18 Mar 2015 09:16

Re: cant login to web page

Post by pdwalker »

Can you do me a favour? Post the results of this command (run as root) from your efa box
[root@efa ~]# netstat -plutn
here's mine for comparison:

Code: Select all

[root@efa ~]# netstat -plutn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name
tcp        0      0 127.0.0.1:11553             0.0.0.0:*                   LISTEN      10126/MailWatch SQL
tcp        0      0 127.0.0.1:2501              0.0.0.0:*                   LISTEN      2784/perl
tcp        0      0 0.0.0.0:3306                0.0.0.0:*                   LISTEN      2111/mysqld
tcp        0      0 127.0.0.1:3310              0.0.0.0:*                   LISTEN      2000/clamd
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      13484/httpd
tcp        0      0 0.0.0.0:10000               0.0.0.0:*                   LISTEN      2917/perl
tcp        0      0 127.0.0.1:53                0.0.0.0:*                   LISTEN      10921/unbound
tcp        0      0 127.0.0.1:4949              0.0.0.0:*                   LISTEN      2554/perl
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      1967/sshd
tcp        0      0 127.0.0.1:8953              0.0.0.0:*                   LISTEN      10921/unbound
tcp        0      0 0.0.0.0:25                  0.0.0.0:*                   LISTEN      2437/master
tcp        0      0 0.0.0.0:443                 0.0.0.0:*                   LISTEN      13484/httpd
tcp        0      0 127.0.0.1:8891              0.0.0.0:*                   LISTEN      1859/opendkim
udp        0      0 0.0.0.0:750                 0.0.0.0:*                               1574/portreserve
udp        0      0 10.10.1.200:123             0.0.0.0:*                               1989/ntpd
udp        0      0 127.0.0.1:123               0.0.0.0:*                               1989/ntpd
udp        0      0 0.0.0.0:123                 0.0.0.0:*                               1989/ntpd
udp        0      0 0.0.0.0:10000               0.0.0.0:*                               2917/perl
udp        0      0 0.0.0.0:41888               0.0.0.0:*                               1845/dccifd
udp        0      0 127.0.0.1:53                0.0.0.0:*                               10921/unbound
udp        0      0 :::123                      :::*                                    1989/ntpd
In particular, I'm interested in seeing the httpd status
dsheetz
Posts: 35
Joined: 01 Jun 2017 17:36

Re: cant login to web page

Post by dsheetz »

attached is the output of the command...
Attachments
EFA_Capture.PNG
EFA_Capture.PNG (68.64 KiB) Viewed 12013 times
dsheetz
Posts: 35
Joined: 01 Jun 2017 17:36

Re: cant login to web page

Post by dsheetz »

some more info and a quick question...
we are using server 2016 with exchange 2016 for Active Directory and email.

SO how do I know where it is failing? Is it postfix, mailscanner, php, or can I test AD connection? Looking for a place to start ...

what are the dependencies to get the login page to work?
Zwabber
Posts: 69
Joined: 14 Feb 2016 21:26

Re: cant login to web page

Post by Zwabber »

If you just install another system for test, is it possible to login to this new system?
dsheetz
Posts: 35
Joined: 01 Jun 2017 17:36

Re: cant login to web page

Post by dsheetz »

I did make a new system and it works until I add the AD authentication settings in /var/www/html/mailscanner/conf.php

// LDAP settings for authentication
define('USE_LDAP', true);
define('LDAP_SSL', false); // Set to true if using LDAP with SSL encryption.
define('LDAP_HOST', 'mydcserver.mydomain.com');
define('LDAP_PORT', '389');
define('LDAP_DN', 'DC=mydomain,DC=com');
define('LDAP_USER', 'myserviceaccount@mydomain.com'); // If no email set: cn=Users,dc=mydomain,dc=com
define('LDAP_PASS', 'mypassword');
define('LDAP_SITE', 'default');
define('LDAP_FILTER', 'mail=%s'); //%s will be replaced by username eg. 'mail=%', 'mail=SMTP:%s', 'sAMAccountName=%s'
define('LDAP_PROTOCOL_VERSION', 3);
// can be set to 'proxyaddresses' or 'mail'. Please refer to your LDAP system manual for the right keyword
define('LDAP_EMAIL_FIELD', 'mail');
User avatar
shawniverson
Posts: 3644
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: cant login to web page

Post by shawniverson »

Okay, that's some ammo....

LDAP is tricky in MailWatch.

Do you have these defined?

Code: Select all

// The value of the LDAP_USERNAME_FIELD will be extended by LDAP_BIND_PREFIX and LDAP_BIND_SUFFIX to created the binding username.
define('LDAP_USERNAME_FIELD', 'cn');
//Active Directory Compatibility Mode
define('LDAP_MS_AD_COMPATIBILITY', true);
dsheetz
Posts: 35
Joined: 01 Jun 2017 17:36

Re: cant login to web page

Post by dsheetz »

Yes I have both
User avatar
shawniverson
Posts: 3644
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: cant login to web page

Post by shawniverson »

The only thing I see different between you setup and mine is this...

Yours

Code: Select all

define('LDAP_SITE', 'default');
Mine

Code: Select all

define('LDAP_SITE', 'default-first-site-name');
So, the next step if that isn't it is to fire up some ldap tools and try to connect via command line.
User avatar
pdwalker
Posts: 1553
Joined: 18 Mar 2015 09:16

Re: cant login to web page

Post by pdwalker »

yes, if there are ldap connection issues and you are using ldap for authentication, this will make you unable to log in.

Use an LDAP explorer to see if you got your connection settings right, like http://jxplorer.org/ or http://directory.apache.org/studio/downloads.html

Good Luck!
dsheetz
Posts: 35
Joined: 01 Jun 2017 17:36

Re: cant login to web page

Post by dsheetz »

ldap explorer shows all my users fine. weird

I am concerned with define('LDAP_USERNAME_FIELD', 'cn')
I would think it would be:

define('LDAP_USERNAME_FIELD', 'userPrincipalName')

is that correct?
dsheetz
Posts: 35
Joined: 01 Jun 2017 17:36

Re: cant login to web page

Post by dsheetz »

:bow-yellow: it is working now!!!, :dance: just need help to get it to import ALL AD users...

I believe I saw a script but not sure if it works with current version, any ideas?

BTW- Thanks for all yourhelp I DO appreciate it! :D :clap:
Post Reply