Wednesday, January 21, 2015

System.Runtime.InteropServices.COMException error 0x80005000 working with DirectoryServices and LDAP path

I ran into this issue in VB.NET code used to remove an ADS user from certain groups.  One of the groups distinguishedName contained a '/' in the name (path). 

For example LDAP://CN=HRUser,OU=H/R,DC=fabrikam,DC=com where the DN CN=HRUser,OU=H/R,DC=fabrikam,DC=com contains the forward slash (OU=H/R).  This triggered a System.Runtime.InteropServices.COMException error 0x80005000 when executing the DirectoryEntry Remove method. 

To resolve this, use an escape character in the DN.  So once I had obtained the DN as a string, I then used strGroupDN = Replace(strGroupDN, "/", "\/") to get the escape '\' in before the '/'.  This resolved the error.

Tuesday, January 20, 2015

proftpd 1.3.4 running on Drobo 5N cannot load admin page (php)

Note: I advise Googling about the information I discuss here.  Make note of each change you make, be able to undo what you have done if needed.  Even though what I have posted worked for me, I don't want to cause anyone to make changes that they may not know how to undo.  Worst case scenario, your can remove the installed apps and reinstall.

Tools used: Putty for SSH connection to Drobo, and WinSCP for data transfers on Drobo.  To bypass permissions issues, you can log in as root (Drobo's default password for root is root).  Always be careful using root.  And do not do anything that would expose root access outside your home network.

I used the installers and instructions from here:
https://sites.google.com/a/droboports.com/www/

to setup proftpd on my Drobo 5N.  I wanted to make a few notes that others might find helpful.

The compiled version of Proftpd available at the link above is setup to work with lighttpd.  Once I had everything installed and configured, the http:///proftpd/index.php page would not load (Error 500).

I found that the problem was in the lighttpd/etc/conf-enabled/cgi.conf file.  In that file the path assigned for php is incorrect if you installed php5 from the droboports site.  Edit this file and change:

".php" => "/mnt/DroboFS/Shares/DroboApps/php/bin/php-cgi" )

to

".php" => "/mnt/DroboFS/Shares/DroboApps/php5/bin/php-cgi" )

Save the file.  Change directory to the lighttpd directory and run service.sh restart.  After that, the proftpd admin page should load.

 

In setting this up there were a few other changes I need to make originally that I would like to mention.


The proftpd/etc/proftpd.conf file needed some changes


1) DefaultRoot - you may want to change this value.  This will be the location users land on when connecting to the ftp server.  On the Drobo the default will expose all of your shares.  You can change it to a single share by adding that to the end of the path. 
Ex: /mnt/DroboFS/Shares/FTP/  (assuming you setup an FTP share on your Drobo).  This will keep your FTP users from seeing things maybe you do not want them to see.

2) MasqueradeAddress
Add this line:  MasqueradeAddress  YourFQDNorYourPublicIP
Ex: MasqueradeAddress  my.home.com

3) Specify a passive ports range unless you want to forward a ton of ports on your router:
PassivePorts 10100 10500


That is the value I am using.  I do not have many clients so I did not use a lot of ports.  Then on my NAT router, I did a port forwarding rule for that port range to the IP of my Drobo.


4) Enabling secured connections - You can enable TLS.  Near the bottom of the conf file you will see this section.  Mine is modified to enable TLS.


TLSEngine on

TLSLog /mnt/DroboFS/Shares/DroboApps/proftpd/var/log/tls.log

TLSProtocol TLSv1

TLSRequired on

TLSRSACertificateFile /mnt/DroboFS/Shares/DroboApps/proftpd/etc/server.crt

TLSRSACertificateKeyFile /mnt/DroboFS/Shares/DroboApps/proftpd/etc/server.key

TLSVerifyClient off



If you want to use client verification please research how it works and how to use it or else it will prevent connections.

In the FTP client software choose FTP protocol and choose TLS Explicit encryption.  The setting I use should encrypt both the authentication channel and the data channel.

5) Unable to locate host - An issue many people have is proftpd not knowing how to locate itself.  You may see references to 'edit the etc/hosts file and add your ip and name'.  What is not always obvious is where this is located.  It is at the root of the Drobo.  So go all the way to the root and then cd /etc.  An easy way to add your info to the hosts file is run the command: echo "  " > hosts
So like this: echo "192.168.1.10  mydrobo" > hosts
This should add an entry for your drobo in the hosts file.
On your home network you should be able to bring up the proftpd admin page by using your drobo name: http://

Troubleshooting
Don't forget to check your logs if troubleshooting.  For proftpd these are located at /mnt/DroboFS/Shares/DroboApps/proftpd/var/log

Stopping, Starting, Restarting, and Status
For all three components, lighttpd, proftpd, and php5, to start, stop, restart and get status you can do this from an ssh connection.  At each apps root under DroboApps there is a service.sh file.  Use:
service.sh start - to start
service.sh stop - to stop
service.sh restart - to stop and then start
service.sh status - to see if the app is enabled and running.

Please use the above at your own discretion.  Also you will want to be acting as root on your drobo due to permissions.

The above is a summary of what I had to do to get things working in my environment.


New beginner's guide to PowerShell on my GitHub page

 I created a beginner's guide to PowerShell here: https://github.com/aamjohns/Powershell_Guide/blob/main/README.md I hope it helps someo...