Jump to content

Matt

Members
  • Content count

    14
  • Joined

  • Last visited

  1. Thanks, appreciate that. Not being able to use the extension is annoying as its one of the things that sold the product to us, but hey ho, live and learn.
  2. Not my decision, I had to utilise the services that were there. Yeah. the extension magic is a bit of a conundrum. I can't imagine it can't be reworked for the scenario we have, but for now I guess I have to accept it. You are right, SSL offloading. Load balancer handles it and everything inside is http.
  3. Hi, no certificate errors. Its actually a wildcard for the domain so it works very well. I see the post above says its needed on the web server. This is a shame, but I'm planning on putting together a post of feature requests, so we shall see if there is any traction with it.
  4. Hi, is it possible to use the PasswordState browser extension when no SSL certificate resides on the webserver? We use SSL offloading, so the load balancer handles the SSL which negates the need for it on each webserver. So far in our setup, I can't get it to not be red so it looks like its not working, but I'd really like it to if possible.
  5. Bulk Updates

    OK, figured it out, was reading the wrong document.
  6. Bulk Updates

    Apologies if this is elsewhere, but I'm struggling to find it. I have imported a lot of passwords from Keepass, and I'm looking for a way to bulk edit certain fields across all the passwords in a single list. For example, a domain field that contains a list of servers that all need to be populated with domain.local. Also, can I bulk move passwords to a new list. Again, I'm sure its there, but I can't find it.
  7. Importing from KeePass into Passwordstate

    As a follow up, is there a way to correctly invoke-webrequest using SSL. I'm getting an error "Invoke-WebRequest : The request was aborted: Could not create SSL/TLS secure channel." I think its because of an older version of TLS. Is it possible to update the script with something like this? [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 Invoke-WebRequest I would do it myself, but my PS skills are rubbish.
  8. SSL redirect

    Yep, that worked. Thank you.
  9. SSL redirect

    Hi We've just purchased PS and I'm trying to figure out the best way to configure the load balancing. We were planning to use SSL Offloading, so the certificate is installed on the LB only and it redirects traffic to one of two web servers to http. From reading on another topic here, PS does an automatic redirect from HTTP to HTTPS. Is there a way to stop it doing this and remove the self signed certificate binding from the webservers? I've just realised I have this problem as I have a load balanced CNAME which doesn't work at the moment so I can't complete the initial setup. Thanks
  10. OK Licensing understood. Connection string, I would want to point this at a listener. I'll ask on Azure forum about this. Thanks
  11. Hi As a follow up, I now have a design idea to work to from help here The plan is to have two web servers in one region with an Azure SQL instance, with a third web server connected to a second Azure SQL instance in another region. SQL will use geo-location (AlwaysOn) and asynchronous replication to keep them consistent. Region 1 will have a load balancer and then both regions will be managed by Traffic Manager for failover. Couple of questions 1) What licence is appropriate for this setup, Enterprise with an HA licence or do I need a Global licence because I have 3 IaaS servers running + HA? 2) How do I configure the web config files to support this setup? 3) Is there any specific load balancer configuration that needs to be done so the web servers will accept the traffic? Thanks Matt
  12. Email alerts

    Hi Not sure if this is supposed to happen, but when running BETA 1, I configured the email alerting, sent the test, all good. However, nothing else was coming through. I've just done the upgrade to beta 2, and once the database upgrade was complete, all of the alerts from actions when running on beta 1 came through. I don't know if the service restart did it, but just seemed like odd behaviour.
  13. Something I noticed this morning. It would appear that the self service portal doesn't work with 2003 domains. I have 2008 DC's, but a 2003 functional level. When I attempt a password reset, it errors An unexpected error has occurred performing a Password reset for UserID 'username'. Error = Update pwd result: UnavailableCriticalExtension for CN=User,OU=Accounts,OU=Sitename,OU=Locations,DC=europe,DC=domain,DC=net The parameter is incorrect (00000057: LdapErr: DSID-0C090B79, comment: Error processing control, data 0, v1db1) [The server does not support the control. The control is critical.] I didn't get a warning when I added the AD domains about LDAPS. So, is there a way to improve the validation to ensure that when checking for LDAPS, it maybe does an AD check also? Also, why do seprate domain and privileged account configs exist for the reset portal. Is there not a way to have it use the existing setup for passwordstate?
  14. Importing from KeePass into Passwordstate

    Just wanted to say thanks. I've tested Fabian's script on the version 8 beta and it worked perfectly once I realised what user creds it was asking for. Cheers Matt
×