Jump to content

Discovered Issues/Bugs...


Sarge

Recommended Posts

Hi Guys,

 

v8 is looking good. The interface seems much cleaner.


I've found the following bugs so far, using Safari, also tested with Chrome on macOS.

  1. In Safari there are UI drawing issues, they don't seem to occur in Chrome.
  2. With both browsers, doing a bulk delete of hosts doesn't raise the prompt to delete existing associated passwords first; there for the bulk delete fails silently. (Perhaps the addition of a "would you like to delete associated passwords?" would help here?).
  3. Deleting hosts seems to fail silently if the passwords are in the recycling bin.
  4. My only security administrator is unable to access settings for self service password reset as it doesn't have the required roles - also can't allocate roles to yourself.  (This could be the method I used to upgrade (you've seen my emails on that), or it could be that the required roles aren't added during the upgrade).

Screen Shot 2017-06-19 at 3.16.45 pm.png

Link to comment
Share on other sites

Hello Sarge,

 

Thanks for the feedback so far, and we will look into them.

 

For the Self Service Reset Roles, once you update the license key it should automatically add the roles for your account. Can you let us know if this does not work for you?

Regards

Click Studios

Link to comment
Share on other sites

19 minutes ago, support said:

For the Self Service Reset Roles, once you update the license key it should automatically add the roles for your account. Can you let us know if this does not work for you?

Hello,

 

License are applied but the roles aren't allocated.

I'm not able to add any additional users either - nothing happens when I click save.

Link to comment
Share on other sites

Hi Sarge,

 

Sorry, we've actually provided you the wrong instructions for activating the Password Reset Portal. To fix this, can you run the SQL Script below, log off and then back on, and then use the 'Next' button on the screen you see below to register everything correctly?

 

USE Passwordstate

UPDATE Licenses SET RegistrationName = NULL, NoLicenses = NULL, SupportExpires = NULL, RegistrationKey = NULL, GUID = NULL WHERE LicenseType = 'Password Reset Licenses'

 

With the adding of new users, can you bring up the developer tools in your browser, and see if there are any JavaScript errors being reported? Also, have you integrated your authentication with AD, or using the separate forms based authentication?resetportalwizard.png

 

Regards

Click Studios

Link to comment
Share on other sites

14 hours ago, support said:

Sorry, we've actually provided you the wrong instructions for activating the Password Reset Portal. To fix this, can you run the SQL Script below, log off and then back on, and then use the 'Next' button on the screen you see below to register everything correctly?

 

Morning Guys,

 

The updated instructions worked - in the sense that I can now go through the setup wizard. However I can't get past the first screen, presumably because I don't use AD for authentication.

I was hoping I could use the Password Reset Portal to handball the resetting of our AD passwords (dev and production AD) to the users, rather than having to come and see the infrastructure team when they expire; without having Passwordstate AD integrated. (As part of our DR plan for Passwordstate we don't have it dependent on any other services/servers besides itself.)

Quote
It appears an error has occured trying to query Active Directory for user information.
 
Please check the 'Active Directory Domain Name' value specified below is correct. If not, please update in the 'Active Directory Domains' screen.
 
Active Directory Information 
NetBIOS Name: 
FQDN: 
LDAP Query String:

 

 

14 hours ago, support said:

Also, have you integrated your authentication with AD, or using the separate forms based authentication?

 

Forms, for our dev instance.

Link to comment
Share on other sites

Hi Sarge,

 

Thanks for reporting these issues, and we've been able to fix the issue of not being able to add new accounts, and also the error above when you start the setup wizard for the Password Reset Portal module.


If you download the upgrade file again, and run through the Manual Upgrade Instructions we provided in the email we sent out, it should all work for you now.

Regards

Click Studios

Link to comment
Share on other sites

14 minutes ago, support said:

If you download the upgrade file again, and run through the Manual Upgrade Instructions we provided in the email we sent out, it should all work for you now.

Good timing, I'm redeploying the dev instance as I was getting memory corruption issues against the database while trying to perform queries ever since populating with the production content.

I also wasn't able to add folders or password lists (Shared or private) without getting application errors.

 

I'll let you know how the updated build gets on shortly.

Link to comment
Share on other sites

Hi Sarge,

 

If you run into it again, can you let us know what you mean by 'memory corruption issues'? Do you mean encryption issues, possibly because split encryption keys from two different installs are being used?

Thanks

Click Studios

Link to comment
Share on other sites

10 minutes ago, support said:

If you run into it again, can you let us know what you mean by 'memory corruption issues'? Do you mean encryption issues, possibly because split encryption keys from two different installs are being used?

Hi,

 

No, it was an SQL Server error while trying to expand majority of the tables via "Select top 1000 Rows".

I've reverted the snapshot of the VM already so I don't have the exact error anymore. Seems ok now.

 

1 hour ago, support said:

and we've been able to fix the issue of not being able to add new accounts

I can confirm.

 

1 hour ago, support said:

and also the error above when you start the setup wizard for the Password Reset Portal module.

I can't confirm this.

When going to run the Password Reset Portal wizard, I no longer have a "Next" button, only "Request Trial".

However, I can see now that the security administrator has got all required security administrator roles assigned automatically.

Link to comment
Share on other sites

Hi Sarge,

 

Thanks for confirming some details for us.

 

We did make some small changes to this, so that all licensing is managed from the screen Administration -> Passwordstate Administration -> License Information. If you go here and enter your license key, then on the other screen you should see a 'Next' button, instead of the 'Request Trial' button. 

Regards
Click Studios

Link to comment
Share on other sites

10 minutes ago, support said:

We did make some small changes to this, so that all licensing is managed from the screen Administration -> Passwordstate Administration -> License Information. If you go here and enter your license key, then on the other screen you should see a 'Next' button, instead of the 'Request Trial' button. 

Awesome.

 

We're getting closer, still getting same error as before however.

Quote
black-error-16.png Active Directory Query Error
 
It appears an error has occured trying to query Active Directory for user information.
 
Please check the 'Active Directory Domain Name' value specified below is correct. If not, please update in the 'Active Directory Domains' screen.
 
Active Directory Information 
NetBIOS Name: 
FQDN: 
LDAP Query String:


That's not me blanking out the AD information either, Passwordstate isn't displaying anything there. 

Link to comment
Share on other sites

Hi Sarge,

 

We've just tested this a second time, with Form-Based Authentication, and Anonymous Authentication selected for the site in IIS. We no longer see this issue when we click on the 'Next' button.

I've double checked the code, and the redirection to aderror.aspx no longer existing on this page, so I'm wondering if you have some sort of caching issue with this? Can you stop IIS, clear your browser cache, and also clear all the folders in C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files on your web server.

 

Now restart IIS again and see if the problem goes away? Also your black-error-16.png file is not displaying - so there is something odd going in with your install.

 

Thanks

Click Studios

Link to comment
Share on other sites

8 minutes ago, support said:

We've just tested this a second time, with Form-Based Authentication, and Anonymous Authentication selected for the site in IIS. We no longer see this issue when we click on the 'Next' button.

Hello,

 

I just checked both of these in the IIS auth config, Anon was enabled, forms was disabled. I enabled forms, performed an iisreset and tested again. Same error.

I then cleared the temp asp.net files, same error.

Then swapped browsers (Chrome & Firefox on macOS and Edge on W10), both had the same error and were redirecting to aderror.aspx.

 

black-error-16.png is rendering correct in the UI and displaying in the browsers developer tools.

 

Seems like I've got it a step closer now though by the following...

  • Stopping IIS
  • Renaming the passwordstate directory in inetpub.
  • Re-extracted the beta8 upgrade in inetpub as passwordstate folder.
  • Copied all files from the old passwordstate website, but chose not to replace existing files.
  • Restarted IIS

It now takes me to the next stage in the wizard.

So something went afoul when I applied the upgrade earlier.

Link to comment
Share on other sites

Hi Sarge,

 

Thanks for letting us know, and you can turn off forms-authentication in IIS - this is different to our own forms authentication.

 

Make sure you Passwordstate Folder, and everything beneath it, also has Modify NTFS permissions for the NETWORK SERVICE account.

Regards

Click Studios

Link to comment
Share on other sites

8 minutes ago, support said:

Make sure you Passwordstate Folder, and everything beneath it, also has Modify NTFS permissions for the NETWORK SERVICE account.

Yep, it does.

So next problem I'm having, is I'm unable to progress past the first step in the wizard.

It's giving me the error 

Quote

It appears your domain is not configured to allow LDAP connections over SSL or possibly the SSL certificate for this domain is not trusted etc.

All required ports are open as far as the administrators guide is concerned (135, 636 and 49153).

 

Link to comment
Share on other sites

Hi Sarge,

 

There are only two things which would show this error:

  • The privileged account password you specified is wrong, or the username is not in the correct format, for which both would cause this check to fail
  • Or Passwordstate cannot communicate on port 636 to your domain. If you to a telnet from your web server to 636 to your domain controller, does it get through? Have you configured your domain controllers for LDAP over SSL?

 

We've tested this over the internet with a non-trusted domain, so we're fairly confident it should work, as long is it can communicate okay.

 

Regards

Click Studios

 

Link to comment
Share on other sites

Got it.

The cert had expired...3 days ago. *sigh*

 

Quote

When new users are added as part of the Security Group synchronization process (performed by the Passwordtate Windows Service), space out the 3 Enrollment emails by: 

 

Found a typo ;)

 

 

Link to comment
Share on other sites

1 hour ago, support said:

Hope the portal is now completely up and running for you and you get a chance to test it out. 

 

Seems to be. 

I had it sync an AD group just before knocking off for the day.


Are you able to shot me through expected pricing for that module (if pricing has been decided yet)?

If the self service password resets work as expected it will be a massive help for us.

 

The rest of v8 seems quite good so far.

I'll be testing the Linux password resets tomorrow for root users as well.

Link to comment
Share on other sites

16 hours ago, support said:

Hope the portal is now completely up and running for you and you get a chance to test it out. 

 

Haven't been able to test it out, mainly because I can't figure out how to actually access it.

Sent myself an enrolment email, followed the URL (which resolves to the passwordstate server); it takes me to https://<url>/enroll which just gives me a page not found error.

Link to comment
Share on other sites

Hi Sarge,

This is our fault with the upgrade instructions we provided to customers initially. There is a separate installer for the Password Reset Portal, and you can download it from here - https://www.clickstudios.com.au/downloads/passwordstate8_beta1.zip. This is the full install of Passwordstate, and the separate installer and installation instructions can be found within this zip file. In the next release, we will include the installer from within the Passwordstate UI (with instructions), so any customer upgrading will know exactly what to do.

 

For the pricing, this will be an annual subscription, and below are the prices (in USD) that we are considering. Looking out our competitors, we've set our pricing to be cheaper than all of them, and also 3 times cheaper than some - so hopefully our customers will be okay with the pricing:

 

Password Reset Portal Pricing (Per Annum)
No. Users             Total
Up to 500             $550.00
Up to 1000           $900.00
Up to 2000           $1,400.00
Up to 5000           $2,750.00
Up to 10000         $3,500.00
Enterprise            $5,990.00 (unlimited users)
 

Regards

Click Studios

Link to comment
Share on other sites

I'm now getting the following error when I try to access the system settings.

Quote



[Exception: RadAsyncUpload does not have permission to write files in the TemporaryFolder. In Medium Trust scenarios, the TemporaryFolder should be a subfolder of the Application Path.]

   Telerik.Web.UI.RadAsyncUpload.TestTemporaryFolderPermissions() +243

   Telerik.Web.UI.RadAsyncUpload.MarshalTemporaryFolder() +64

   Telerik.Web.UI.RadAsyncUpload.OnPreRender(EventArgs e) +102

   System.Web.UI.Control.PreRenderRecursiveInternal() +107

   System.Web.UI.Control.PreRenderRecursiveInternal() +204

   System.Web.UI.Control.PreRenderRecursiveInternal() +204

   System.Web.UI.Control.PreRenderRecursiveInternal() +204

   System.Web.UI.Control.PreRenderRecursiveInternal() +204

   System.Web.UI.Control.PreRenderRecursiveInternal() +204

   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +7675

 

Link to comment
Share on other sites

Hi Sarge,

 

The Passwordstate folder, and everything beneath it, should have Modify NTFS permissions for the NETWORK SERVICE account by default. Do you know why this wouldn't be the case for you?

Either way, let us know if you have any further issues.

Regards

Click Studios

Link to comment
Share on other sites

10 minutes ago, support said:

The Passwordstate folder, and everything beneath it, should have Modify NTFS permissions for the NETWORK SERVICE account by default. Do you know why this wouldn't be the case for you?

Nope, but it did have modify rights earlier in this thread.

The rights have been dropped since then. I believe it was when I re-deployed v8 because of the issues I was having. *shurg* 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...