when the official 2.5.1 will be released?
Likely in the next couple of hours.
cool thank you.
Bad news its still broken, every time you stop start apppool the issue return until you change the port again or stop/start the site. also the site stopped working with inprocess feature when you change web.config
the site will be spinning and nothing shows up.
Ok. I will continue investigation on this tomorrow. I donāt see the issue with the ports but I havenāt tried InProcess yet.
The issue seems not with ports. if you stop / start apppool you need to do the same for the site in IIs for it to work again. also inprocess will set the site in loop and wont come up.
Also as FYI 2.6.0 nightly affected with same issue. To wrap up the issue check below
1- Fresh installation or upgrade same exact issue (IIS 10) windows (2019 & 2022)
2- Site will work if hosted as OutOfProcess only but there is a catch, every time you stop and start the apppool the site will break and show an error when you try to launch it.
To fix it you need to stop and start IIS site.
3-The site will go into an endless loop if you try to host it as InProcess.
as of version 2.4.1 has none of the above issues.
I updated to 2.5.1 and everything seemed to work at first. However all my locked down APIs stopped working. Postman is giving me a āSign into your accountā webpage. My other PSU box running 2.4.1 is running fine. However if Iām signed in on the browser the secured API URI comes back fine. Itās almost like the new version is disregarding the App Token.
I set back my Windows Authorization back to False in the ISS settings. Iām using OIDC for connecting.
@wsl2001 - I still canāt reproduce the issue with app pool restarts. Mine work the first time every time (IIS10). That said, I did identify the issue with InProcess hosting. There was a change to the startup that is causing a dead lock and preventing the service from starting completely. I wonder if this issue is causing both of your problems. Threading issues can certainly manifest differently on different machines. Iām running a 2.5.2 nightly build with this fix. InProcess hosting is now working for me.
I just want to understand your configuration.
Hosting: IIS
Authentication: OIDC Enabled
IIS Authentication: Anonymous Enabled and Windows Authentication Disabled
Right?
am going to test nightly 2.5.2 now and let you know
fresh install of 2.5.2
as you can see in below image universal folder did not get created at programdata only powershell universal
Odd, Iāve not seen this one either.
Iām running on IIS WinServer 2016,
Anonymous auth enabled,
windows auth disabled,
OIDC enabled in app settings,
https redirect enabled in app settings
I upgraded after the issue on 2.5.0 and itās been fine on 2.5.1 & now currently running 2.6.0.
Upgrade process was just deleting all wwwroot contents and deploying the zip.
Iāve tested both with windows auth enabled and OIDC and both seem fine.
do you guys have app initialize activated in iis?
Hosting: IIS
Authentication: OIDC Enabled
IIS Authentication: Anonymous Enabled and Windows Authentication Disabled
Yes, this is exactly correct.
Hereās my appsettings.json (edited)
{
"Kestrel": {
"Endpoints": {
"HTTP": {
"Url": "http://*:5000"
}
},
"Limits": {
"MaxRequestHeadersTotalSize": 132768
},
"RedirectToHttps": "false"
},
"ApplicationInsights": {
"InstrumentationKey": ""
},
"Logging": {
"Path": "%PROGRAMDATA%/PowerShellUniversal/log.txt",
"RetainedFileCountLimit": 31,
"LogLevel": {
"Default": "Information",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information",
"Grpc": "Information"
}
},
"AllowedHosts": "*",
"CorsHosts": "",
"Plugins": [
"UniversalAutomation.LiteDBv5"
],
"Data": {
"RepositoryPath": "%ProgramData%\\UniversalAutomation\\Repository",
"ConnectionString": "filename=%ProgramData%\\UniversalAutomation\\database.db;upgrade=true",
"GitRemote": "REMOVED",
"GitUserName": "any",
"GitPassword": "REMOVED",
"GitBranch": "REMOVED",
"GitSyncBehavior": "TwoWay",
"ConfigurationScript": ""
},
"Api": {
"Url": ""
},
"Authentication": {
"Windows": {
"Enabled": "false"
},
"WSFed": {
"Enabled": "false",
"MetadataAddress": "",
"Wtrealm": "",
"CallbackPath": "/auth/signin-wsfed",
"Wreply": "",
"UseTokenLifetime": true,
"CorrelationCookieSameSite": ""
},
"OIDC": {
"Enabled": "true",
"CallbackPath": "/auth/signin-oidc",
"ClientID": "REMOVED",
"ClientSecret": "REMOVED",
"Resource": "",
"Authority": "REMOVED",
"ResponseType": "code",
"SaveTokens": "false",
"CorrelationCookieSameSite": "",
"UseTokenLifetime": true,
"Scope": "openid profile groups",
"GetUserInfo": true
},
"ClientCertificate": {
"Enabled": "false"
},
"SessionTimeout": "360"
},
"Jwt": {
"SigningKey": "PleaseUseYourOwnSigningKeyHere",
"Issuer": "IronmanSoftware",
"Audience": "PowerShellUniversal"
},
"UniversalAutomation": {
"JobHandshakeTimeout": 5,
"JobDebugging": false,
"ContinueJobOnServerStop": false
},
"UniversalDashboard": {
"AssetsFolder": "%ProgramData%\\PowerShellUniversal\\Dashboard",
"DashboardStartupTimeout": 100
},
"ShowDevTools": false,
"HideAdminConsole": false
}
1 Like
enabling Inprocess
logs
2021-11-10 16:46:20.852 +00:00 [INF] User profile is available. Using āC:\Users\stgips_svc\AppData\Local\ASP.NET\DataProtection-Keysā as key repository and Windows DPAPI to encrypt keys at rest.
2021-11-10 16:46:24.401 +00:00 [FTL] Application startup exception
System.InvalidOperationException: The Negotiate Authentication handler cannot be used on a server that directly supports Windows Authentication. Enable Windows Authentication for the server and the Negotiate Authentication handler will defer to it.
at Microsoft.AspNetCore.Authentication.Negotiate.PostConfigureNegotiateOptions.PostConfigure(String name, NegotiateOptions options)
at Microsoft.Extensions.Options.OptionsFactory1.Create(String name) at Microsoft.Extensions.Options.OptionsMonitor1.<>c__DisplayClass11_0.b__0()
at System.Lazy1.ViaFactory(LazyThreadSafetyMode mode) at System.Lazy1.ExecutionAndPublication(LazyHelper executionAndPublication, Boolean useDefaultConstructor)
at System.Lazy1.CreateValue() at Microsoft.Extensions.Options.OptionsCache1.GetOrAdd(String name, Func1 createOptions) at Microsoft.Extensions.Options.OptionsMonitor1.Get(String name)
at Microsoft.AspNetCore.Authentication.Negotiate.Internal.NegotiateOptionsValidationStartupFilter.<>c__DisplayClass2_0.b__0(IApplicationBuilder builder)
at Microsoft.AspNetCore.Server.IIS.Core.IISServerSetupFilter.<>c__DisplayClass2_0.b__0(IApplicationBuilder app)
at Microsoft.AspNetCore.Server.IIS.Core.IISServerSetupFilter.<>c__DisplayClass2_0.b__0(IApplicationBuilder app)
at Microsoft.AspNetCore.HostFilteringStartupFilter.<>c__DisplayClass0_0.b__0(IApplicationBuilder app)
at Microsoft.AspNetCore.Hosting.GenericWebHostService.StartAsync(CancellationToken cancellationToken)
2021-11-10 16:46:25.402 +00:00 [ERR] Error discovering modules
System.ObjectDisposedException: Cannot access a disposed object.
Object name: āIServiceProviderā.
at Microsoft.Extensions.DependencyInjection.ServiceLookup.ThrowHelper.ThrowObjectDisposedException()
at Microsoft.Extensions.DependencyInjection.ServiceLookup.ServiceProviderEngineScope.GetService(Type serviceType)
at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService(IServiceProvider provider, Type serviceType)
at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService[T](IServiceProvider provider)
at Universal.Server.Services.UniversalClient.SetModules(String environment, Module[] modules)
at UniversalAutomation.Host.ModuleService.LoadModules(String environment) in D:\a\universal\universal\src\Host\ModuleService.cs:line 23
at Universal.Server.Services.ModuleDiscoveryService.<>c__DisplayClass7_0.b__0() in D:\a\universal\universal\src\Universal.Server\Services\ModuleDiscoveryService.cs:line 67
@zalcorshark - Thanks. Iāll take a look.
@wsl2001 - I just installed on a fresh 2022 server and do not have any issues. I set those settings that you just provided and itās working for me. I tried both InProcess and OutOfProcess. Can we schedule a call? Thereās something Iām missing. Email me at adam@ironmansoftware.com.
just sent you an email. Ready for a call at any time.