RE: [ACFUG Discuss] resetting admin password on CF10
Troy, since you refer to passwordreset.bat, we know you're on Windows. So did you run that by double-clicking on it as shown within Windows Explorer? If so, there are two problems with that. First, that would mean you didn't use run as administrator, which may be very important, and an error may have reflected that. Second, though, by running it from within Windows Explorer like that, you won't have seen if indeed there was an error or other response after the command completed, because the temporary command prompt window that is opened is closed after the bat file runs. It's always a good idea to avoid running bat files from Windows Explorer if there's any chance they may have output you need to see that's displayed after the bat file runs. So try opening a command prompt yourself-and don't forget to do it by right-clicking and choosing run as admin (or if you see an option in your Start menu for CMD as Admin, choose that.) If you get an error reporting java.io.FileNotFoundException: ..\lib\password.properties (Access is denied), that confirms that you needed to run it as admin. (All this is something I've been meaning to blog on, as they're easy mistakes to make.) Let us know how it goes, and if indeed there still seems something else amiss. That would be more fodder for the blog entry. :-) /charlie From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of troy Sent: Tuesday, November 05, 2013 10:28 AM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] resetting admin password on CF10 Charlie, As it turns out, I was able to determine that the password had been physically changed and I located the new password and was able to log in successfully. So, while my initial problem is solved, it begs another question about why the use of the passwordreset.bat file did not prove effective. I used the process of resetting the password with this utility, restarting both CF and WWW and the admin password still was not ever altered. This seems a bit problematic to me but like I said, at least the immediate problem is resolved. I did read your links and will probably test that out on a development environment as time allows. Thanks for the info. -Troy From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Charlie Arehart Sent: Monday, November 04, 2013 8:07 PM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] resetting admin password on CF10 Troy, it Is true that when you add a new CF Admin user, even one with all admin roles allowed, it does NOT give them the security roles, so only that original Admin user can add a new user. No, you say that after running the passwordreset you still can't get in, but did you restart CF? You do need to, as that modified a file that is then read during startup. If you did do a restart, then I would propose something else could be at issue. While the password reset does reset the password for that initial admin user, it is possible (through other manual file modification) to change that username to something else. The following technote discusses it, and though for CF8, the concept should still apply for CF10: http://helpx.adobe.com/coldfusion/kb/coldfusion-8-change-root-administrator. html FWIW, I also discuss that and much more on the multi-user capability for the CF Admin in an article I did for Adobe, listed on my articles page at: http://www.carehart.org/articles/#2009_1 Let us know if any of that helps. /charlie From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of troy Sent: Monday, November 04, 2013 5:48 PM To: discussion@acfug.org Subject: [ACFUG Discuss] resetting admin password on CF10 I have encountered an issue on one of my production CF10 servers. I have created a user for the CF Admin for use outside of the admin user. However, I can no longer log in with the admin user and can not see any of the user manager properties with my new user. I have tried resetting the password with the passwordreset.bat file located in [coldfusionhome]\cfusion\bin and it does not resolve the issue. Does anyone have any tricks on how to reset the admin password? Thank you, Troy Jones Technical Manager Third Wave Digital 1841 Hardeman Ave. Macon, GA 31201 t...@thirdwavedigital.com www.thirdwavedigital.com - To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink http://www.fusionlink.com - - To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by
RE: [ACFUG Discuss] resetting admin password on CF10
I did in fact run it using double-click. I wasn't aware of the run as administrator issue being in play here but that makes sense that that could have affected the process. Good to know, hopefully I don't run into this again. -Troy From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Charlie Arehart Sent: Wednesday, November 06, 2013 9:16 AM To: discussion@acfug.org Subject: RE: [ACFUG Discuss] resetting admin password on CF10 Troy, since you refer to passwordreset.bat, we know you're on Windows. So did you run that by double-clicking on it as shown within Windows Explorer? If so, there are two problems with that. First, that would mean you didn't use run as administrator, which may be very important, and an error may have reflected that. Second, though, by running it from within Windows Explorer like that, you won't have seen if indeed there was an error or other response after the command completed, because the temporary command prompt window that is opened is closed after the bat file runs. It's always a good idea to avoid running bat files from Windows Explorer if there's any chance they may have output you need to see that's displayed after the bat file runs. So try opening a command prompt yourself-and don't forget to do it by right-clicking and choosing run as admin (or if you see an option in your Start menu for CMD as Admin, choose that.) If you get an error reporting java.io.FileNotFoundException: ..\lib\password.properties (Access is denied), that confirms that you needed to run it as admin. (All this is something I've been meaning to blog on, as they're easy mistakes to make.) Let us know how it goes, and if indeed there still seems something else amiss. That would be more fodder for the blog entry. :-) /charlie From: ad...@acfug.orgmailto:ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of troy Sent: Tuesday, November 05, 2013 10:28 AM To: discussion@acfug.orgmailto:discussion@acfug.org Subject: RE: [ACFUG Discuss] resetting admin password on CF10 Charlie, As it turns out, I was able to determine that the password had been physically changed and I located the new password and was able to log in successfully. So, while my initial problem is solved, it begs another question about why the use of the passwordreset.bat file did not prove effective. I used the process of resetting the password with this utility, restarting both CF and WWW and the admin password still was not ever altered. This seems a bit problematic to me but like I said, at least the immediate problem is resolved. I did read your links and will probably test that out on a development environment as time allows. Thanks for the info. -Troy From: ad...@acfug.orgmailto:ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Charlie Arehart Sent: Monday, November 04, 2013 8:07 PM To: discussion@acfug.orgmailto:discussion@acfug.org Subject: RE: [ACFUG Discuss] resetting admin password on CF10 Troy, it Is true that when you add a new CF Admin user, even one with all admin roles allowed, it does NOT give them the security roles, so only that original Admin user can add a new user. No, you say that after running the passwordreset you still can't get in, but did you restart CF? You do need to, as that modified a file that is then read during startup. If you did do a restart, then I would propose something else could be at issue. While the password reset does reset the password for that initial admin user, it is possible (through other manual file modification) to change that username to something else. The following technote discusses it, and though for CF8, the concept should still apply for CF10: http://helpx.adobe.com/coldfusion/kb/coldfusion-8-change-root-administrator.html FWIW, I also discuss that and much more on the multi-user capability for the CF Admin in an article I did for Adobe, listed on my articles page at: http://www.carehart.org/articles/#2009_1 Let us know if any of that helps. /charlie From: ad...@acfug.orgmailto:ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of troy Sent: Monday, November 04, 2013 5:48 PM To: discussion@acfug.orgmailto:discussion@acfug.org Subject: [ACFUG Discuss] resetting admin password on CF10 I have encountered an issue on one of my production CF10 servers. I have created a user for the CF Admin for use outside of the admin user. However, I can no longer log in with the admin user and can not see any of the user manager properties with my new user. I have tried resetting the password with the passwordreset.bat file located in [coldfusionhome]\cfusion\bin and it does not resolve the issue. Does anyone have any tricks on how to reset the admin password? Thank you, Troy Jones Technical Manager Third Wave Digital 1841 Hardeman Ave. Macon, GA 31201 t...@thirdwavedigital.commailto:t...@thirdwavedigital.com www.thirdwavedigital.comhttp://www.thirdwavedigital.com -
[ACFUG Discuss] CFmail issue with CF10
I recently installed developer version of CF10 and set the mail settings same as the developer version of CF9. While CFMail works in CF9, I get the following error in CF10 javax.mail.MessagingException: Could not connect to SMTP host: host address, port: 25; nested exception is: java.net.SocketException: Network is unreachable: connect Note: Removed the host address for security reasons and replaced it with host address Please help Jay Jayaraman - To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -
Re: [ACFUG Discuss] wsconfig - CF 9.0.1 Windows 2008 R2 IIS 7
In terms of security, for CF 9.0.1, do I need to install anything like hotfixes patches? I thought everything was included in the 9.0.1 updates, is that not the case? Can someone point me to link for hotfixes security patches for CF 9.0.1. Thanks, Ajas Mohammed / iUseDropbox(http://db.tt/63Lvone9) http://ajashadi.blogspot.com We cannot become what we need to be, remaining what we are. No matter what, find a way. Because thats what winners do. You can't improve what you don't measure. Quality is never an accident; it is always the result of high intention, sincere effort, intelligent direction and skillful execution; it represents the wise choice of many alternatives. On Tue, Nov 5, 2013 at 12:42 AM, Charlie Arehart char...@carehart.orgwrote: You will continue to see it using jrun_iis6_wildcard. That’s not incorrect (but potentially confusing, yes). /charlie *From:* ad...@acfug.org [mailto:ad...@acfug.org] *On Behalf Of *Ajas Mohammed *Sent:* Tuesday, November 05, 2013 12:01 AM *To:* discussion@acfug.org *Subject:* Re: [ACFUG Discuss] wsconfig - CF 9.0.1 Windows 2008 R2 IIS 7 Again thanks. I think I am guessing that the correct answer to this is 75 because of different application pools. I could be wrong though, like you said better to do practical test and figure out what happens. One thing I found which is weird I have jrun_iis6_wildcard instead of jrun_iis7_wildcard, this is really surprising to me. We had iis6 comparability initially and then removed it and re installed cf 9.0.1 ran connector again for all sites. Thanks, Ajas Mohammed / iUseDropbox(http://db.tt/63Lvone9) http://ajashadi.blogspot.com We cannot become what we need to be, remaining what we are. No matter what, find a way. Because thats what winners do. You can't improve what you don't measure. Quality is never an accident; it is always the result of high intention, sincere effort, intelligent direction and skillful execution; it represents the wise choice of many alternatives. On Mon, Nov 4, 2013 at 11:42 PM, Charlie Arehart char...@carehart.org wrote: Thanks for the kind regards. As for your question, that’s something I’ve always wondered myself. :-) In fact, you will see that on the Adobe blog entry about that maxworkerthreads bug (from a few years ago) that I had asked this question specifically, and I never got an answer. I always wanted to test it, but never got around to it. If you may do some testing determine it, please do let us know. To quote “Dances with Wolves”, I’d consider that a “good trade”. :-) /charlie *From:* ad...@acfug.org [mailto:ad...@acfug.org] *On Behalf Of *Ajas Mohammed *Sent:* Monday, November 04, 2013 10:53 PM *To:* discussion@acfug.org *Subject:* Re: [ACFUG Discuss] wsconfig - CF 9.0.1 Windows 2008 R2 IIS 7 Thank you sir. You are the best!!!. Do you see any issues with these separate folders? Plus what about the whole logic about concurrent requests and IIS bug? In this case without the fix (maxworkerthreads=25) and default worker process (1) and seperate application pools for all sites plus 2nd folder and 3 folder as well, does it mean this 1. 25 default setting for concurrent req (bug) x for all sites and 25 x for 2nd folder and 25 x for 3rd folder = 75 or 2. 25 max requests for all sites , 2nd folder site, 3 folder site = 25 max requests overall Thanks, Ajas Mohammed / - To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink http://www.fusionlink.com - - To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink http://www.fusionlink.com -
Re: [ACFUG Discuss] wsconfig - CF 9.0.1 Windows 2008 R2 IIS 7
Please review the Adobe CF Security bulletins and make sure you're patched. There were some pretty major holes plugged last January. https://www.adobe.com/support/security/?securityadvisoryproduct=%23coldfusionSubmit=Go#coldfusion On Wed, Nov 6, 2013 at 3:35 PM, Ajas Mohammed ajash...@gmail.com wrote: In terms of security, for CF 9.0.1, do I need to install anything like hotfixes patches? I thought everything was included in the 9.0.1 updates, is that not the case? Can someone point me to link for hotfixes security patches for CF 9.0.1. Thanks, Ajas Mohammed / iUseDropbox(http://db.tt/63Lvone9) http://ajashadi.blogspot.com We cannot become what we need to be, remaining what we are. No matter what, find a way. Because thats what winners do. You can't improve what you don't measure. Quality is never an accident; it is always the result of high intention, sincere effort, intelligent direction and skillful execution; it represents the wise choice of many alternatives. On Tue, Nov 5, 2013 at 12:42 AM, Charlie Arehart char...@carehart.orgwrote: You will continue to see it using jrun_iis6_wildcard. That’s not incorrect (but potentially confusing, yes). /charlie *From:* ad...@acfug.org [mailto:ad...@acfug.org] *On Behalf Of *Ajas Mohammed *Sent:* Tuesday, November 05, 2013 12:01 AM *To:* discussion@acfug.org *Subject:* Re: [ACFUG Discuss] wsconfig - CF 9.0.1 Windows 2008 R2 IIS 7 Again thanks. I think I am guessing that the correct answer to this is 75 because of different application pools. I could be wrong though, like you said better to do practical test and figure out what happens. One thing I found which is weird I have jrun_iis6_wildcard instead of jrun_iis7_wildcard, this is really surprising to me. We had iis6 comparability initially and then removed it and re installed cf 9.0.1 ran connector again for all sites. Thanks, Ajas Mohammed / iUseDropbox(http://db.tt/63Lvone9) http://ajashadi.blogspot.com We cannot become what we need to be, remaining what we are. No matter what, find a way. Because thats what winners do. You can't improve what you don't measure. Quality is never an accident; it is always the result of high intention, sincere effort, intelligent direction and skillful execution; it represents the wise choice of many alternatives. On Mon, Nov 4, 2013 at 11:42 PM, Charlie Arehart char...@carehart.org wrote: Thanks for the kind regards. As for your question, that’s something I’ve always wondered myself. :-) In fact, you will see that on the Adobe blog entry about that maxworkerthreads bug (from a few years ago) that I had asked this question specifically, and I never got an answer. I always wanted to test it, but never got around to it. If you may do some testing determine it, please do let us know. To quote “Dances with Wolves”, I’d consider that a “good trade”. :-) /charlie *From:* ad...@acfug.org [mailto:ad...@acfug.org] *On Behalf Of *Ajas Mohammed *Sent:* Monday, November 04, 2013 10:53 PM *To:* discussion@acfug.org *Subject:* Re: [ACFUG Discuss] wsconfig - CF 9.0.1 Windows 2008 R2 IIS 7 Thank you sir. You are the best!!!. Do you see any issues with these separate folders? Plus what about the whole logic about concurrent requests and IIS bug? In this case without the fix (maxworkerthreads=25) and default worker process (1) and seperate application pools for all sites plus 2nd folder and 3 folder as well, does it mean this 1. 25 default setting for concurrent req (bug) x for all sites and 25 x for 2nd folder and 25 x for 3rd folder = 75 or 2. 25 max requests for all sites , 2nd folder site, 3 folder site = 25 max requests overall Thanks, Ajas Mohammed / - To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink http://www.fusionlink.com - - To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink http://www.fusionlink.com - -- Dawn
RE: [ACFUG Discuss] wsconfig - CF 9.0.1 Windows 2008 R2 IIS 7
Wow, Ajas, the answer is that it's ABSOLUTELY NOT the case. When you get ANY release of CF, it DOES NOT come with all the updates. And as for 9.0.1 specifically, there were 4 CHFs and many individual security fixes since it was released. The same is true for all releases. FWIW, I addressed this issue you're raising in a 2010 blog entry (with more detail): CFMyths: When I download CF to install it from scratch, it has the latest fixes/updaters http://www.carehart.org/blog/client/index.cfm/2010/12/11/cfmyths_latest_inst aller_includes_all_updates I do mention there where you can find the CHFs: http://helpx.adobe.com/coldfusion/kb/hot-fixes-coldfusion-9.html. Of course, do be careful applying them, as things can break. I discuss that at length here: CF911: Are you finding CF (or CF Admin) busted after applying a hotfix? A few possible reasons http://www.carehart.org/blog/client/index.cfm/2011/10/21/why_chfs_may_break There is some good news for you, though, Ajas: if you do apply CF 9.0.1 CHF4, you will get all the individual, cumulative, AND security hotfixes at once. That latter point is new in CF 901 CHF4, in that it includes security updates. Previously, CHFs only included the previous hotfixes, not security updates. I realize that may sound great, but it can be a blessing and a curse. For many people, when they apply all security updates, they find that things do break. I discussed that as part of another entry: CF911: New Adobe document about #ColdFusion security hotfixes: required reading, I'd say http://www.carehart.org/blog/client/index.cfm/2013/5/21/new_adobe_summary_of _security_hotfix_tweaks I do realize that many folks, especially who don't spend much time in all this stuff, can easily misunderstand things, which is of course why I write the things I do, and in the depth I do. Finally, with all due (and sincere) respect to Ajas, when someone of his experience, so otherwise knowledgeable in the ways of CF administration (judging from his emails here and elsewhere) asks such a question, we really do have to shudder to think what the average developer/admin is assuming :-( I guess that's partly why I'm so busy in my CF server troubleshooting! But as you guys here see, I try (and try) to point out resources to help people avoid such problems and misconceptions.at least for those with the temerity to read more than a paragraph! :-) Fortunately Ajas has always been up to the challenge, so I trust both that he will have read to this point, and that he will take the information to hear (and accept my comment of the last paragraph in the spirit intended). More than that, I trust that he will now help others who may ever raise this same question. Hope others may get a chance to do the same. We're all in this together. :-) /charlie From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Ajas Mohammed Sent: Wednesday, November 06, 2013 3:35 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] wsconfig - CF 9.0.1 Windows 2008 R2 IIS 7 In terms of security, for CF 9.0.1, do I need to install anything like hotfixes patches? I thought everything was included in the 9.0.1 updates, is that not the case? Can someone point me to link for hotfixes security patches for CF 9.0.1. Thanks, Ajas Mohammed / - To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -
RE: [ACFUG Discuss] wsconfig - CF 9.0.1 Windows 2008 R2 IIS 7
Thanks again, I kind of knew I was asking for trouble with that question. :=) I totally understand what you are referring to, in fact, I would take it as part complement, when you refer to my posts. I wouldnt take offense to your email, I have learned a lot from Esp Your emails. I might have missed obvious but my main concern was if the last hot fix was cumulative or not. I could not confirm it via adobe site earlier, maybe I was rushing through it. Your comments make sense. Thanks again, On Nov 6, 2013 9:47 PM, Charlie Arehart char...@carehart.org wrote: Wow, Ajas, the answer is that it’s ABSOLUTELY NOT “the case”. When you get ANY release of CF, it DOES NOT come with “all the updates”. And as for 9.0.1 specifically, there were 4 CHFs and many individual security fixes since it was released. The same is true for all releases. FWIW, I addressed this issue you’re raising in a 2010 blog entry (with more detail): “CFMyths: When I download CF to install it from scratch, it has the latest fixes/updaters http://www.carehart.org/blog/client/index.cfm/2010/12/11/cfmyths_latest_installer_includes_all_updates I do mention there where you can find the CHFs: http://helpx.adobe.com/coldfusion/kb/hot-fixes-coldfusion-9.html. Of course, do be careful applying them, as things can break. I discuss that at length here: “CF911: Are you finding CF (or CF Admin) busted after applying a hotfix? A few possible reasons” http://www.carehart.org/blog/client/index.cfm/2011/10/21/why_chfs_may_break There is some good news for you, though, Ajas: if you do apply CF 9.0.1 CHF4, you will get all the individual, cumulative, AND security hotfixes at once. That latter point is new in CF 901 CHF4, in that it includes security updates. Previously, CHFs only included the previous hotfixes, not security updates. I realize that may sound great, but it can be a blessing and a curse. For many people, when they apply all security updates, they find that things do break. I discussed that as part of another entry: “CF911: New Adobe document about #ColdFusion security hotfixes: required reading, I'd say” http://www.carehart.org/blog/client/index.cfm/2013/5/21/new_adobe_summary_of_security_hotfix_tweaks I do realize that many folks, especially who don’t spend much time in all this stuff, can easily misunderstand things, which is of course why I write the things I do, and in the depth I do. Finally, with all due (and sincere) respect to Ajas, when someone of his experience, so otherwise knowledgeable in the ways of CF administration (judging from his emails here and elsewhere) asks such a question, we really do have to shudder to think what the average developer/admin is assuming :-( I guess that’s partly why I’m so busy in my CF server troubleshooting! But as you guys here see, I try (and try) to point out resources to help people avoid such problems and misconceptions…at least for those with the temerity to read more than a paragraph! :-) Fortunately Ajas has always been up to the challenge, so I trust both that he will have read to this point, and that he will take the information to hear (and accept my comment of the last paragraph in the spirit intended). More than that, I trust that he will now help others who may ever raise this same question. Hope others may get a chance to do the same. We’re all in this together. :-) /charlie *From:* ad...@acfug.org [mailto:ad...@acfug.org] *On Behalf Of *Ajas Mohammed *Sent:* Wednesday, November 06, 2013 3:35 PM *To:* discussion@acfug.org *Subject:* Re: [ACFUG Discuss] wsconfig - CF 9.0.1 Windows 2008 R2 IIS 7 In terms of security, for CF 9.0.1, do I need to install anything like hotfixes patches? I thought everything was included in the 9.0.1 updates, is that not the case? Can someone point me to link for hotfixes security patches for CF 9.0.1. Thanks, Ajas Mohammed / - To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink http://www.fusionlink.com -
