Solved

Using Exceed to hit Solaris 10 server

Posted on 2012-04-02
8
670 Views
Last Modified: 2012-06-27
Hello,

I've been reading all the posts about using Exceed but none have been helpful so far. I see "some" of my servers in Exceed but not others, which have been set up the exact same way (in theory, probably in practice) using a "canned" install not of my own creation. These servers have been locked down for security in exactly the same way but still some are visible and some aren't. I've tweaked about every display, xserver, whatever, setting in the servers that I cannot see on the Exceed broadcast window, and no joy. I've compared whatever settings I can think of on the servers that do display, with the servers that don't display, and don't see anything different. Oh, and my users definitely need the graphical display and not just command line. Something arcane that I'm missing? Thanks --

Christine
0
Comment
Question by:Spelevink
  • 3
  • 3
  • 2
8 Comments
 
LVL 39

Expert Comment

by:noci
Comment Utility
You don't tell how you access the various application servers, XDMCP chooser maybe? Another way can be using ssh to get to a system and then run a session manager on the system from there, or run applications with dedicated display from a service manager on the systems itself.

In the XDMCP case, are all systems on one broadcast domain { Ethernet [V]LAN }, or is there a well known XDMCP server that acts as a proxy ? is this proxy known to the users? is XDMCP configured correctly?
[ I have no recent knowledge of Sun, but above questions spring to mind  ]
0
 
LVL 38

Expert Comment

by:yuzh
Comment Utility
>>I see "some" of my servers in Exceed but not others, which have been set up the exact same way (in theory, probably in practice) using a "canned" install not of my own creation.

Are these servers in the same subnetas the PC?
 the servers visible to the PC with exceed installed are likely in the same subnet as the PC.

If you need more help, please let us know what are you trying to achieve.  BTW, I'm haveing trouble with the updated EE site, I'll try to help you when possible, hopefully other experts can give you a hand.
0
 

Author Comment

by:Spelevink
Comment Utility
Hi,

I have tried to use XDMCP chooser from the login window with varying results. (And I'm only able to get to the XDMCP chooser selection from the login screen on the actual server console window.) Some I am able to log in to. Some hang at "Sun Xserver version 1.6.6" and in a few minutes return to the global login screen. Some only show the global but not its zones at all in the XDMCP chooser window. All the servers are on one subnet but no XDMCP server proxy. XDMCP configured properly would be something i'd need help with although I can say that I've run gdmsetup and ensured that the Enable XDMCP and Honour Indirect Requests boxes are checked. I have copied off the "locked-down" hosts.allow and hosts.deny and created blank ones but that evidently is not the problem either. I have compared the "standard" /etc/X11/gdm/gdm.conf with the altered "locked down" gdm.conf and can't find anything obvious, and again, some of the servers I can see in Exceed but most I cannot. I have ensured that any services needed are online.

My PC is on a different subnet from all of the servers, but I can see some of the servers with Exceed Broadcast (only way I'm able to ssh into the other servers from my desk). Supposedly the load is exactly the same, and the lockdown script is exactly the same, so I can't figure out why I can see those three (globals) but not their zones, and can't see the other eight globals or their zones.

Very frustrating!
0
 
LVL 38

Expert Comment

by:yuzh
Comment Utility
Are you trying to login as root ot as a normal user?

By default, Solaris does not allow remote login as root, check the /etc/default/login
file to find out.

# If CONSOLE is set, root can only login on that device.
# Comment this line out to allow remote login by root.
#
# CONSOLE=/dev/console

I would prefer allow secoure sell (ssh root) login instead.

If you are trying to login as a normal user.  login to the remote machine, check the
/var/adm/messagess to see if any error messages.

eg, you might have problem with NFS mount, eg problem with mounting your home dir from the NFS server etc.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 39

Expert Comment

by:noci
Comment Utility
xdmcp broadcast will not work when you are on different subnets period. (that only works on one LAN segment).
xdmcp indirect or xdmcp direct can work. Direct because you address the server self, indirect because you ask a server to send a broadcast on it's LAN on behalf of you.  for queries to work the xdm needs to listen for broadcasts [ sent by system on it's LAN ].

ssh is a different method to access systems, this has nothing to do with XDM, you just run your local X-display server, then connect using ssh -X to some host [ which will transport the X protocol through an encrypted tunnel ], and you can tell the remote system to start some X session, f.e. using xinit or xstart, or startx whatever command can be used to start X from a native command line.
0
 

Accepted Solution

by:
Spelevink earned 0 total points
Comment Utility
Hi,

Well, I found out what happened. Turns out that the /etc/ipf.conf file had block on and block off statements disabling port 177 through the network adapter. So I had to edit the ipf.conf to comment out those commands, and checked /network/ipfilter service which was online, so I disabled it. Bingo! Thanks for all your replies, I am good to go now.
0
 
LVL 38

Expert Comment

by:yuzh
Comment Utility
Hi  Spelevink,

    Good to know to find the problem, alway check your firewall(ipfilter etc) settings for when you have problem with network application.

    It is a good idea to have some docs about your servers configurations.

    Enjoy the holidays to all of you!
0
 

Author Closing Comment

by:Spelevink
Comment Utility
I accepted my own comment because that was what worked in my situation. Even though all the responders gave good and pertinent answers, it just so happened that I found out the answer myself.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Help stop mail server from sending spam. 27 117
llcommand 6 75
Ubuntu install gnome-session-fallback is failing 4 88
Oracle Finace 3 42
Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
Installing FreeBSD… FreeBSD is a darling of an operating system. The stability and usability make it a clear choice for servers and desktops (for the cunning). Savvy?  The Ports collection makes available every popular FOSS application and packag…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now