Topic: I-Bay Noob question

[Cyrus Bharda]

Howdy all!

Well I finnally went and made an i-bay today, but I cannot get it working the way I want it to, read the manual but that didnt really help much and I have tryed all the settings and cannot get this outcome:

made an i-bay that:
1. Only accessable from local network with no password

I set it to this but it didnt work, I only got a 403 forbidden error, not even a prompt!

2. FTP accessable but only from inetnal network

I thought I set this too, but I dont know how to get access to it, in the manul it says to logon using the i-bay name as a username, but when I did, there were no files there, and I put files there via moving some around in ssh/midnight commander?

So I am confused, what I thought was really simple turns out not very for me, anyone feeling like helpin out this noob please?

Cyrus Bharda

[Ray Mitchell]

Cyrus
It is really simple.
I think these are the answers you need.

Did you setup ftp access in server manager remote access ?

FTP user account access - Private
FTP access limits - Disable Public ftp access
(which probably suit your needs)

and did you set the ibay to Private no password ?


If you access the ibay using http://www.servername/ibayname
or
http://serverIP/ibayname

you will get the default index page which says something like
SME server, This information bay has not yet been customized.

If you put the files into /ibay/html, and you delete or remove the original index.html, then you can access
http://www.servername/ibayname
you will get a list of the files and folders.

If you want to instal the Indexer program (index.php) or ModIndexer you can enhance the way the files are listed. (see myezserver)


To use ftp access, you need to put your files in the /ibay/files folder.

ftp://ibayname@ftp.yourdomain.com/

and you should get the login screen (if password set on ibay) and then enter ibayname and password you set for it,
otherwise you just get the file listing.
Note that if the files are not in /ibay/files folder you will just see a blank browser screen.

You need to decide which way (www or ftp) you want to access the folders/files and then that determines which folder (files or html) to put the files into.

Hope this helps
Regards
Ray Mitchell

[Cyrus Bharda]

Ok well Ftp is/was set excatly as above:

FTP user account access - Private
FTP access limits - Disable Public ftp access

and here is my ibay settings:


Information bay name  intranet    
 
Description   Intranet

Group   Everyone

User access via file sharing or user ftp   Write = group, Read = everyone

Public access via web or anonymous ftp   Local network (no password required)

Execution of dynamic content (CGI, PHP, SSI):   disabled

but still when I goto http://192.186.0.1/intranet or http://esmith/intranet or http://www.domain.com/intranet I get 403 forbidded error?

What do I do now?
Thanks for your help!

Cyrus Bharda

[Cyrus Bharda]

Ok even more confusing if I goto:

\esmith\intranet\html\index.htm

My pages open up fine, but not when I try to open them via:

http://esmith/intranet/index.htm
http://192.168.0.1/intranet/index.htm


And I just realised that I cannot open it up via:

http://www.langs.net.au/intranet

because I have that setup in my hostnames to point to our isp hosted site.

Cyrus Bharda

[Ray Mitchell]

Does ftp access to a user home folder work
ie
ftp://username@ftp.yourdomain.com

(for a valid user account)

If not then your ftp setup or ftp server must not be working ??

Regards
Ray Mitchell

[Ray Mitchell]

> but still when I goto http://192.186.0.1/intranet or
> http://esmith/intranet or http://www.domain.com/intranet I
> get 403 forbidded error?

I think you said that all these are being hosted externally, so your http access will not get you to your local sme, but to the external host server !!

You cannot have the same site pointing to 2 different places.
See my reply at
http://forums.contribs.org/index.php?topic=6842.msg24644#msg24644

Regards
Ray Mitchell

[Kelvin]

>> but still when I goto http://192.186.0.1/intranet or
>> http://esmith/intranet or http://www.domain.com/intranet I
>> get 403 forbidded error?

>You cannot have the same site pointing to 2 different places.

OK. There's a mix-up here.

1st, you are not really hosting your own DNS. Your DNS entries are hosted by either your Domain / Web / ISP host or DynDNS or Zoneedit etc. but *not* you. Therefore DNS is only at one place. LAN workstations look to SME for DNS lookups. SME by default recognises mydomain.com as itself and does not need to look up to root servers for name resolution, hence the need to specifically point the www hostname to your ISP hosted site.

If your domain name is hosted by your ISP, then they usually point www to the ISP hosted web site by default. Therefore anyone anywhere looking for www.mydomain.com sees the the ISP hosted site. If hostnames and addresses in SME is set to point to the ISP hosted site, then LAN users will also get there *if* they use www.mydomain.com. Note : this includes *anything* beginning with www.mydomain.com (ie. www.mydomain.com/intranet etc.).

So DNS is only at one location, the Domain / Web Host / ISP. Your SME DNS does not count as it only affects local users which will needs to be treated differently. How you set the MX records of your domain depends on the services available to you from your DNS hosting provider. Most places, I just setup the Primary MX to point to your SME server (note : DNS is still at one place, MXs don't count - don't confuse the 2) and if the service is available, the Backup MX as the domain name host's mail server.

That said, if you use mydomain.com/intranet on the LAN instead (note : no www in front of mydomain.com) then you are only referring to the SME server only as the SME server's DNS recognises mydomain.com as your local domain. People outsite your LAN have no access to mydomain.com/intranet as that points to nothing.

Using http://mydomain.com/intranet
or http://smeserver/intranet

from LAN statiosn does work. I've just tested it to confirm.

Kelvin

[Cyrus Bharda]

OK so because my domain is langs.net.au then once I have created the i-bay with the settings (see above) then I should be able to access it at:

http://langs.net.au/intranet

OR at

http://192.168.0.1/intranet

as this is the internal ip for the SME so no dns

right, well wrong I get this when I try those:

You are not authorized to view this page
You might not have permission to view this directory or page using the credentials you supplied.

--------------------------------------------------------------------------------

If you believe you should be able to view this directory or page, please try to contact the Web site by using any e-mail address or phone number that may be listed on the langs.net.au home page.

You can click  Search to look for information on the Internet.




HTTP Error 403 - Forbidden
Internet Explorer

[Ray Mitchell]

Are you logged on to the win workstation as a user who has a valid account in the sme server ?

and
What access rights do you have set for that ibay, usually you would set Write-Group Read=Group, and the user needs to be a member of that group.


Regards
Ray Mitchell

[Cyrus Bharda]

Yes logged into the windows 2000 pro workstation as a user that does exist on the SME.

Ibay settings:

Information bay name: intranet
Description: Intranet
Group: Everyone
User access via file sharing or user ftp: Write = group, Read = everyone
Public access via web or anonymous ftp: Local network (no password required)
Execution of dynamic content (CGI, PHP, SSI): disabled

but even if I change the user access to Write = group, Read = group it still does not work?  Does the Everyone group not work?

Thanks again!

Cyrus Bharda

[Ray Mitchell]

Can you access the intranet folder via windows explorer network neighbourhood servername, ie can you actually copy a file to the intranet\files or intranet\html  folder.

Is your w2K PC a member of the sme domain and get logon password authentication from the sme server, or do you just have w2K set with different users and passwords which are (should be) identical to those on the sme server.

What are the settings in server manager, review configuration server names and domain information ?

And from a previous post
Does ftp access to a user home folder work
ie
ftp://username@ftp.yourdomain.com

(for a valid user account)

If not then your ftp setup or ftp server must not be working ??


Regards
Ray Mitchell

[Cyrus Bharda]

>Can you access the intranet folder via windows explorer network neighbourhood
>servername, ie can you actually copy a file to the intranet\files or intranet\html
>folder.

Yes.

>Is your w2K PC a member of the sme domain

Yes.

>and get logon password authentication from the sme server,

No

>or do you just have w2K set with different users and passwords which are
>(should be) identical to those on the sme server.

Yes, basically we have a windows 2000 server as the PDC and it runs dns, dhcp. etc etc, and all the SME does is act as a gateway/firewall/email server.

>What are the settings in server manager, review configuration server names and >domain information ?

Review configuration
Networking Parameters
Server Mode servergateway
Local IP address / subnet mask 192.168.0.1/255.255.255.0
External IP address / subnet mask 203.22.141.171/255.255.255.0
Gateway xxx.xxx.xxx.xxx ***** Changed to protect my ISP
Additional local networks No additional networks defined
DHCP server disabled
Server names
DNS server  
Web server wwwlangs.net.au
Proxy server proxy.langs.net.au:3128  ***** This is wrong btw, its on port 8080?
FTP server ftp.langs.net.au
SMTP, POP, and IMAP mail servers mail.langs.net.au
Domain information
Primary domain langs.net.au
Virtual domains No virtual domains defined
Primary web site http://www.langs.net.au
Mitel Networks SME Server manager http://esmith/server-manager/
Mitel Networks SME Server user password panel http://esmith/user-password/
Email Addresses useraccount@langs.net.au
firstname.lastname@langs.net.au
firstname_lastname@langs.net.au

>And from a previous post
>Does ftp access to a user home folder work
>ie ftp://username@ftp.yourdomain.com
>

No. I have the address ftp.langs.net.au as an entry in the hostnames and addresses so that we can upload our changes to our externally hosted website, as well as www.langs.net.au so that the SME wont grab these when we try to look at our site, which is not hosted on the SME.

Current list of hostnames for langs.net.au.  
Hostname - Visibility - Location - Local IP - Global IP - Ethernet address      

esmith.langs.net.au - Local - Self          
ftp.langs.net.au - Local - Remote - 203.63.219.194
mail.langs.net.au - Local - Self
proxy.langs.net.au - Local - Self
wpad.langs.net.au - Local - Self
www.langs.net.au - Local - Remote - 203.63.219.194

BUT when i try this:

ftp://username@esmith.langs.net.au

it works fine?

So where do we go from here?

Thanks again for all the help, muchly appreciated!

Cyrus Bharda

[Kelvin]

Cyrus,

What is the fully qualified domain name registered on your W2K server ?

Are your workstations pointing to the W2K Server for DNS or SME ?

Kelvin

[Cyrus Bharda]

Now your pushing your luck

I have no Idea of what is or where to find out the "fully qualified domain name registered on your W2K server"

But I do have the w2k server as primary dns and SME as secondary dns in the dhcp settings.

Also I have setup a forward lookup zone in the w2k Active Directory dns settings to point to the SME box.

Anything else?

Thanks Ray and Kevin for helping me out, but this is getting way out of hand, it doesnt work, and probably never will!

It will just be easier to setup another SME box just to serve this little intranet, then I know it is seperated from the outside world, now gotta find and old box sitting around

Cyrus Bharda

[Ray Mitchell]

I'm not sure if this may be your problem, but what are your settings in MS Internet Explorer in Tools, Internet Options, Connections, LAN settings (button), Proxy server.

Should point to the IP of the sme server and port 3128

Regards
Ray Mitchell