Problems running Lucee 4.5 with domain account

[David Eurenius]

Hi

Could someone please give me pointers on how to configure Lucee correctly to be able to run it with a domain account.

Setup:

Windows Server 2012 R2

IIS 8

Lucee 4.5 final

mod_cfml valve enabled

Everything runs great when Lucee/tomcat runs with the system account. Site is served and working.

However when Lucee is configured with the Logon option in the Lucee Server Properties the service seem to start (no errors in the tomcat/logs)

but when accessing the site it's not shown, (just white page), there are no IIS error messages on screen.

Accessing the server interface on http://127.0.0.1:8888/lucee/admin/server.cfm works... I think this means that tomcat is working and serving pages.

We configured the domain account to be part of the "Logon as a Service"

Is there anyone that have successfully run Lucee with a AD domain account, if so how did you do it.

Thanks in advance

[Julian Halliwell]

Hi David

Have you given the account adequate permissions? I'm using a local
account rather than AD, but found it needed access to the Railo/Lucee
installation directory as well as the webroot, plus the JRE if that's
in a separate location.

Julian.

[David Eurenius]

Hi Julian,

Yes, I think so, I granted the user Modify permissions on the Lucee directory, webroot.

The JRE is the default one under Lucee.

Do I have to configure the application pool with the same username?

--David

[Julian Halliwell]

No, I use a separate read-only account for IIS app pools.

[Jay B]

This is the same issue I'm seeing. Same set up.

Created a user Lucee@domain which has read & execute, List contents & read perms to both c:\Lucee & wwwroot\mywebsite

Server & web Admin work fine (while logged on locally via rdp), site itself serves blank pages, no errors. Lucee Service, IIS & server itself have been restarted.

[Jordan Michaels]

Check the BonCode Connector logs to see if it can provide any clues as
to what might be preventing a proper response from Tomcat.

Warm Regards,
Jordan Michaels

On 04/29/2015 04:37 PM, Jay B wrote:
> This is the same issue I'm seeing. Same set up.
>
> Created a user Lucee@domain which has read & execute, List contents &
> read perms to both c:\Lucee & wwwroot\mywebsite
>
> Server & web Admin work fine (while logged on locally via rdp), site
> itself serves blank pages, no errors. Lucee Service, IIS & server itself
> have been restarted.
>
>
> On Wednesday, April 29, 2015 at 2:11:21 AM UTC-6, David Eurenius wrote:
>
> Hi
>
> Could someone please give me pointers on how to configure Lucee
> correctly to be able to run it with a domain account.
>

> *_Setup:_*
> *Windows Server 2012 R2*
> *IIS 8*
> *Lucee 4.5 final*
> *mod_cfml valve enabled*

>
> Everything runs great when Lucee/tomcat runs with the system
> account. Site is served and working.
>
> However when Lucee is configured with the Logon option in the Lucee

> Server Properties the service seem to start /(no errors in the
> tomcat/logs)/
> but when accessing the site it's not shown, /(just white page)/,

> there are no IIS error messages on screen.
>
> Accessing the server interface on
> http://127.0.0.1:8888/lucee/admin/server.cfm

> <http://127.0.0.1:8888/lucee/admin/server.cfm> works... /I think
> this means that tomcat is working and serving pages./

>
> We configured the domain account to be part of the "Logon as a Service"
>
> Is there anyone that have successfully run Lucee with a AD domain
> account, if so how did you do it.
>
> Thanks in advance
>

> --
> You received this message because you are subscribed to the Google
> Groups "Lucee" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to lucee+un...@googlegroups.com
> <mailto:lucee+un...@googlegroups.com>.
> To post to this group, send email to lu...@googlegroups.com
> <mailto:lu...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/lucee/e88ed199-1783-4a5b-975b-7e66dc2ad117%40googlegroups.com
> <https://groups.google.com/d/msgid/lucee/e88ed199-1783-4a5b-975b-7e66dc2ad117%40googlegroups.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout.

[Jay B]

Where would they be? I searched entire drive & have no boncode*.log

[Jordan Michaels]

The log file name and location is configured in the
BonCodeAJP13.settings file. Documentation on how to configure it is here:

http://boncode.net/connector/webdocs/Tomcat_Connector.htm#_Toc417043542

Warm Regards,
Jordan Michaels

On 04/29/2015 04:50 PM, Jay B wrote:
> Where would they be? I searched entire drive & have no boncode*.log
>

> --
> You received this message because you are subscribed to the Google
> Groups "Lucee" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to lucee+un...@googlegroups.com
> <mailto:lucee+un...@googlegroups.com>.
> To post to this group, send email to lu...@googlegroups.com
> <mailto:lu...@googlegroups.com>.
> To view this discussion on the web visit

> https://groups.google.com/d/msgid/lucee/5d85486c-a3b2-4cc0-8af7-b5a69a308ebe%40googlegroups.com
> <https://groups.google.com/d/msgid/lucee/5d85486c-a3b2-4cc0-8af7-b5a69a308ebe%40googlegroups.com?utm_medium=email&utm_source=footer>.

[Jay B]

Thanks Jordan...I looked at the settings file.

Log file is pointed at c:\temp (which seems odd but I didn't change it after the install) There is no file there.

I re-pointed it to a new folder c:\lucee\logs (just in case) and retarted everything. No file was generated.

I noticed the log level was set to 0 (again, was default) so I set it to 2 & restarted everything, but again, no log file.

[Jay B]

Well.. no log file but I figured out my problem at least.

the domain user needs Modify permissions on the Lucee folder. I'd only given it read, execute & list. my wwwroot only has read execute & list and that seems fine although If I want to write anything via cffile I'd have to add modify.