serverfault.com

We recently migrated around 250 VMs using VMware's cross vcenter migration, to a new set of hardware. Its been around 3 months since we completed the migration. Following is our current situation: 120+ Linux based VMs which were migrated - None of them reported any issues. Active directory replication failure, due to DB corruption - was the first event that disturbed us - this was reported just a week after migration. The Domain controllers had to be restored in the old hardware for it to be functional again. After a month after completion of migration, we planned to patch the windows servers with monthly security patches. The patches failed in most of the Windows server 2016s. Only handful of servers were patched successfully. When we tried to dig deeper with the help of MS support - we found there were different OS related issues with different servers - some has registry corruption, some had WinSxS manifest corruption, some had metadata cor

I have a Raspberry Pi 5 with the smarthomeNG image from GitHub, and set up an NGINX reverse proxy to run the Alexa plugin. The connection using HTTP and port 80 works, and the certificates are up-to-date and valid. However, accessing it using port 443 results in a 403 error. I set the appropriate permissions for the directories where the visualization software is running and followed every suggestion I could find here or via Google, but nothing seems to help. Perhaps someone here has an idea. My configuration is attached. ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as re

Azure AI Foundry resources seem like a superset of Azure OpenAI resources as an Azure OpenAI resource may only contain OpenAI models while Azure AI Foundry may contain OpenAI models or some non-OpenAI models such as Grok, Kimi or Qwen. I feel I may have missed something. What are the practical advantages of provisioning an Azure OpenAI resource instead of an Azure AI Foundry resource?

Normal Nano interface: My error: There are all dependencies from ldd /usr/bin/nano output in chroot jail: tree lib lib64 lib `-- x86_64-linux-gnu |-- libacl.so.1 |-- libc.so.6 |-- libgcc_s.so.1 |-- libm.so.6 |-- libncursesw.so.6 |-- libpcre2-8.so.0 |-- libselinux.so.1 `-- libtinfo.so.6 lib64 `-- ld-linux-x86-64.so.2 ldd /usr/bin/nano linux-vdso.so.1 (0x00007fde71536000) libncursesw.so.6 => /lib/x86_64-linux-gnu/libncursesw.so.6 (0x00007fde714ad000) libtinfo.so.6 => /lib/x86_64-linux-gnu/libtinfo.so.6 (0x00007fde7147a000) libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fde7129800

Recently i was working with AWS firewall and i had a problem bypassing the whole firewall, the configuration is: stateless group: rule_1 : if the destination is <work_load_subnet> -> pass rule_2 : in case any tcp traffic -> forward to stateful group default action for non matching traffic is drop stateful group: domain whitelisting: allow connection only to *.google.com default action for non matching packets: drop established now as i understand if i tried to access something like facebook.com the flow would be like this: facebook.com doesn't match the first rule so it will be processed by second one. facebook.com is tcp traffic so it will be processed by second rule and forwarded to domain whitelisting stateful group facebook.com is not whitelisted so it will be block that's doesn't happen at all, all connection to any where are working HOW??? i know how to solve that but i don't know how is that working

I've already asked about this on stackoverflow, but was advised to put the question here. I’m trying to submit my domain for the HSTS preload list, but I’m seeing some strange behavior during the submission process. The preload form reports that the HTTP → HTTPS redirect does not include an HSTS header. When I test this with curl, I can confirm that the HTTP response indeed does not include the HSTS header. The HTTPS response does include it correctly, so the only response missing the header is the initial HTTP request. To rule this out, I updated the server configuration to also send the HSTS header on th

Environment: OS: Debian 13 (Trixie) Java: OpenJDK 11.0.24 Database: PostgreSQL 17 (Manual login verified) Server: Tomcat 9.0.98 (Manual install in /opt/tomcat) The Issue: Tomcat starts, but the application context is destroyed immediately. The localhost.log reveals over 60 Guice initialization errors. The primary crash is a NullPointerException because the injector is null. Key Error Snippet: Plaintext No implementation for java.lang.Integer annotated with @Named(value="role.orgadmin.id") was bound. while locating java.lang.Integer annotated with @Named(value="role.orgadmin.id") for the 16th parameter of com.hmdm.persistence.UnsecureDAO.(UnsecureDAO.java:100) ... No implementation for java.lang.String annotated with @Named(value="JDBC.driver") was bound. ... No implementation for java.lang.String annotated with @Named(value="smtp.port") was bound. Configuration Det

In one of the servers with some inspection of configs the service rpc-gssd fails to start. System is Ubuntu 24.04.3 that has nfs-kernel server installed with currently no shares. The configs are: /etc/nfs.conf [general] pipefs-directory=/run/rpc_pipefs [gssd] keytab-file=/etc/krb5.keytab preferred-realm=REALM.COM [mountd] manage-gids=y [svcgssd] principal=nfs/[email protected] verbosity=2 /etc/idmapd.conf [General] Verbosity = 0 # set your own domain here, if it differs from FQDN minus hostname Domain = domain.com [Mapping] Nobody-User = nobody Nobody-Group = nogroup Kerberos is based on Samba AD domain and is generated with user to spn e.g. nfs/domain.com. In logs I get: 2026-02-05T20:59:24.806708+02:00 server01 systemd[1]: Starting rpc-gssd.service - RPC security service for NFS client and server... 2026-02-05T20:59:24.809736+02:00 server01 rpc.gssd[364248]: ERROR: failed to parse nfs/clnt0/info 2026-02-05T20:59:

I have an Ansible task with an an API call and response. Currently it takes one server from the inventory and passes it to API. The API accepts a limit of five calls in series in 300 seconds. When the limit is exceeded, the call fails with the message "API limit reached. Only 5 calls per 300 seconds." The API can handle 50 servers in a single call. Ex : server name: ["svr1", "svr2".."svr50"] I know there is a serial key in Ansible in which we can process five servers at a time. But I don't want to wait for that call to finish all the task then wait for next batch. Since the API handles 50 servers at a time, I want to send as much possible server in bulk for that API call task. The remaining tasks can run serially. Kindly suggest me good way to archive this. My current YML Task 1: Call A uri: https://xyz body: server_names: {{ hostname }} Task 2: register th

Currently trying to migrate an Atlas Mongo DB (hosted on Azure with PrivateLink) to Azure DocumentDB. I first tried it with CosmosDB for Mongo RU and could use the Azure Database Migration Service. It was dead slow plus I got an error so I wanted to try out the vCore model or much rather the new DocumentDB offering which should be pretty much vanilla MongoDB and be compatible with Atlas MongoDB. But Azure Database Migration Service does not let me choose my CosmosDB (DocumentDB) as a Target. Its not in the list. I made it publicly available plus for all Azure Services. I specified the username and password. This is my target Connection String: mongodb+srv://dsdsdsdsdsds:xxxxxxxxxxxx@cdcdcdcd-documentdb.global.mongocluster.cosmos.azure.com/?tls=true&authMechanism=SCRAM-SHA-256&retrywrites=false&maxIdleTimeMS=120000 I tried the ConnectionString method but get the following error: { "resourceId":&qu