Monday, November 25, 2024

2024-11-25 - Active Directory 5.1 - Creating VirtualBox Windows Server 2025 trial for Active Directory on personal laptop for practice

    Okay, so I hit a point where I realized there's simply not enough class-time left for me to do all of the tickets Doug had created for Active Directory, so I asked him a week or so ago if I could create a VPN to access the school server from home so I can just continue doing the Active Directory tickets from home since class time is now so limited for how much time and classes I would need to actually do all of the thirty or so tickets. Doug said no because of the way it's set up, the school has made it so no VPN could be used. But he had another solution. Install a hypervisor like VirtualBox on a home computer or on my laptop, install Active Directory there, he can email me all the tickets and I can do them to my hearts content regardless of available class time. 

    I installed VirtualBox. 


Then I went to https://info.microsoft.com/ww-landing-evaluate-windows-server-2025.html?lcid=en-us&culture=en-us&country=us in order to download an ISO and didn't like the idea of registering or any of that stuff. I asked Doug if there was just a way to download it without being identified and just having the watermark in the corner of the screen so-to-speak so I can get this done. I mean, that's what the one I installed on Proxmox a few weeks back has. He informed me that it will have to be reinstalled after 6 months because it will just stop working. I asked if there was any way around this since I am only using it for practice to make myself more hirable and I have no desire to pay the forbidding amount of money a license would require and he said no. That is what we have to do every 6 months and I was like, BYU is using non-licensed copies of Windows Server? No, he said, they pay the licenses since they can afford it. But here, for class, for doing practice tickets on project day, we reinstall everything once every 6 months. And then he said there was a way to download the ISO without registering and it just takes some searching to find it. 

    Finally, he clicked on the URL:
https://info.microsoft.com/ww-landing-evaluate-windows-server-2025.html?lcid=en-us&culture=en-us&country=us 

and adjusted it to:

https://www.microsoft.com/en-us/evalcenter/download-windows-server-2025

which google will not lead you to if you query "download windows server iso", Microsoft wants you to fill out their thing so you type in this last version of the URL and get the site.  

    Doug thought it was cool the 2025 version was out for evaluation, and he hasn't seen it yet so he was a little excited to see it. 

    K, so I I was going to try to install VB on my D partition since the C partition is almost full but VB didn't like being installed on anything other than the C drive in the file path it gives by default, so I had the idea of creating an NTFS file mount so it looked like it was on C but located on D. Then Doug suggested that VB is so small, only a few MB that it'll be negligible. We definitely want to put the VMs on the D drive though. 

    It asked if I wanted Basic mode or Expert mode. According to research, specific selections for the VMs such as like how much RAM, how many cores, etc., I didn't actually peruse the specific features, but the point was if I wanted control of those, go expert mode. So I chose that option. 

    In VB, I pressed the New button at the top of the window > a wizard appeared so I could specify everything > I named the VM WinServ25AD > selected D drive for the folder > selected ISO > selected Microsoft Windows for Type > under Version selected Windows 2022 64-bit, since Doug says it doesn't matter because it just helps me to know what to allocate for the VM > selected Skip Unattended Installation was unselected so I could do the unattended installation. Under hardware, it suggests what the best amounts of memory, hard drive, and processor cores to give it by showing green and red lines. I went 6GB RAM since I have 16 GB on my laptop > 3 cores since I have 8 threads > and under the Hard Disk dropdown I put 50 GB hard drive space and made sure that the Pre-allocate Full Size was not checked > pressed finish. 

    It started installing the OS and when selecting the hard drive to install it on and pressing next, I got an error. 


    It said there is an error selecting this partition for install. Please select a different partition or refresh selections. 

   To solve it, back in the VirtualBox Manager, I went settings > Storage in the side pane > selected Controller: SATA, on one of the two icons within the highlighted selection I clicked Add Optical Drive >  a new window appeared and selected WindowsServer2025.iso, clicked Add disk image at the top of the window > navigated to its location on my computer and selected it and pressed OK > back to the add optical media window, I pressed Choose at the bottom of this window > and back to the window that had Controller: SATA highlighted, a dropdown of selections below this had appeared and I selected my ISO for WinServ, made sure on the right pane Live CD/DVD was selected and pressed OK > started the installation again and this time when reaching the Skip Unattended Installation box, made sure to tick it this time because we wanted full control but I misunderstood this the first time. We got passed the error no problem this time. 

    I created a password and immediately went to Server Manager in the Start Menu, went to the Server Manager. 


    I didn't like the resolution problems I was having, they looked low and the resolution would stretch if I resized the window under scaled mode and then I lose the VM controls at the top of the VM window, so since the GPD Pocket 3 does not have a right Control button on the keyboard, I opened the On-Screen Keyboard...


and selected Control + C > installed VirtualBox Guest Additions by going Devices menu at the top of the VM window > selecting Insert Guest Additions CD Image...


nothing seemed to happen, this is normal > navigated to This PC in the Server OS...



 > clicked on the CD ROM drive which opened a wizard > clicked next and allowed it to install in the automatic place > left the selections to be installed as-is, which installs VirtualBox Guest Additions along with Direct3D support and OpenGL.


    On the Server Manager Dashboard...


I went Add Roles and Features > went Role-Based...


 > selected DS, LDS, DNS...


and then had the idea that since I was having Doug create broken System Administrator problems to troubleshoot and fix for me, I would ask him since this was his second to last day if I could still have him give me broken stuff to fix every once in a while and installed Web Server in this same menu as well. 

    Doug was just telling a story last week about how at BYU, this other building that he doesn't work in a site that is always going down because it uses a Windows Server to run the website which is terrible. It's always going down. He said it is far easier to just use a Linux Server to run websites. So I asked him, so should I learn it? I wasn't thinking about the realities I would run into, if it is so bad then why should I learn it and he explained that it is still used and when it is, they will need people that know how to use it, so yes, you should learn it. And it will go down frequently compared to knowing how to use a Linux web server, so that skill will be in high demand. 

    2025-02-05 - Looking at setting up a home lab, a friend gave me a computer I can use for this project. Although, I am not sure that this will be able to do more than just run windows server. I got the impression that I should actually set up a bunch of VMs on Proxmox so I can add them to the domain for active directory. And this way I can also try other projects too without having to wipe anything else I have done. And this does take a lot of juice on my laptop to run, so I feel like if I let a blade server at home do all the work and install Proxmox on that and access it remotely, then I can access this remotely on my laptop. But I would have to buy a blade server to do this with. It would have to be a blade server too because my computer stack is not in a cabinet, I literally have my desktop on a vasa mount and other devices stacked below it and the top most thing being my file server computer tower which cannot have anything stacked on top of it. 

    I am continuing the last of this stage of setting up Active Directly by promoting the server to the domain. I clicked on the notification center with a yellow triangle. 


    In the Task Details window, selected Promote this Server to a Domain Controller. 

    A new window appeared, selected Add A New Forest, give it a domain name, and avoid public domain names, enter something like DougsDisciples.lan or example.local. Something non-routable. I'm entering Biff.local and pressed next. On the next page I entered a DSRM password (Directory Services Restore Mode), a special admin password used to boot into Directory Services Restore Mode on a domain controller.  I typed jackrabbitslims32%. It would not let me pass until it had both so many characters, a number and a symbol. On the next page my research turned up that I do not need to create a DNS delegation because my DNS server is already installed on the same server that will be the domain controller. 


    NetBIOS is a legacy thing, my understanding is that DHCP and DNS have replaced it. NetBIOS still exists in Active Directory for backwards compatibility. 

    I failed prerequisites thing and I was about to 



start troubleshooting here!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

  • DNS Configuration: The server might not be correctly configured to use DNS as required for domain controllers. Make sure the server is using its own IP address as its DNS server.

    • Solution:
      • Open Network Connections.
      • Right-click the active network adapter and select Properties.
      • Select Internet Protocol Version 4 (TCP/IPv4) and click Properties.
      • Ensure the Preferred DNS server is set to the server's own IP address (the one you're promoting).
      • Apply and check again.
  • Time Synchronization: Active Directory requires that the time on the domain controller be within 5 minutes of other domain controllers or the time server.

    • Solution:
      • Make sure the time is correctly set. You can sync time using the command:
      • Restart Requirement: Sometimes, the system needs to be restarted before the promotion can continue.

        • Solution: Try restarting the server and then rerun the promotion wizard.
      • After trying the above steps, click Rerun Prerequisites Check to see if the issue persists. Let me know if it does!

        Yes, you should exit the promotion setup for now and follow the instructions to address the potential issues before continuing. Here's what you can do:

        1. Exit the setup (click Cancel or close the wizard).
        2. Fix the issues mentioned in the previous steps (DNS configuration, time synchronization, restart if necessary).
        3. After making those changes, restart the server if prompted or if needed.
        4. Rerun the promotion wizard once the system is updated.

        Once you’ve made sure everything is set up correctly, proceed with the promotion steps and click Rerun Prerequisites Check again. Let me know how it goes!












  • This has been Truncat3d 00000000111100010100110______________end of line

    2024-11-25 - Alternative For Dark Mode iTunes on Windows 11

        There seems to be no way that works on Windows to make iTunes appear in dark mode like everything else. However, Windows 11 at least does have a feature which seems to overwrite everything, and I mean everything unless specifically set otherwise like with the background image, and this will change the contrast settings of every single open Window and everything but perhaps your desktop icons. It even affects the Taskbar to some degree, like turning some icons white like the settings gear icon or the notepad icon--yes I have notepad pinned to my taskbar. And it does seem to simplify the view in a lot of open windows like Chrome or Explorer. I am not necessarily all about the simplified sparse look. If this was a Tesla or something, fine, but I appreciate things like discernable borders between sections of a window like side-panels so you know where a button is and it's easy to find without having to hunt it down like a police detective looking for a murderer. 
        I changed the contrast settings of almost everything by going into settings and searching display--it would probably just be easier to search straight out "choose a contrast theme", but it is located in settings > Accessibility > Contrast Themes, if in case you just needed to know. This will change iTunes as well as everything else into whatever theme you choose, so when you're in a dark room and everything on screen is dark, your retina is adjusted to the brightness and you happen to open iTunes, your whole room doesn't light up like your screen went supernova and outshined the whole galaxy and there's a void in your vision right where you focus. 
        I am not sure if I will stick with this. I think I will try it for a while and see how it grows on me. And if you ever want to go back, you just go to the dropdown menu that picks between desert, aquatic, night sky and dusk, and instead of selecting those, pick none and hit apply. 
        I already turned this off because certain features I rely on were not working. The features I would have to part with were starting to get too much, and decided that going blind on iTunes white skin was a tradeoff I was willing to make in order to keep those features I would have to give up.

    This has been Truncat3d 00000000111100010100110______________end of line

    Monday, November 18, 2024

    2024-11-18 - Active Directory 5 - Setting up DNS Service on Win Domain Controller Server & Network DNS Configuration

        Ticket 5 for setting up Active Directory says: We have decided it is in our best interest to host a DNS service simultaneously on our Windows domain controller server. Our network needs to be configured to use this new DNS service. Update our network settings to point to that server. Use Schools default DNS as an alternate server. We need to find a way to push our DHCP clients on our Wi-Fi and wired LAN to our internal DNS server. This change will need to take place on the Turris router.

        Now I predict that at least part of the last bit of instructions will not be done in this particular case because there is already an AD in place that everyone uses in class and I am only doing this to familiarize myself AD and get so I could set this up if I had to. Doug may have me switch everything over to this new system later but right now Doug is unavailable and I have to do this outside of class, and this ticket has to be done in order to unlock the next ticket.

        I went back into my WinServ AD VM > went to the Server Manager > went on the Dashboard to Add Roles and Features > chose Role Based or Feature Based Installation > Under Select a server from the server pool, I selected my Domain Controller which had the same IP as my WinServ VM, now it wanted me to select DNS Server so it can be installed but it already was installed. I had no recollection of doing this but I cancelled the installation process and clicked on the side panel of the Server Manager on the DNS Server under my AD DS and AD LDS Servers I had also created in previous tickets.

        Now I have found that after using ChatGPT on numerous occasions, it is helpful to have two tabs of it open, one to read the instructions it initially gives you and you can stay scrolled to that section of the chat and return as needed to adhere to the instructions, and then when you have furtherr questions, you go to the second tab and just explain what your doing and what your question is. I have been plagued on numerous occasions by losing my spot and having to spend a great deal of time going back through the conversation to find where I left off in the instructions, often getting lost again because I see another thing that I want an answer on, losing track of what I was even doing in the first place, and totally forgetting where I had left off, and then I ask more questions and eventually ask ChatGPT where I am in the instructions if I am stuck at this point and then it rehashes all of the instructions again, which I then have to comb through. And then I'd be further frustrated and confused when every time I had a further question about something and didn't want to lose my spot, I had to go through this whole process again.

        So I find that if you are particularly curious, things catch your eye, you get lost easy, or you need clarification on anything before moving forward, etc., just have a second tab open of ChatGPT so that you can keep your instructions where you left off.
    So I went to my second tab and asked ChatGPT in the process of setting Active Directory and having installed DNS from Roles and Features (to give context so it doesn't think you're doing something unrelated like setting up a Pi Hole DNS for example), what am I checking for when I am clicking on the DNS server to make sure it was installed properly?

        It instructed me to go Tools > DNS (to open the DNS Server Console) > confirm that it is listed in the DNS Manager Console > expand it > go Forward Lookup Zones > Ensure there's a zone for Active Directory Domain such as domain.local or whatever you had named it. There were also other instructions. Basically, it has been installed properly. I can move on. Now, once here, you don't actually need to close the DNS Server Manager because actually, the instructions from tab one ChatGPT are going to have you go to Forward Lookup Zones and go Action > click New Zones > select Primary Zones and Allow it to be stored in Active Directory, next >






























    This has been Truncat3d 00000000111100010100110______________end of line

    Tuesday, November 12, 2024

    2024-11-12 - Troubleshooting webserver issue 3

         Doug gave me a new problem to troubleshoot that is not related to the problems had with the web server before, so it's likely not related to Apache not running. I got the credentials to SSH into the server and a URL plus a CNAME, which is another alias which is a hostname that points to another hostname. He gave me a few hints that this problem actually comprises two things that need to be discovered and fixed and that there may be network resources such as routers, switches or other servers or something unknown that I will need to use to solve the problem and he gave the premise that the sys admins created a new site, but they cannot figure out why it's not working. 

        I started by going to both of the websites. Neither of them loaded, both error pages said that the hostnames server IP address could not be found. I ran Windows diagnostics on the connection, my end works fine but there was no response from the site. I ran nslookup on the website.christian.com hostname and got the IP address of 192.168.1.132. I can ping the server. 4 packets sent,  received, 0 lost. I ran an nslookup as well as a dig command on the both hostnames and got the information that dragon resolved to 192.168.1.133, not 132. I pinged 133 and it said that the destination host is unreachable. 

        To fix the DNS discrepancy since it is resolving to 133 instead of 132, I can't just SSH into a machine to fix it, there is no serial RS-232 port to connect to, there is no terminal thing here that is normal procedure. How this is fixed, as Doug explained because I was totally confused, he asked what machine is it on and I said I didn't know. Isn't it running Linux or something? He said it's a Windows machine. And the way we remote access a Windows machine to fix a problem is usually to use the Remote Desktop Protocol. 

        So I pressed the windows key and typed remote desktop, expanded the options at the bottom of the window, typed the IP address for this scenario which was 192.168.1.100 for the DNS server, entered my student credentials to access the domain (Windows did try to offer credentials for another thing so I needed to change the username back from the other offering by clicking MORE CHOICES and entering just my first name which is my username for the domain, and when the connection was made, this server happens to have the DNS manager in the start menu so I can simply press the windows key and type DNS. DNS Application came up, opened it, an MMC window for the DNS Manager opened. I clicked on the only server listed in the side panel, which expanded to Forward Lookup Zones, Reverse Lookup Zones, Trust Points, and Conditional Forwarders. I clicked on Forward Lookup Zones, then on Christian.com, and a list in the main window appeared with two icons called (same as parent folder) and then an icon called dragon and another called website. I clicked on dragon since it has the IP address discrepancy and sure enough when the Properties window appeared, it showed in Host (A) tab that the IP Address was 192.168.1.133.  I changed the last octet to 132, hit APPLY and OKAY and the window closed. 

        ChatGPT said I needed to flush the DNS and to do this I needed to open a PowerShell window and enter ipconfig /flushdns. It said that the requested operation requires elevation. However, this would be catastrophic. This would delete all the DNS records on the DNS server and now it wouldn't resolve any hostnames to IP addresses. 

        I did another nslookup and the IP address had in fact changed. No flush needed. 


        2024-11-13 Wednesday

        Okay so I had been talking to Doug last night and he gave me a really big hint that in hindsight I wish he hadn't because it made solving the problem really simple. ChatGPT had given me a series of steps in solving one of the two problems with the server. One of them is now fixed because the IP address for Dragon was the wrong address, 192.168.1.133 and it should have been 132. But one of the problems I face sometimes when going to ChatGPT is it will give you several solutions and you start delving into one and the actual solution is like solution 2 or something. This isn't about not doing that one solution, it's just that I need to understand what the first solution is so I can know what I am doing. And in that process, the next solution sometimes gets lost. So that happened last night but not necessarily because I delved too deep, I actually ended up solving one of the two problems doing this and when going over my work with Doug he happened to see that list as I scrolled through it looking for another thing that helped me find the first actual solution in this scenario. And he suggested I keep going through those solutions because the answer was actually in there. 

        So starting with that list, ChatGPT first suggested I do sudo ufw status, now I don't know what that means but under it, ChatGPT explained that I needed to ensure 80/tcp and 443/tcp were listed as allowed. MY assumption was that it would show me a bunch of ports so when I went sudo ufw status, it simply said OpenSSH ALLOW Anywhere and on the next line, OpenSSH (v6)ALLOW Anywhere (v6). I went to Doug because I am sitting here like, um, sudo ufw status isn't showing all the ports. Whats the deal and I wish I hadn't have done this, because then he was in so many words like yeah, those are the only open ports. Actually, he said something like asking me what a firewall does by default and I said it stops things, and he said something like the ssh port is open. And I was like, wait, so 80 and 443 are not. 

        He was willing to go with me on making it hard and so I guess he was busy and forgot to make it hard. I am confident I would have figured it out. My next move if Doug hadn't said anything would have been to tell chatGPT the results and ask why it isn't showing ports 80 and 443 at which point it would have explained somewhere that it was showing all the open ports and I would have realized, oh, ports 80 and 443 are not open. 

        I was like, so I just solved the problem. He said I identified it, now I need to implement the solution. Okay so I went sudo ufw allow port 80/tcp and sudo ufw allow 443/tcp and it said rule added twice, one for ipv4 and another for 6 after opening 80 and then both rules added again for 443. I reloaded the webpage. 

        Hahaha, it's not fixed! He wasn't making it easy. 

        Okay, so if you have a VPN like me you might want to deactivate it, not even a half tunnel. My DNS kept switching to my Pi Hole and then I have another strange DNS problem that keeps resetting my DNS for some reason. A New thing to troubleshoot. But the problem is solved. The main hostname was resolving to the wrong IP address by one wrong digit, and then ports 80 and 443 needed to be opened so HTTP and HTTPS could be used to receive webpage requests and serve them back to the users. 

    This has been Truncat3d 00000000111100010100110______________end of line

    Thursday, November 7, 2024

    2024-11-07 - Active Directory 3 / 4 - Naming Scheme / Configure Win Serv as Domain Controller

        The 3rd Active Directory task is just a mental assignment to create a naming scheme for several computers that will be added to the domain and decide what hardware feature will attach that machine to the domain name it's given. I chose to name everything "Doug Disciple 1", 2, 3, etc, and use a service tag after each name to tie it to a specific machine. 

        Active Directory ticket 4 is about configuring the Windows Server on Proxmox as a domain controller. Okay so first I went to the windows server virtual machine in Proxmox, entered the console again, and went to the SERVER MANAGER application in the start menu. Once open, I went MANAGE, or if on the DASHBOARD, then click ADD ROLES AND FEATURES. The first window can be skipped and from there you select ROLE-BASED OR FEATURE BASED INSTALLATION. On the next page select your server, which I did. Now on this page you need to install ACTIVE DIRECTORY DOMAIN SERVICES or DS and  ACTIVE DIRECTORY LIGHTWEIGHT DIRECTORY SERVICES or LDS, but in my case, DS was already installed from the 2nd ticket. I selected LDS from the list a few selections below DS and a small window came up offering the option to pick what features to install and I simply selected ADD FEATURES. I hit next three times, checked the option to reboot if necessary after the installation and pressed install. It installed and I closed the window. 

        Now back in the Server Manager again there was a yellow flag at the top of the Dashboard. When you click this flag, you will click to promote this server to a domain controller. A new window will pop up and select the option to ADD NEW FOREST. A Forest is or can be a group of domains. And then for ROOT DOMAIN NAME I entered Dougs.Disciples. After clicking next, you're supposed to set the DOMAIN FUNCTIONAL LEVEL, which is usually set to the latest version and then entered a DIRECTORY SERVICES RESTORE MODE (DSRM) PASSWORD. I did not specify a DNS delegation. I set the NetBIOS domain name as DOUGSdisciples, it did not want me using spaces or dots to separate the words, it wanted everything as one word. Verification showed a bunch of red flags. It turns out after some troubleshooting that there was no ethernet controller driver installed. 

        I did some research and some searching around to finally understand the instructions, and there were some confusing things, like the instructions said to download th VirtIO driver ISO and that it could be downloaded from the proxmox wiki page or from the fedora VirtIO driver ISO download page. The name of the file will just be virtio-win-<whatever release>.iso. This is confusing because Proxmox isn't running on Linux and the OS running in the virtual machine is not linux. Besides, even if it was, why Fedora, which is a Linux Distro which is different from Debian which for example is where Ubuntu comes from. 

        I ran it by Doug just for good measure and he said what he would do is there's another Windows Active Directory Server on Proxmox here, I would just take the driver from that machine and copy it to the new one. But I pointed out to him, if I was in a regular working environment, this mat very well not be the case. I may need to download a driver or something to upload into Proxmox for example, and it may not be a thing that's already on another VM. So I looked up why the VirtIO driver ISO came from Fedora and it said that Fedora makes it but it works with Proxmox and also works with Windows machines. Basically, the fact that it comes from Fedora is just happenstance. It should work fine. Doug said to give it a shot which is what I was thinking. At the end I will have experience finding it and seeing where it comes from and that it works or I will know that it doesn't or some other technicality or something. 

        Now to upload it. I have it on my laptop, how do I get it into the Proxmox VM my server is running on. ChatGPT said that I need to clock on Datacenter in the side pane in Proxmox, and access the node which will probably be named something like PVE, and then click on storage, then LVM and put it in there. I clicked on PVE and then under that, I scrolled to Disks and ChatGPT said these are not it. This is not where you would load ISO's or containers, etc. So I kept looking. This was time consuming because instead of clicking on disks in the side pane next to the one containing PVE, I was supposed to expand PVE and at the bottom of that pane is a bunch of disk platter icons simply called local and local-lvm. If you click on these, then above one of the side panes is a thing that says what I have been looking for this whole time, simply hidden in LVM but you click on one and it then says that this LVM is located in Storage. Okay... 

        Now there were two storage icons, one named local and one named local-lvm. The difference between these is that local is meant for ISO's and local-lvm is just the storage given to that particular VM. I think this is confusing because don't we want to install the VirtIO driver ISO in the storage location intended just for that VM? But ChatGPT is saying that we want to install it in LOCAL because thats where all ISO's and containers and templates and backups are located. 

        So Doug came along and sped through a bunch of the steps and I didn't get to do them myself but I have to write them before I forget. So under PVE, we went to LOCAL (storage) and and in next side pane click ISO images, click the upload button there. Make sure ISO is selected for the file type and brwse for the file. Then go to the VM that needs the driver, click HARDWARE, ADD, click CD/DVD drive, a box appears that has two red outlined boxes that need to be filled, you can leave the top box as IDE< but the red boxes, pick LOCAL, in the second box pick the ISO you uploaded. Click create, then it will appear under CD/DVD. 

        Go to file explorer on the VM< navigate to This PC, click on the CD/DVD drive as if it was a physical disk, and you're looking for the 64 bit MSI file which under file type will be called a Windows Installer Package. If you turn file extensions on, it will show as a .MSI file. Click it, click next a bunch of times and done. It installed, and it worked. Doug was surprised. He was sure that I was wrong. 

        Doug thinks that there were also many ways to solve this, and that when the other server VM was created that they just used a different virtual NIC that didn't need a driver. But we're not sure. He just doesn't think we needed to install a driver to get it working. 


        2024-11-14 Thursday

        Okay so the driver is installed and we have a network connection. Now I need to go back and promote my new Active Directory Server to a Domain Controller by creating a Forest. Again clicking the yellow exclamation point notification at the top of the Window of the server manager under All Servers in the side panel, will bring up the new Window that will let you select the bullet to create a Forest and then give it a Root Domain Name. I wrote DougsDisciples.lan, no spaces allowed, so I basically did Camel-Case and you have to include a "." with a top level domain name and I don't have a website so I used ".lan" but you can also use ".local" and then I pressed next. 

        I set the Domain Functional Level and Forest Functional Level both at the latest server available and both had WinServ2016 and no higher so I just went with that. Then it wanted me to set a DSRM or Directory Services Restore Mode Password and this is only a practice server and only located on a school server likely to be deleted before long I will just say the password that it finally accepted was "Mtech123Mtech123!". ChatGPT said to just use default DNS settings the the delegation and Doug said that there was no parent directory present because I am the parent directory so skip it. I clicked next. 

        ChatGPT said: 

    Default DNS Delegation Settings

    1. When to Enable Delegation: Generally, DNS delegation is only relevant if:

      • You already have an external DNS server (e.g., in another domain) that will need to recognize and refer queries to your new AD domain’s DNS server.
      • You want other DNS servers to forward requests for your AD domain’s DNS namespace to this domain controller.
    2. Using the Default Option: If you are setting up a single domain or a standalone environment, you can usually skip DNS delegation (which is the default option). In typical Active Directory setups where the domain controller is also acting as the DNS server, checking or enabling DNS delegation is not necessary unless you have a very specific network structure.

    3. When Not to Check It: For most internal Active Directory setups, where you are only concerned with internal clients, you can skip DNS delegation and leave it unchecked. This avoids unnecessary delegation settings, which won’t benefit your setup if there isn’t an external DNS server that needs it.

    To sum up: if you’re setting up a standard internal AD environment, it’s safe to leave DNS delegation unchecked.

        I clicked next through the Paths set up and moved on to the Review section to make sure it met my requirements. I then clicked next and it gave a series of warnings, which Doug said that weren't errors, go ahead. I clicked install. I pressed Finish and it automatically rebooted. 

        ChatGPT says that once rebooted, it will be a domain controller and you can start adding users and computers to the domain. 

        So I was hoping to finish this ticket and I think I did but I am unsure. It went into a boot loop on rebooting. But pressing escape out of the boot loop and selecting the boot drive got it back up and running. 

    This has been Truncat3d 00000000111100010100110______________end of line

    Tuesday, November 5, 2024

    2024-11-05 - Troubleshooting web server issue with Apache 2

        Doug gave me another web server problem to troubleshoot, I think he picked this based on what I know about it so far, apparently sharing all of the features of yesterday troubleshoot problem including the website, the same server having a very similar problem, right down to it running Apache. But this time I think he is probably throwing that information at me to cause me to assume Apache is the problem. I was pleased with myself for solving this problem in ten or fifteen minutes last night, came home, wrote about it in this blog and realized as I wrote, hey wait, he gave me a bunch of tips all throughout. So I told him that I was so pleased and then had a realization, so he is helping me less with this one even though he assured me that even in the interviews he conducts where he gives people this same problem, he often gives them little nudges by telling them to try going in another direction and stuff like that.

        I went to the website with the IP address he gave me. Once again "Forbidden" in bold letters on the top of the page. I went to Terminal, and SSH-ed into the machine. I thought for literally one second and remembered all of the countless times when I had problems in Linux just to eventually do an update and upgrade and that would solve the problem. So I asked ChatGPT what the command was because I don't remember them off the top of my head, and it gave the commands for update and upgrade but then also gave the command for a full upgrade which upgrades the Kernel too, and I thought, what are the odds that solves the problem! So I did it, and entered:

    sudo apt full-upgrade


         It finished the upgrade and I rebooted. I am of the understanding that unlike Windows, Linux doesn't need to reboot after updates or in the case of Linux, updates and upgrades. But it was a Kernel upgrade so...

        I SSH-ed back in and just to make sure, I checked to make sure Apache was running on port 8 for HTTP instead of NGINX. But Apache is running. 

    Last login: Wed Nov  6 03:47:28 2024 from 192.168.1.246

    admin@skibidi-slicers:~$ sudo netstat -tuln | grep :80

    [sudo] password for admin:

    sudo: netstat: command not found

    admin@skibidi-slicers:~$ sudo ss -tuln | grep :80

    tcp   LISTEN 0      511                      *:80              *:*

    admin@skibidi-slicers:~$ sudo lsof -i :80

    COMMAND PID     USER   FD   TYPE DEVICE SIZE/OFF NODE NAME

    apache2 738     root    4u  IPv6  21060      0t0  TCP *:http (LISTEN)

    apache2 739 www-data    4u  IPv6  21060      0t0  TCP *:http (LISTEN)

    apache2 740 www-data    4u  IPv6  21060      0t0  TCP *:http (LISTEN)

    admin@skibidi-slicers:~$ sudo journalctl -f

    Nov 06 04:01:40 skibidi-slicers systemd[1]: Starting Download data for packages that failed at package install time...

    Nov 06 04:01:40 skibidi-slicers systemd[1]: update-notifier-download.service: Deactivated successfully.

    Nov 06 04:01:40 skibidi-slicers systemd[1]: Finished Download data for packages that failed at package install time.

    Nov 06 04:01:53 skibidi-slicers dbus-daemon[654]: [system] Activating via systemd: service name='org.freedesktop.timedate1' unit='dbus-org.freedesktop.timedate1.service' requested by ':1.12' (uid=0 pid=675 comm="/usr/lib/snapd/snapd " label="unconfined")

    Nov 06 04:01:53 skibidi-slicers systemd[1]: Starting Time & Date Service...

    Nov 06 04:01:53 skibidi-slicers dbus-daemon[654]: [system] Successfully activated service 'org.freedesktop.timedate1'

    Nov 06 04:01:53 skibidi-slicers systemd[1]: Started Time & Date Service.

    Nov 06 04:02:23 skibidi-slicers systemd[1]: systemd-timedated.service: Deactivated successfully.

    Nov 06 04:02:28 skibidi-slicers sudo[1347]:    admin : TTY=pts/0 ; PWD=/home/admin ; USER=root ; COMMAND=/usr/bin/journalctl -f

    Nov 06 04:02:28 skibidi-slicers sudo[1347]: pam_unix(sudo:session): session opened for user root(uid=0) by admin(uid=1002)

        So I ran sudo netstat -tuln | grep :80 but netstat isn't installed. I ran sudo ss -tuln | grep :80

    and sudo lsof -i :80 and sudo journalctl -f. I didn't see anything. Apache is listening on port 80. SO I ran sudo systemctl status apache2 to see if Apache was running without problems. 

    ● apache2.service - The Apache HTTP Server
         Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
         Active: active (running) since Wed 2024-11-06 03:56:49 UTC; 10min ago
           Docs: https://httpd.apache.org/docs/2.4/
        Process: 651 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)
       Main PID: 738 (apache2)
          Tasks: 55 (limit: 4563)
         Memory: 7.7M
            CPU: 182ms
         CGroup: /system.slice/apache2.service
                 ├─738 /usr/sbin/apache2 -k start
                 ├─739 /usr/sbin/apache2 -k start
                 └─740 /usr/sbin/apache2 -k start

    Nov 06 03:56:49 skibidi-slicers systemd[1]: Starting The Apache HTTP Server...
    Nov 06 03:56:49 skibidi-slicers apachectl[688]: AH00558: apache2: Could not reliably determine the server's fully quali>
    Nov 06 03:56:49 skibidi-slicers systemd[1]: Started The Apache HTTP Server.
    CGPT said that everything is running fine but it was displaying a warning Apache doesn't have a hostname which usually doesn't prevent things from working but if it relies on a hostname that could cause problems. It suggested I try sudo nano /etc/apache2/apache2.conf. 
        I couldn't select the nano text witht eh mouse so I proceeded to do so with shift and the up arrow key but control C won't copy it to my clipboard and control k in nano will only copy it to nanos clipboard and not mine so that I can paste the nano file into CGPT. So instead of nano, I entered sudo cat /etc/apache2/apache2.conf, which prints the contents of the entire file irectly to the prompt, which I can then highlight with my mouse and copy into my computers clipboard:

    # This is the main Apache server configuration file.  It contains the
    # configuration directives that give the server its instructions.
    # See http://httpd.apache.org/docs/2.4/ for detailed information about
    # the directives and /usr/share/doc/apache2/README.Debian about Debian specific
    # hints.
    #
    #
    # Summary of how the Apache 2 configuration works in Debian:
    # The Apache 2 web server configuration in Debian is quite different to
    # upstream's suggested way to configure the web server. This is because Debian's
    # default Apache2 installation attempts to make adding and removing modules,
    # virtual hosts, and extra configuration directives as flexible as possible, in
    # order to make automating the changes and administering the server as easy as
    # possible.

    # It is split into several files forming the configuration hierarchy outlined
    # below, all located in the /etc/apache2/ directory:
    #
    #       /etc/apache2/
    #       |-- apache2.conf
    #       |       `--  ports.conf
    #       |-- mods-enabled
    #       |       |-- *.load
    #       |       `-- *.conf
    #       |-- conf-enabled
    #       |       `-- *.conf
    #       `-- sites-enabled
    #               `-- *.conf
    #
    #
    # * apache2.conf is the main configuration file (this file). It puts the pieces
    #   together by including all remaining configuration files when starting up the
    #   web server.
    #
    # * ports.conf is always included from the main configuration file. It is
    #   supposed to determine listening ports for incoming connections which can be
    #   customized anytime.
    #
    # * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
    #   directories contain particular configuration snippets which manage modules,
    #   global configuration fragments, or virtual host configurations,
    #   respectively.
    #
    #   They are activated by symlinking available configuration files from their
    #   respective *-available/ counterparts. These should be managed by using our
    #   helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See
    #   their respective man pages for detailed information.
    #
    # * The binary is called apache2. Due to the use of environment variables, in
    #   the default configuration, apache2 needs to be started/stopped with
    #   /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
    #   work with the default configuration.


    # Global configuration
    #

    #
    # ServerRoot: The top of the directory tree under which the server's
    # configuration, error, and log files are kept.
    #
    # NOTE!  If you intend to place this on an NFS (or otherwise network)
    # mounted filesystem then please read the Mutex documentation (available
    # at <URL:http://httpd.apache.org/docs/2.4/mod/core.html#mutex>);
    # you will save yourself a lot of trouble.
    #
    # Do NOT add a slash at the end of the directory path.
    #
    #ServerRoot "/etc/apache2"

    #
    # The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
    #
    #Mutex file:${APACHE_LOCK_DIR} default

    #
    # The directory where shm and other runtime files will be stored.
    #

    DefaultRuntimeDir ${APACHE_RUN_DIR}

    #
    # PidFile: The file in which the server should record its process
    # identification number when it starts.
    # This needs to be set in /etc/apache2/envvars
    #
    PidFile ${APACHE_PID_FILE}

    #
    # Timeout: The number of seconds before receives and sends time out.
    #
    Timeout 300

    #
    # KeepAlive: Whether or not to allow persistent connections (more than
    # one request per connection). Set to "Off" to deactivate.
    #
    KeepAlive On

    #
    # MaxKeepAliveRequests: The maximum number of requests to allow
    # during a persistent connection. Set to 0 to allow an unlimited amount.
    # We recommend you leave this number high, for maximum performance.
    #
    MaxKeepAliveRequests 100

    #
    # KeepAliveTimeout: Number of seconds to wait for the next request from the
    # same client on the same connection.
    #
    KeepAliveTimeout 5


    # These need to be set in /etc/apache2/envvars
    User ${APACHE_RUN_USER}
    Group ${APACHE_RUN_GROUP}

    #
    # HostnameLookups: Log the names of clients or just their IP addresses
    # e.g., www.apache.org (on) or 204.62.129.132 (off).
    # The default is off because it'd be overall better for the net if people
    # had to knowingly turn this feature on, since enabling it means that
    # each client request will result in AT LEAST one lookup request to the
    # nameserver.
    #
    HostnameLookups Off

    # ErrorLog: The location of the error log file.
    # If you do not specify an ErrorLog directive within a <VirtualHost>
    # container, error messages relating to that virtual host will be
    # logged here.  If you *do* define an error logfile for a <VirtualHost>
    # container, that host's errors will be logged there and not here.
    #
    ErrorLog ${APACHE_LOG_DIR}/error.log

    #
    # LogLevel: Control the severity of messages logged to the error_log.
    # Available values: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the log level for particular modules, e.g.
    # "LogLevel info ssl:warn"
    #
    LogLevel warn

    # Include module configuration:
    IncludeOptional mods-enabled/*.load
    IncludeOptional mods-enabled/*.conf

    # Include list of ports to listen on
    Include ports.conf


    # Sets the default security model of the Apache2 HTTPD server. It does
    # not allow access to the root filesystem outside of /usr/share and /var/www.
    # The former is used by web applications packaged in Debian,
    # the latter may be used for local directories served by the web server. If
    # your system is serving content from a sub-directory in /srv you must allow
    # access here, or in any related virtual host.
    <Directory />
            Options FollowSymLinks
            AllowOverride None
            Require all denied
    </Directory>

    <Directory /usr/share>
            AllowOverride None
            Require all granted
    </Directory>

    <Directory /var/www/>
            Options Indexes FollowSymLinks
            AllowOverride None
            Require all granted
    </Directory>

    #<Directory /srv/>
    #       Options Indexes FollowSymLinks
    #       AllowOverride None
    #       Require all granted
    #</Directory>




    # AccessFileName: The name of the file to look for in each directory
    # for additional configuration directives.  See also the AllowOverride
    # directive.
    #
    AccessFileName .htaccess

    #
    # The following lines prevent .htaccess and .htpasswd files from being
    # viewed by Web clients.
    #
    <FilesMatch "^\.ht">
            Require all denied
    </FilesMatch>


    #
    # The following directives define some format nicknames for use with
    # a CustomLog directive.
    #
    # These deviate from the Common Log Format definitions in that they use %O
    # (the actual bytes sent including headers) instead of %b (the size of the
    # requested file), because the latter makes it impossible to detect partial
    # requests.
    #
    # Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.
    # Use mod_remoteip instead.
    #
    LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
    LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %O" common
    LogFormat "%{Referer}i -> %U" referer
    LogFormat "%{User-agent}i" agent

    # Include of directories ignores editors' and dpkg's backup files,
    # see README.Debian for details.

    # Include generic snippets of statements
    IncludeOptional conf-enabled/*.conf

    # Include the virtual host configurations:
    IncludeOptional sites-enabled/*.conf

    # vim: syntax=apache ts=4 sw=4 sts=4 sr noet
    CGPT said to check sudo nano /etc/apache2/sites-enabled/000-default.conf, which I did, and when I concatenated it, it printed:
    <VirtualHost *:80>
            # The ServerName directive sets the request scheme, hostname and port that
            # the server uses to identify itself. This is used when creating
            # redirection URLs. In the context of virtual hosts, the ServerName
            # specifies what hostname must appear in the request's Host: header to
            # match this virtual host. For the default virtual host (this file) this
            # value is not decisive as it is used as a last resort host regardless.
            # However, you must set it for any further virtual host explicitly.
            #ServerName www.example.com

            ServerAdmin webmaster@localhost
            DocumentRoot /var/www/html

            # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
            # error, crit, alert, emerg.
            # It is also possible to configure the loglevel for particular
            # modules, e.g.
            #LogLevel info ssl:warn

            ErrorLog ${APACHE_LOG_DIR}/error.log
            CustomLog ${APACHE_LOG_DIR}/access.log combined

            # For most configuration files from conf-available/, which are
            # enabled or disabled at a global level, it is possible to
            # include a line for only one particular virtual host. For example the
            # following line enables the CGI configuration for this host only
            # after it has been globally disabled with "a2disconf".
            #Include conf-available/serve-cgi-bin.conf
    </VirtualHost>

    # vim: syntax=apache ts=4 sw=4 sts=4 sr noet

    CGPT had me enter sudo chown -R www-data:www-data /var/www/html and sudo chmod -R 755 /var/www/html, which returned: 

    admin@skibidi-slicers:~$ [200~sudo chown -R www-data:www-data /var/www/html

    WARNING:root:could not open file '/etc/apt/sources.list'


    [200~sudo: command not found

    admin@skibidi-slicers:~$ sudo chmod -R 755 /var/www/html

    ^[[201~admin@skibidi-slicers:~$


        The Next Day 

        Okay so I started out the day by trying to restart apache:

    sudo systemctl restart apache2

    [sudo] password for admin:

    It was running fine. I reloaded the website, the problem wasn't solved. This is when I remembered that the webpage was telling me that it was a permissions problem.  

    admin@skibidi-slicers:~$ sudo tail -f /var/log/apache2/error.log

    I entered this to see a log of whatever problems apache might have had.  

    [Thu Nov 07 02:30:54.553525 2024] [mpm_event:notice] [pid 3112:tid 139808985114496] AH00489: Apache/2.4.52 (Ubuntu) configured -- resuming normal operations

    [Thu Nov 07 02:30:54.553920 2024] [core:notice] [pid 3112:tid 139808985114496] AH00094: Command line: '/usr/sbin/apache2'

    [Thu Nov 07 02:31:32.318710 2024] [core:error] [pid 3113:tid 139808903001664] (13)Permission denied: [client 192.168.1.246:8090] AH00132: file permissions deny server access: /var/www/html/index.html

    [Thu Nov 07 02:31:33.378457 2024] [core:error] [pid 3113:tid 139808894608960] (13)Permission denied: [client 192.168.1.246:8090] AH00132: file permissions deny server access: /var/www/html/index.html

    [Thu Nov 07 02:31:35.044419 2024] [core:error] [pid 3113:tid 139808886216256] (13)Permission denied: [client 192.168.1.246:8090] AH00132: file permissions deny server access: /var/www/html/index.html

    The Permission denied error says Apache doesn't have permission to access /var/www/html/index.html. This could be due to either file permissions or ownership issues.

    ^C

    I entered CTL C to exit the log so I could enter another command.  

    Okay so ChatGPT suggested I enter "sudo chown www-data:www-data /var/www/html/index.html", which would have been a bad idea because this command changes the ownership of the file to the apache user. www.data is the name of everyone that could browse the site. So if people knew the vulnerability, they could delete the file or change it to whatever they want. This is really bad. Doug was over my shoulder and explained that if I did that in a job, I would get fired. 

     I used the file path from the Chown command to reach the file in question.

    admin@skibidi-slicers:~$ cd /var

    admin@skibidi-slicers:/var$  ls 

    backups  cache  crash  lib  local  lock  log  mail  opt  run  snap  spool  tmp  www

     Until this point I didn't realize that www was actually a directory, and thought it was actually referring to a hostname for the website.  

    admin@skibidi-slicers:/var$ ls -l

    ls lists directory contents without doing so recursively, and ls -l or ll, which not all systems will recognize, will give you a long list. And what long list will show is permissions, then ownership, then the size of the file in bytes, then what date it was last edited and at what time, followed finally by the name of the file or folder the listing is for.  

    total 48

    drwxr-xr-x  2 root root   4096 Nov  7 00:00 backups

    drwxr-xr-x 16 root root   4096 Nov  5 02:06 cache

    drwxrwxrwt  2 root root   4096 Aug 10  2023 crash

    drwxr-xr-x 42 root root   4096 Nov  5 02:06 lib

    drwxrwsr-x  2 root staff  4096 Apr 18  2022 local

    lrwxrwxrwx  1 root root      9 Aug 10  2023 lock -> /run/lock

    drwxrwxr-x 11 root syslog 4096 Nov  7 00:00 log

    drwxrwsr-x  2 root mail   4096 Aug 10  2023 mail

    drwxr-xr-x  2 root root   4096 Aug 10  2023 opt

    lrwxrwxrwx  1 root root      4 Aug 10  2023 run -> /run

    drwxr-xr-x  7 root root   4096 Oct 25 02:01 snap

    drwxr-xr-x  4 root root   4096 Aug 10  2023 spool

    drwxrwxrwt  8 root root   4096 Nov  7 02:30 tmp

    drwxr-xr-x  3 root root   4096 Nov  5 02:01 www

     So Doug had explained the way permissions and ownership works in Linux like six months ago and unless you do this with some frequency its just not a thing that you're going to remember. So permissions are divvied up by saying things in line like "dwrxrwxrwx" and then assigning numbers to this. So D stands for directory or if its a link it'll say L or if it's just a file and there's nothing special about the file then there will be a hyhen there and it'll look like "-rwxrwxrwx". And then R stands for read, W stands for write, and X stands for execute. And you repeat the RWX sequence three times because the first sequence is what permissions the owner has, the second is what permissions the group has, which the owner can be a member of but does not have to be, and then the third sequence is what permissions everyone else has. You definitely want to be careful with all of these but that one as much as the others. You don't want to give everyone permissions to read or write or execute your diary or or a plain text document of all your passwords or something. And then whatever the permissions are for each sequence, they will add up to a certain number of bits. So Read, if the answer is yes or true for the owner, group or everyone else will always be represented by the number 4, write permissions for all of them if yes or true will always be a 2 and execute permissions for all will always be a 1. So if you want to write a three digit number fr what all the permissions are for each sequence, you can simply put 753 for example and that would mean that the owner has all three, read, write and execute permissions or 4, 2 and 1, added up to be 7, and the 5 in 753 would be for the group and if it is a 5 than it can only add up to read and execute permissions. And then the 3 in 753 will always add up to just having write and execute permissions. No matter what combination you have, you have to either add up a 4, a 2 or a 1 and depending on which it is it will signify which permission and so the final number representation will tell you what permissions all three of the permissions were. If there is no permission, it will be signified by a simple hyphen.  

    In order to see the permissions of the website file, I needed to navigate to it. 

    admin@skibidi-slicers:/var$ ls

    backups  cache  crash  lib  local  lock  log  mail  opt  run  snap  spool  tmp  www

    admin@skibidi-slicers:/var$ cd www

    admin@skibidi-slicers:/var/www$ ls

    html

    admin@skibidi-slicers:/var/www$ cd html

    admin@skibidi-slicers:/var/www/html$ ls

    index.html

    admin@skibidi-slicers:/var/www/html$ cat index.html

    cat: index.html: Permission denied

    Fortunately I didn't need to see the contents of the file, I just needed to see the permissions so apache could open it. 

    admin@skibidi-slicers:/var/www/html$ ls -l

    total 4

    -rw-r----- 1 root root 188 Nov  5 03:24 index.html

     This line above is the only file we needed to know permissions for. So instead of running the chown command which changes the owner of a file, which as i described, could be pretty bad in this particular case (because we can agree that if I have two users on my personal computer and I want to change the permissions of my diary or a picture, using chown to change the owner from one user to another is not a bad thing), I instead asked ChatGPT to show me a command that would simply change the permissions so everyone can read it rather than changing the owner. And it gave me the following, which I entered. 

    admin@skibidi-slicers:/var/www/html$ sudo chmod a+r /var/www/html/index.html

    I checked permissions. Before, it was the following:

    -rw-r----- 1 root root 188 Nov  5 03:24 index.html

    Now the above command made this change: 

    -rw-r--r-- 1 root root  188 Nov  5 03:24 index.html

    So you see this means the owner and the permissions for the owner and the group were not changed, in the third octal notation for permissions for everyone else simply had the letter r, which also means 4, but that doesn't matter in this case because it was displaying the RWX letters instead of the numbers that represent them.  

    I checked the website by reloading the page. It displayed the following:

    Welcome to our website!

    This page means that everything is working as designed.

    It's a very rudimentary website built strictly for the purposes of my troubleshooting this problem.  


    This has been Truncat3d 00000000111100010100110______________end of line

    2024-11-05 - Active Directory 2 - Installing Active Directory on Win Serv

        The second Active Directory ticket Doug had set up for this AD course was to install AD. I recall him talking to me about this way back in around January or whatever when I did a couple of the tickets for the course but got caught up in other projects. So now I intend go get through this with less help and seeing how much I can get done. Doug said something about a certain application or utility you go to in order to install AD. I don't remember what it's called. I am sure ChatGPT will have the answer for me. 
        So ChatGT says that you’ll typically use the “Active Directory Domain Services” role and configure it as a Domain Controller. And then it gave me steps to follow. I'll admit that the first time I tried to do anything in AD, I had a lot of trouble figuring out how to open AD. I didn't seem to find a program I could just open from the start menu called Active Directory. And I look back and honestly don't understand now why I had so much trouble but, 2020 hindsight. ChatGPT simply said to open Server Manager in the Start Menu. 
        The Server Manager opened up, CGPT had me select ADD ROLES AND FEATURES, clicked next on the next page which tells that its a wizard, after that you select if it is a ROLE BASED INSTALLATION  or REMOTE DESKTOP SERVICES INSTALLATION. This is asking if you want it to host Remote Desktop, I guess. Doug says he doesn't know why that's in a separate installation. The next page asks if I want to select from a server pool or if  I want to  select a virtual  hard disk. I am running this installation on a virtual hard disk, however, this AD installation will not itself be running virtualization, so I went with SELECT A SERVER FROM THE SERVER POOL. I came to the page to select Server Roles and picked ACTIVE DIRECTORY DOMAIN SERVICES. A smaller window appeared with extra features and selected ADD FEATURES at the bottom of said window. I clicked next, this took me to Features, which it auto selected the features I needed, so I pressed next again. Now in AD DS, I read through what it offered and hit next. I confirmed the installation and it got installing.
        It finished installing and the progress bar was complete, the only button it gave me at this point was to press CLOSE. So I did. I guess that is it for this ticket.

    This has been Truncat3d 00000000111100010100110______________end of line
        



    2024-11-05 - Active Directory 1 - Installing Windows Server in a Proxmox VM

        I had Doug, my instructor, wipe all the tickets so I could claim one of the tickets in his ticketing system he custom created for the class, and so I could start from scratch, and he was gone, I didn't have any direction on what specs the VM needed to have to I can do Active Directory on it, so I looked at the one that was still up and currently in use, looked at its specs, saw that it had 60 GB of hard drive space, 8 GB of RAM, and 6 cores on the CPU. So I replicated those. I set the iso to be used for the VM as Windows Server 2019 and started the VM. I entered the console and it started loading and installing Windows Server. I got to the screen asking for what hard drive and the list of drives was empty. 

        Proxmox wasn't recognizing the drive because of a driver issue, the driver wasn't installed. So after playing with it for a few minutes, finally closed the console and turned the VM off, examined the hard drive that the Win Server AD already in use was using. The Bus Device mine was using was SCSI without SSD equaling because SSD emulation wasn't selected. Changed the Bus Device IDE and checked SSD emulation under the hard disk tab for creating the VM. 

        Now the hard drive list window was populated with that option and selected it, Windows Server installed successfully. There isn't anything else here to really say, most of the work was just creating the VM and then editing it real quick so Win Serv would install. 

    This has been Truncat3d 00000000111100010100110______________end of line

        

    Monday, November 4, 2024

    2024-11-04 - Troubleshooting web server issue with Apache 1

         I asked Doug to give me troubleshooting problems so he simulated one that he gives to interviewees at BYU that are applying for the System Administrator position. He didn't tell me what it would be till it was set up and most of the class he was working with another student that was practicing setting up VLANs and what he was doing took the whole network down because of what a student before him did somehow. But he got it set up so I could do it in the last half hour of class. He said they usually give interviewees ten to fifteen minutes and they get a username and a password and the IP address of a website that is malfunctioning, and they get to use the internet to troubleshoot. 

        So it was set up and he gave me a username and a password for administrative access to the web server he just set up for me, and the IP address of a website, and it didn't occur to me to go to the website, he said it was down. I just immediately set out to SSH into it and in the middle of trying to do this, the network went down again from VLAN problems. After another fifteen minutes or so, I finally got to see if I could SSH into it, which I did successfully. 

        He had told me that the website was down and they didn't know why and that it was using Apache to deliver web pages. I immediately thought of that scene in The Social Network when Mark told Edwardo that he needed to buy a Linux box running Apache with a MySQL backend. I looked it up many years ago and had very little idea of what he was talking about except that I knew what Linux was. But now because of this, I was aware that Apache had something to do with delivering the website to users. 

        SO when he mentioned Apache and said the site wasn't loading, I immediately suspected Apache. I went to ChatGPT to see if this could be resolved with it's help:

    To ChatGPT - how to check if apache is running? I am ssh-ed into a web server. It runs linux.

    ChatGPT - sudo systemctl status apache2

    admin@skibidi-slicers:~$ sudo systemctl status apache2

    [sudo] password for admin:

    ○ apache2.service - The Apache HTTP Server

         Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)

         Active: inactive (dead) since Tue 2024-11-05 03:26:15 UTC; 18min ago

           Docs: https://httpd.apache.org/docs/2.4/

        Process: 24655 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)

        Process: 24920 ExecStop=/usr/sbin/apachectl graceful-stop (code=exited, status=0/SUCCESS)

       Main PID: 24666 (code=exited, status=0/SUCCESS)

            CPU: 564ms


    Nov 05 02:07:10 skibidi-slicers systemd[1]: Starting The Apache HTTP Server...

    Nov 05 02:07:10 skibidi-slicers apachectl[24665]: AH00558: apache2: Could not reliably determine the server's fully qua>

    Nov 05 02:07:10 skibidi-slicers systemd[1]: Started The Apache HTTP Server.

    Nov 05 03:26:05 skibidi-slicers systemd[1]: Stopping The Apache HTTP Server...

    Nov 05 03:26:05 skibidi-slicers apachectl[24922]: AH00558: apache2: Could not reliably determine the server's fully qua>

    Nov 05 03:26:15 skibidi-slicers systemd[1]: apache2.service: Deactivated successfully.

    Nov 05 03:26:15 skibidi-slicers systemd[1]: Stopped The Apache HTTP Server.

    ChatGPT said that it was started and later stopped. I wondered if perhaps Apache just wasn't running or someone turned it off or if there was some error, so I decided to start it. I asked ChatGPT how to start it. 

    ChatGPT -  sudo systemctl start apache2

    admin@skibidi-slicers:~$ sudo systemctl start apache2

    Job for apache2.service failed because the control process exited with error code.

    See "systemctl status apache2.service" and "journalctl -xeu apache2.service" for details.

    I was about to try and figure out why it was stopping, and was going to ask ChatGPT how to check but Doug pointed out the above highlighted response and thought I would just go with that. 

    admin@skibidi-slicers:~$ sudo journalctl -xeu apache2.service

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00558: apache2: Could not reliably determine the server's fully qua>

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to add>

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to add>

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: no listening sockets available, shutting down

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00015: Unable to open logs

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: Action 'start' failed.

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: The Apache error log may have more information.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Control process exited, code=exited, status=1/FAILURE

    ░░ Subject: Unit process exited

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ An ExecStart= process belonging to unit apache2.service has exited.

    ░░

    ░░ The process' exit code is 'exited' and its exit status is 1.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Failed with result 'exit-code'.

    ░░ Subject: Unit failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ The unit apache2.service has entered the 'failed' state with result 'exit-code'.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Failed to start The Apache HTTP Server.

    ░░ Subject: A start job for unit apache2.service has failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has finished with a failure.

    ░░

    ░░ The job identifier is 20229 and the job result is failed.

     ESCOC


    check HTTP Server...

    execution


    pache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' di>

    is already in use: AH00072: make_sock: could not bind to address [::]:80

    is already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80

    ng sockets available, shutting down

    unable to open logs

    art' failed.

     error log may have more information.

     Control process exited, code=exited, status=1/FAILURE


    as exited.

     

     1.

     Failed with result 'exit-code'.

     ESCOD

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A stop job for unit apache2.service has finished.

    ░░

    ░░ The job identifier is 19786 and the job result is done.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Starting The Apache HTTP Server...

    ░░ Subject: A start job for unit apache2.service has begun execution

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has begun execution.

    ░░

    ░░ The job identifier is 20229.

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00558: apache2: Could not reliably determine the server's fully qua>

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to add>

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to add>

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: no listening sockets available, shutting down

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00015: Unable to open logs

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: Action 'start' failed.

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: The Apache error log may have more information.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Control process exited, code=exited, status=1/FAILURE

    ░░ Subject: Unit process exited

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ An ExecStart= process belonging to unit apache2.service has exited.

    ░░

    ░░ The process' exit code is 'exited' and its exit status is 1.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Failed with result 'exit-code'.

    lines 36-64/77 85%

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A stop job for unit apache2.service has finished.

    ░░

    ░░ The job identifier is 19786 and the job result is done.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Starting The Apache HTTP Server...

    ░░ Subject: A start job for unit apache2.service has begun execution

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has begun execution.

    ░░

    ░░ The job identifier is 20229.

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00558: apache2: Could not reliably determine the server's fully qualified domain >

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:80

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: no listening sockets available, shutting down

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00015: Unable to open logs

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: Action 'start' failed.

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: The Apache error log may have more information.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Control process exited, code=exited, status=1/FAILURE

    ░░ Subject: Unit process exited

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ An ExecStart= process belonging to unit apache2.service has exited.

    ░░

    ░░ The process' exit code is 'exited' and its exit status is 1.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Failed with result 'exit-code'.

    ░░ Subject: Unit failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ The unit apache2.service has entered the 'failed' state with result 'exit-code'.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Failed to start The Apache HTTP Server.

    ░░ Subject: A start job for unit apache2.service has failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has finished with a failure.

     ESCOC


    P Server...

    n


     Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to s>

    dy in use: AH00072: make_sock: could not bind to address [::]:80

    dy in use: AH00072: make_sock: could not bind to address 0.0.0.0:80

    ets available, shutting down

    o open logs

    iled.

    log may have more information.

    l process exited, code=exited, status=1/FAILURE


    ed.


     with result 'exit-code'.


    ult 'exit-code'.

    che HTTP Server.


    .

     ESCOD

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A stop job for unit apache2.service has finished.

    ░░

    ░░ The job identifier is 19786 and the job result is done.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Starting The Apache HTTP Server...

    ░░ Subject: A start job for unit apache2.service has begun execution

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has begun execution.

    ░░

    ░░ The job identifier is 20229.

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00558: apache2: Could not reliably determine the server's fully qualified domain >

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:80

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: no listening sockets available, shutting down

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00015: Unable to open logs

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: Action 'start' failed.

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: The Apache error log may have more information.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Control process exited, code=exited, status=1/FAILURE

    ░░ Subject: Unit process exited

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ An ExecStart= process belonging to unit apache2.service has exited.

    ░░

    ░░ The process' exit code is 'exited' and its exit status is 1.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Failed with result 'exit-code'.

    ░░ Subject: Unit failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ The unit apache2.service has entered the 'failed' state with result 'exit-code'.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Failed to start The Apache HTTP Server.

    ░░ Subject: A start job for unit apache2.service has failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has finished with a failure.

     ESCOD

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A stop job for unit apache2.service has finished.

    ░░

    ░░ The job identifier is 19786 and the job result is done.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Starting The Apache HTTP Server...

    ░░ Subject: A start job for unit apache2.service has begun execution

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has begun execution.

    ░░

    ░░ The job identifier is 20229.

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00558: apache2: Could not reliably determine the server's fully qualified domain >

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:80

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: no listening sockets available, shutting down

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00015: Unable to open logs

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: Action 'start' failed.

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: The Apache error log may have more information.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Control process exited, code=exited, status=1/FAILURE

    ░░ Subject: Unit process exited

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ An ExecStart= process belonging to unit apache2.service has exited.

    ░░

    ░░ The process' exit code is 'exited' and its exit status is 1.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Failed with result 'exit-code'.

    ░░ Subject: Unit failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ The unit apache2.service has entered the 'failed' state with result 'exit-code'.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Failed to start The Apache HTTP Server.

    ░░ Subject: A start job for unit apache2.service has failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has finished with a failure.

     ESCOD

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A stop job for unit apache2.service has finished.

    ░░

    ░░ The job identifier is 19786 and the job result is done.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Starting The Apache HTTP Server...

    ░░ Subject: A start job for unit apache2.service has begun execution

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has begun execution.

    ░░

    ░░ The job identifier is 20229.

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00558: apache2: Could not reliably determine the server's fully qualified domain >

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:80

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: no listening sockets available, shutting down

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00015: Unable to open logs

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: Action 'start' failed.

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: The Apache error log may have more information.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Control process exited, code=exited, status=1/FAILURE

    ░░ Subject: Unit process exited

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ An ExecStart= process belonging to unit apache2.service has exited.

    ░░

    ░░ The process' exit code is 'exited' and its exit status is 1.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Failed with result 'exit-code'.

    ░░ Subject: Unit failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ The unit apache2.service has entered the 'failed' state with result 'exit-code'.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Failed to start The Apache HTTP Server.

    ░░ Subject: A start job for unit apache2.service has failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has finished with a failure.

     ESCOD

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A stop job for unit apache2.service has finished.

    ░░

    ░░ The job identifier is 19786 and the job result is done.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Starting The Apache HTTP Server...

    ░░ Subject: A start job for unit apache2.service has begun execution

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has begun execution.

    ░░

    ░░ The job identifier is 20229.

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00558: apache2: Could not reliably determine the server's fully qualified domain >

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:80

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: no listening sockets available, shutting down

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00015: Unable to open logs

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: Action 'start' failed.

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: The Apache error log may have more information.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Control process exited, code=exited, status=1/FAILURE

    ░░ Subject: Unit process exited

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ An ExecStart= process belonging to unit apache2.service has exited.

    ░░

    ░░ The process' exit code is 'exited' and its exit status is 1.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Failed with result 'exit-code'.

    ░░ Subject: Unit failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ The unit apache2.service has entered the 'failed' state with result 'exit-code'.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Failed to start The Apache HTTP Server.

    ░░ Subject: A start job for unit apache2.service has failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has finished with a failure.

     ESCOD

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A stop job for unit apache2.service has finished.

    ░░

    ░░ The job identifier is 19786 and the job result is done.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Starting The Apache HTTP Server...

    ░░ Subject: A start job for unit apache2.service has begun execution

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has begun execution.

    ░░

    ░░ The job identifier is 20229.

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00558: apache2: Could not reliably determine the server's fully qualified domain >

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:80

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: no listening sockets available, shutting down

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00015: Unable to open logs

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: Action 'start' failed.

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: The Apache error log may have more information.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Control process exited, code=exited, status=1/FAILURE

    ░░ Subject: Unit process exited

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ An ExecStart= process belonging to unit apache2.service has exited.

    ░░

    ░░ The process' exit code is 'exited' and its exit status is 1.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Failed with result 'exit-code'.

    ░░ Subject: Unit failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ The unit apache2.service has entered the 'failed' state with result 'exit-code'.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Failed to start The Apache HTTP Server.

    ░░ Subject: A start job for unit apache2.service has failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has finished with a failure.

     ESCOD

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A stop job for unit apache2.service has finished.

    ░░

    ░░ The job identifier is 19786 and the job result is done.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Starting The Apache HTTP Server...

    ░░ Subject: A start job for unit apache2.service has begun execution

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has begun execution.

    ░░

    ░░ The job identifier is 20229.

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00558: apache2: Could not reliably determine the server's fully qualified domain >

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:80

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: no listening sockets available, shutting down

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00015: Unable to open logs

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: Action 'start' failed.

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: The Apache error log may have more information.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Control process exited, code=exited, status=1/FAILURE

    ░░ Subject: Unit process exited

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ An ExecStart= process belonging to unit apache2.service has exited.

    ░░

    ░░ The process' exit code is 'exited' and its exit status is 1.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Failed with result 'exit-code'.

    ░░ Subject: Unit failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ The unit apache2.service has entered the 'failed' state with result 'exit-code'.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Failed to start The Apache HTTP Server.

    ░░ Subject: A start job for unit apache2.service has failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has finished with a failure.

     ESCOC


    P Server...

    n


     Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to s>

    dy in use: AH00072: make_sock: could not bind to address [::]:80

    dy in use: AH00072: make_sock: could not bind to address 0.0.0.0:80

    ets available, shutting down

    o open logs

    iled.

    log may have more information.

    l process exited, code=exited, status=1/FAILURE


    ed.

     with result 'exit-code'.


    ult 'exit-code'.

    che HTTP Server.

     

    .

     ESCOC


    ame, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message


     ESCOC


    ppress this message


     ESCOC


     ESCOD


    ppress this message


     ESCOD


    ame, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message


     ESCOD


    P Server...

    n


     Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to s>

    dy in use: AH00072: make_sock: could not bind to address [::]:80

    dy in use: AH00072: make_sock: could not bind to address 0.0.0.0:80

    ets available, shutting down

    o open logs

    iled.

    log may have more information.

    l process exited, code=exited, status=1/FAILURE


    ed.


     with result 'exit-code'.


    ult 'exit-code'.

    che HTTP Server.


    .

     ESCOD

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A stop job for unit apache2.service has finished.

    ░░

    ░░ The job identifier is 19786 and the job result is done.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Starting The Apache HTTP Server...

    ░░ Subject: A start job for unit apache2.service has begun execution

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has begun execution.

    ░░

    ░░ The job identifier is 20229.

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00558: apache2: Could not reliably determine the server's fully qualified domain >

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:80

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: no listening sockets available, shutting down

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00015: Unable to open logs

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: Action 'start' failed.

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: The Apache error log may have more information.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Control process exited, code=exited, status=1/FAILURE

    ░░ Subject: Unit process exited

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ An ExecStart= process belonging to unit apache2.service has exited.

    ░░

    ░░ The process' exit code is 'exited' and its exit status is 1.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Failed with result 'exit-code'.

    ░░ Subject: Unit failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ The unit apache2.service has entered the 'failed' state with result 'exit-code'.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Failed to start The Apache HTTP Server.

    ░░ Subject: A start job for unit apache2.service has failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has finished with a failure.

     ESCOC

     

    P Server...

    n


     Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to s>

    dy in use: AH00072: make_sock: could not bind to address [::]:80

    dy in use: AH00072: make_sock: could not bind to address 0.0.0.0:80

    ets available, shutting down

    o open logs

    iled.

    log may have more information.

    l process exited, code=exited, status=1/FAILURE


    ed.


     with result 'exit-code'.


    ult 'exit-code'.

    che HTTP Server.


    .

     ESCOD

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A stop job for unit apache2.service has finished.

    ░░

    ░░ The job identifier is 19786 and the job result is done.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Starting The Apache HTTP Server...

    ░░ Subject: A start job for unit apache2.service has begun execution

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has begun execution.

    ░░

    ░░ The job identifier is 20229.

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00558: apache2: Could not reliably determine the server's fully qualified domain >

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:80

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: no listening sockets available, shutting down

    Nov 05 03:46:41 skibidi-slicers apachectl[25117]: AH00015: Unable to open logs

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: Action 'start' failed.

    Nov 05 03:46:41 skibidi-slicers apachectl[25114]: The Apache error log may have more information.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Control process exited, code=exited, status=1/FAILURE

    ░░ Subject: Unit process exited

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ An ExecStart= process belonging to unit apache2.service has exited.

    ░░

    ░░ The process' exit code is 'exited' and its exit status is 1.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: apache2.service: Failed with result 'exit-code'.

    ░░ Subject: Unit failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ The unit apache2.service has entered the 'failed' state with result 'exit-code'.

    Nov 05 03:46:41 skibidi-slicers systemd[1]: Failed to start The Apache HTTP Server.

    ░░ Subject: A start job for unit apache2.service has failed

    ░░ Defined-By: systemd

    ░░ Support: http://www.ubuntu.com/support

    ░░

    ░░ A start job for unit apache2.service has finished with a failure.

    At this point I had not understood that "is already in use: AH00072: make_sock: could not bind to address [::]:80 is already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80" was referring to ports. It said sockets and I didn't know. I had asked ChatGPT about the output the server gave me and it gave two answers, but one of them talked about port 80 already being in use and I thought, oh, HTTP is already in use. I remembered back when I had made a Pi Hole and Pi VPN and to access it, there was a web interface. And from my understanding, this used port 80. And then one of my next projects was to create a self hosted password manager. But one of the snags I ran into was that to access it, I would need to host my own website. And this couldn't be done because I was already hostin a website basically so I could access my Pi Hole through the web interface. So if that was going to be solved, Doug had the idea ot try and use a free domain. I ultimately ended up scrapping the project for other reasons but I remembered this, that it couldn't host more than one site from one public IP address.

    I asked ChathGPT how to see what all was running on port 80 and entered in one of its responses.

    admin@skibidi-slicers:~$ sudo lsof -i :80

    COMMAND   PID     USER   FD   TYPE DEVICE SIZE/OFF NODE NAME

    nginx   24974     root    6u  IPv4 251337      0t0  TCP *:http (LISTEN)

    nginx   24974     root    7u  IPv6 251338      0t0  TCP *:http (LISTEN)

    nginx   24975 www-data    6u  IPv4 251337      0t0  TCP *:http (LISTEN)

    nginx   24975 www-data    7u  IPv6 251338      0t0  TCP *:http (LISTEN)

    nginx   24976 www-data    6u  IPv4 251337      0t0  TCP *:http (LISTEN)

    nginx   24976 www-data    7u  IPv6 251338      0t0  TCP *:http (LISTEN)

    nginx   24977 www-data    6u  IPv4 251337      0t0  TCP *:http (LISTEN)

    nginx   24977 www-data    7u  IPv6 251338      0t0  TCP *:http (LISTEN)

    nginx   24978 www-data    6u  IPv4 251337      0t0  TCP *:http (LISTEN)

    nginx   24978 www-data    7u  IPv6 251338      0t0  TCP *:http (LISTEN)

    I went to ChtGPT to learn what NGINX was. One of the many things it said was that "Nginx (pronounced "engine-ex") is a high-performance web server and reverse proxy server that is also used for load balancing, HTTP caching, and serving static files. It was created by Igor Sysoev and first released in 2004. Nginx is known for its ability to handle a large number of concurrent connections efficiently, making it popular for high-traffic websites."

       My conclusion here was not that it was an alternative to Apache, but rather I concluded that NGINX was an important part of either Apache or something that worked with Apache. And I formed the conclusion that it was important, after all we likely do want the processes its running and so if I just end the process and start Apache, I might just be causing another problem in order to solve one, like robbing Peter to pay Paul. I told Doug my conclusion that one option is to end NGINX, but I suspect that NGINX was actually important and when he asked me what it does, I said it's a high performance web server that runs many tasks at the same time.  And he corrected me that basically its an alternative to Apache. And I realized, oh, so since we want Apache to run, we need to kill NGINX since only one thing can run over port 80 at a time. I asked ChatGPT how to stop it, and Chat GPT said how to stop it, and I asked how to start Apache again and it also suggested I run a status check on it after I had run the command to start it which I did: 

    admin@skibidi-slicers:~$ sudo systemctl stop nginx

    admin@skibidi-slicers:~$ sudo systemctl start apache2

    admin@skibidi-slicers:~$ sudo systemctl status apache2

    ● apache2.service - The Apache HTTP Server

         Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)

         Active: active (running) since Tue 2024-11-05 04:01:59 UTC; 7s ago

           Docs: https://httpd.apache.org/docs/2.4/

        Process: 25143 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)

       Main PID: 25147 (apache2)

          Tasks: 55 (limit: 4563)

         Memory: 5.0M

            CPU: 103ms

         CGroup: /system.slice/apache2.service

                 ├─25147 /usr/sbin/apache2 -k start

                 ├─25148 /usr/sbin/apache2 -k start

                 └─25149 /usr/sbin/apache2 -k start

    Problem solved. He told me that there were a lot of people that took far more than the ten minutes I took and may who didn't even solve it. But there were people who solved it faster than me. I asked if employers would care if I used ChatGPT and he said no, as long as you don't rely on it to tell you what everything means, you should try to understand the outputs yourself as much as you can or else you're just using it as a crutch. I said but he had given me a few nudges here and there. I suppose I can expect that on the job, that I can receive nudges from co-workers and stuff and he said yes, especially if you're a junior sys. admin. And I asked, so basically I got like a B on my test ad he said yes. 

    This has been Truncat3d 00000000111100010100110______________end of line 

     

    2025-07-10 - BYU Wi‑Fi captive portal troubleshooting

      BYU Wi‑Fi Captive Portal Troubleshooting What happened I had used BYU Wi‑Fi just fine before, but at some point, the captive portal star...