[BETA] WAPT 1.5

Questions about WAPT Server / Requests and help related to the WAPT server
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Locked
User avatar
agauvrit
WAPT Expert
Messages: 238
Registration: Nov 17, 2016 - 10:25
Location: Nantes
Contact :
Contact agauvrit

November 21, 2017 - 7:29 PM

Good morning,

We are currently testing version 1.5 Community of WAPT, but before the final release we would like some feedback from beta testers.

This BETA version targets installations "fresh"/from zero, You must not test this version on an existing WAPT server, nor on a production network.

Indeed, in the case of a migration from 1.3 to 1.5, there are many steps to take:
  • outbuildings to install
  • generating a code-signing certificate
  • password protection for the private key
  • re-signing of existing packages
  • MongoDB database migration
  • Apache to Nginx migration
  • modified agent-server operating mode (WebSockets)
Documentation currently being drafted: https://www.wapt.fr/fr/doc-1.5/

Supported testing platform: Debian Stretch x64

Test platform (Debian) installation procedure:

Code: Select all

apt-get clean
apt-get update
wget -O - http://wapt.tranquil.it/debian/tiswapt-pub.gpg  | apt-key add -
echo  "deb  http://wapt.tranquil.it/debian/wapt-1.5/ $(lsb_release -c -s) main"  > /etc/apt/sources.list.d/wapt.list
apt-get update
apt-get install tis-waptserver tis-waptsetup
python /opt/wapt/waptserver/scripts/postconf.py
When running the postconfiguration (/opt/wapt/waptserver/scripts/postconf.py), choose the default options.

The console/agent installation procedure remains the same as in previous versions (certificate generation/agent creation).

The WAPT Server Windows and CentOS BETA versions will arrive at the end of the week (wish us luck!)

Good luck with the tests and give us your feedback!

Alexander
High
User avatar
guigeek
Messages: 147
Registration: Nov 21, 2017 - 9:21 p.m.

November 21, 2017 - 9:22 PM

An apt-get update is missing after adding the repository ;)
High
User avatar
guigeek
Messages: 147
Registration: Nov 21, 2017 - 9:21 p.m.

November 22, 2017 - 2:01 PM

Hi,
I installed the server and the wapt console.
But as soon as I try to launch it, I get this error:
"A reference was returned by the server,"

and in the waptservice.log I have:
Error in socket io connection ConnectionError(unexpected status code (401 Unauthorized)).

Have I missed something?
High
User avatar
agauvrit
WAPT Expert
Messages: 238
Registration: Nov 17, 2016 - 10:25
Location: Nantes
Contact :
Contact agauvrit

November 23, 2017 - 10:35

Hello Guigeek ;)

For the console access problem, check with the folder owner

Code: Select all

/var/www/wapt


If necessary, rerun the post-configuration script

Code: Select all

python /opt/wapt/waptserver/scripts/postconf.py
Alexander
High
User avatar
sfonteneau
WAPT Expert
Messages: 2318
Registered: July 10, 2014 - 11:52 PM
Contact :
Contact Sfonteneau

November 23, 2017 - 10:41

Regarding the "a reference was returned by the server" error,

I believe the ValidateAdminCodeSignatures component of Windows is the culprit:

https://technet.microsoft.com/en-us/lib ... vateSigned.


As Microsoft explains:

The User Account Control: Only elevate executables that are signed and validated policy setting enforces public key infrastructure (PKI) signature checks for any interactive applications that request elevation of privilege. Enterprise administrators can control which applications are allowed to run by adding certificates to the Trusted Publishers certificate store on local computers.


In my opinion, your Windows system is unable to verify that the signature of "waptconsole.exe" is correct.

Does your machine have internet access?

A quick workaround that sometimes works is to right-click on waptconsole.exe --> Properties --> Compatibility --> "Run this program as an administrator".
High
f4242
Messages: 54
Registration: Nov 23, 2016 - 8:51 p.m.

November 23, 2017 - 3:32 PM

Hello,

is Apache still supported or is nginx now required?
High
User avatar
agauvrit
WAPT Expert
Messages: 238
Registration: Nov 17, 2016 - 10:25
Location: Nantes
Contact :
Contact agauvrit

November 23, 2017 - 4:46 PM

Nginx required, yes
High
User avatar
dcardon
WAPT Expert
Messages: 1930
Registration: June 18, 2014 - 09:58
Location: Saint Sébastien sur Loire
Contact :
Contact dcardon

November 23, 2017 - 5:48 PM

"No" is the correct answer.

Now, to add some nuance/explanation:

WAPT 1.5 now uses WebSockets to send actions to client machines (in version 1.3, the WAPT agent keeps port 8088 open to allow the server to make callbacks).

Apache has a wstunnel module for reverse proxying WebSocket connections [2], however, its threading/processing model is less well-suited compared to nginx for maintaining many persistent connections [3].

For a bit of background, the initial development of WebSockets under WAPT was done with an Apache server, but we encountered long-pooling fallback issues in certain scenarios, which significantly increased the server load when there were many simultaneous connections (the goal is to support at least several thousand workstations, and therefore WebSocket connections, per WAPT server instance).

Basically, if you want to use Apache (or IIS), there's no reason you shouldn't be able to, but it's not that simple; there are still many details to consider, and it won't necessarily work as well as you'd like.

Denis

[1] https://en.wikipedia.org/wiki/WebSocket
[2] https://httpd.apache.org/docs/2.4/mod/m ... unnel.html
[3] https://www.nginx.com/blog/nginx-vs-apache-our-view/
Denis Cardon - Tranquil IT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
High
f4242
Messages: 54
Registration: Nov 23, 2016 - 8:51 p.m.

November 27, 2017 - 9:49 PM

Thank you for the explanation! :)
High
TexBill
Messages: 1
Registration: Nov 30, 2017 - 08:19

November 30, 2017 - 8:25 AM

Hello,

could we have some updates on the implementation of the CentOS repository for this beta?

Thank you.
High
Locked

Return to "WAPT Server"


  • To go further with WAPT