First one in this discussion is Sitecore Razl. Sitecore Razl is a database comparison tool for the Sitecore CMS. It allows a developer to compare two different Sitecore databases and see the differences in each. A developer can then migrate changes from one database to the other. (ref)
Once the connection specific package is installed in a server, when trying to load the connection in the Razl tool, it would say it cannot connect. Same accessGuid is present in configuration and Razl Connection window.
Second one is related to SPE Content Migrator. Script used to migrate content between Sitecore instances using Sitecore PowerShell Extensions.(ref).
In this case, even after enabling SPE Remoting and allowed role "sitecore\PowerShell Extensions Remoting" for authorization, migrator script always responded with the below error.
Test Script:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $session = New-ScriptSession -SharedSecret '84sdcfabe-12ce-4aa7-s32d-cf3xd82bfe90' -Username 'specontentmigrator' -ConnectionUri "https://uat.exmaple.com" | |
| Invoke-RemoteScript -Session $session -ScriptBlock { Get-User -id admin } | |
| Stop-ScriptSession -Session $session |
Error:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PS C:\Example CODE\Content Migration> C:\Example CODE\Content Migration\Test.ps1 | |
| Invoke-RemoteScript : Server response: The specified user default\Anonymous is not authorized for the remoting service. | |
| At C:\Example CODE\Content Migration\Test.ps1:9 char:13 | |
| + Invoke-RemoteScript -Session $session -ScriptBlock { Get- ... | |
| + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
| + CategoryInfo : ConnectionError: (https://uat.example.com/:) [Write-Error], Unauthorized | |
| + FullyQualifiedErrorId : System.Net.Http.HttpRequestException,Invoke-RemoteScript | |
| Invoke-RemoteScript : Server response: The specified user default\Anonymous is not authorized for the remoting service. | |
| At C:\Users\Nehem\Documents\WindowsPowerShell\Modules\SPE\6.3.0\Stop-ScriptSession.ps1:85 char:5 | |
| + Invoke-RemoteScript -Session $newSession -ScriptBlock { | |
| + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
| + CategoryInfo : ConnectionError: (https://uat.example.com/:) [Write-Error], Unauthorized | |
| + FullyQualifiedErrorId : System.Net.Http.HttpRequestException,Invoke-RemoteScript |
Troubleshooting Steps:
Both these errors have similar troubleshooting steps. Both these tools interact with Sitecore CM using custom APIs or Handlers. With the current client, there are many IIS rewrite rules added to support their business requirement or for security reasons in Content Management Server.
- LowerCaseRule
- RemoveTrailingSlashRule
- Root Hit Force HTTPS Redirection
- Sitecore Login or Admin Force HTTPS Redirection
- Forbidden
- Redirect Error Page for a Business Requirement
First step - We enabled IIS logs for the CM site and also enabled all the available fields to log. Refer here to find the list of available fields in IIS Logs - https://www.finalanalytics.com/help/httplogbrowser/field-list.html. We tried multiple times from the tool (Razl or SPE Content Migrator) and we found the POST requests and it was redirected with 301 and a GET request was sent finally to Sitecore. Sitecore was not able to respond to the GET request as it was expecting a POST request from these tools. We tried to check the IIS rewrites one by one and found one of these rewrite rules are redirecting these requests.
Razl: It was LowerCaseRule which redirected the Razl request. We added the negate rule to avoid Razl URLs.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <rule name="LowerCaseRule" stopProcessing="true"> | |
| <match url="[A-Z]" ignoreCase="false" /> | |
| <action type="Redirect" url="{ToLower:{URL}}" /> | |
| <conditions> | |
| <add input="{URL}" pattern="/(api|example-api|demo-api)" negate="true" /> | |
| <!-- Ignore Sitecore --> | |
| <add input="{URL}" pattern="WebResource.axd" negate="true" /> | |
| <add input="{URL}" pattern="(\/sitecore)|(\/(.*\?sc_mode=edit))|(\/-\/speak)" negate="true" /> | |
| <add input="{URL}" pattern="/coveo/*" negate="true" /> | |
| <!-- Ignore Sitecore RAZL --> | |
| <add input="{URL}" pattern="/_cmp/*" negate="true" /> | |
| </conditions> | |
| </rule> |
SPE Content Migrator: It was RemoveTrailingSlashRule rule which redirected all SPE migrator requests. We added the exception to prevent it.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <rule name="RemoveTrailingSlashRule" stopProcessing="true"> | |
| <match url="(.*)/$" /> | |
| <conditions> | |
| <add input="{URL}" pattern="/(api|demo-api)" negate="true" /> | |
| <add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" /> | |
| <add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" /> | |
| <!-- Ignore Sitecore --> | |
| <add input="{URL}" pattern="WebResource.axd" negate="true" /> | |
| <add input="{URL}" pattern="(\/sitecore)|(\/(.*\?sc_mode=edit))|(\/-\/speak)" negate="true" /> | |
| <!-- Ignore SPE Content Migrator Handler --> | |
| <add input="{URL}" pattern="/-/script/*" negate="true" /> | |
| </conditions> | |
| <action type="Redirect" url="{R:1}" /> | |
| </rule> |
It is best to start with IIS first to understand the source of the problem. Happy Troubleshooting!.
No comments:
Post a Comment