Enterprise v11.2 install fresh SQL Express error

[110dad]

I am doing a new fresh install of Enterprise v11 install with the embedded SQL Express and I get this error:

1. The server is not connected to internet, should I connect it to the internet during the install?
2. Can I download the new SQL file from the link and replace the old SQL Express file within the unzipped folder?

💬 Questions and Help

Please note that this issue tracker is not a help form and this issue will be closed.

For questions or help please see:

• ✉️ Email CSET support

[alexisCarn]

What I did to fix the problem was installing SQL Server 2019 Express and SMS by myself before running the CSET setup script. Look for the latest SQL2019-SSEI-Expr.exe setup file on the Microsoft website. At the end of the installation of SQL Server don't forget to install SMS as well (you should not have to download another .exe file).

[110dad]

Did you do a custom install or just the basic default? thanks

[alexisCarn]

Did you do a custom install or just the basic default? thanks

The default install did the job for me.

[110dad]

Thanks I got the install to work.

Now I can not browse to the CSETUI. I get Error Code: INET_E_RESOURCE_NOT_FOUND. Even when I browse to the website via localhost.

This is what I get when I hit the URL to the server with CSET installed on it: HTTP Error 503. The service is unavailable.

The install created a service account for the app pools. domain xxx\username, does this account need any permissions set?

Does the service account the script set up need access to the database? if so what roles and or access?

[alexisCarn]

There might be a conflict between the port used by the IIS Default Website and the port used by CSETUI (generally they both use port 80). You just have to change the port of one of them. In IIS Manager : Write click on the CSETUI site → Edit bindings… → Change the port to a different one (ex : 81) Make sure that CSETAPI, CSETUI and DefaultAppPool are not using the same port. Then go to the URL : http://localhost:YOURCUSTOMPORT (for example https://localhost:81)

[110dad]

ARL-PSU BUSINESS SENSITIVE

Thanks for the tip. The default website is stopped so there should be no port conflict.

I have changed the port for CSETUI to 81 and still will not load web page.

The account domain\CSETUser was created when I ran the setup script, does it need Database access or anything like that? It appears as a domain account but it is not in the AD.

Should I change this to a local account or create a domain service account? IF so what DB access does it need?

@.***

ARL-PSU BUSINESS SENSITIVE

From: alexisCarn @.> Sent: Thursday, August 11, 2022 10:13 AM To: cisagov/cset @.> Cc: Troy Herrington @.>; Author @.> Subject: [EXTERNAL] Re: [cisagov/cset] Enterprise v11.2 install fresh SQL Express error (Issue #2833)

There might be a conflict between the port used by the IIS Default Website and the port used by CSETUI (generally they both use port 80). You just have to change the port of one of them. In IIS Manager : Write click on the CSETUI site → Edit bindings… → Change the port to a different one (ex : 81) Make sure that CSETAPI, CSETUI and DefaultAppPool are not using the same port. Then go to the URL : http://localhost:YOURCUSTOMPORT (for example https://localhost:81)

— Reply to this email directly, view it on GitHubhttps://github.com/cisagov/cset/issues/2833#issuecomment-1212045469, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AXWCFNKMV3PZUIIAQLZG7Y3VYUDADANCNFSM5556AXEA. You are receiving this because you authored the thread.Message ID: @.**@.>>

[alexisCarn]

Try this :

Righ-Click on an application pool → Advanced Settings… → Identity → Change it to %COMPUTERNAME%\CSETUser instead of domain\CSETUser

Or fix the setup script. To fix it you have to change the sqlcmd lines at the end of the script. Change env:userdomain to env:computername. In the end, the 4 sqlcmd lines should look like this :

sqlcmd -E -S $server -d "MASTER" -Q "CREATE DATABASE CSETWeb ON (FILENAME = 'C:\CSETDatabase\CSETWeb.mdf'), (FILENAME = 'C:\CSETDatabase\CSETWeb_log.ldf') FOR ATTACH;"
sqlcmd -E -S $server -d "CSETWeb" -Q "CREATE LOGIN [${env:computername}\CSETUser] FROM WINDOWS WITH DEFAULT_DATABASE = CSETWeb; CREATE USER [${env:computername}\CSETUser] FOR LOGIN [${env:computername}\CSETUser] WITH DEFAULT_SCHEMA = [dbo];"
sqlcmd -E -S $server -d "CSETWeb" -Q "ALTER ROLE [db_owner] ADD MEMBER [${env:computername}\CSETUser];"
sqlcmd -E -S $server -d "CSETWeb" -Q "GRANT EXECUTE ON SCHEMA :: [dbo] to [${env:computername}\CSETUser];"

[110dad]

I did a reinstall and go the service account to be a local acct and used in app pool, but I still get the same results where the page does not load. I think the ur lrewrite module did not install , I do not have internet access on this server. Is there a way to install offline? Question is there a place I can check the sql connection string? & what instance it is using?

[alexisCarn]

I have not seen this error 500.19 when I worked on my instance but here is a GitHub issue where it is mentioned with a solution : https://github.com/cisagov/cset/issues/2363 Make sure that the URL Rewrite module is installed. I don't know how the SQL instance is set up and cannot help you with it sorry.

[110dad]

I did a complete reinstall and I am getting this when I browse from IIS under the site CSETUI

[alexisCarn]

Look at the logs of CSET in the CSET.log file (or any other file with 'log' in it) you might be able to find where is the problem coming from.

[alexisCarn]

Here is the checklist that I made to install my instance of CSET :

1. Download CSET Enterprise binaries
2. Delete the SQL2019-SSEI-Expr.exe file from the archive and replace it with the last version that you will find on Microsoft's website.
3. Download Microsoft .NET Framework 4.8 and install it
4. If you are installing CSET on a VM in your company's domain, you might have to change env:userdomain by env:computername in the Powershell script
5. Run the Powershell script as an administrator
6. Follow the instructions and install everything they want you to install. Don’t forget to install SSMS at the end of the install of SQL Express.
7. Use a strong password when they ask for one during the script run.
8. When the script asks for the SQL server name, this might be the one required : %COMPUTERNAME%\SQLEXPRESS
9. Make sure that there is no port conflict between CSETUI, CSETAPI, CSETReportAPI and IIS Default Website in IIS Manager
10. Host mail configuration in the following file : C:\inetpub\wwwroot\CSETAPI\appsettings.json
11. Modify UI config file with right domain name and ports here : C:\inetpub\wwwroot\CSETUI\assets\config.json
12. Open ports 5001 and 5002 in your firewall

[110dad]

Ok update I got everything installed. The only way I can get CSET to load is browse to the default web site http://localhost:port/CSETUI

When I go to register a new user account I get this error:

Also the drop down for the Security question box is black blank

If I browse out to the CSETUI SITE above Default Web Site, I get this: Should I be browsing to CSET site or the Default web site?

[alexisCarn]

1. Check that all the applications pools are running correctly. If not there might be an Identity problem : Righ-Click on an application pool → Advanced Settings… → Identity → Replace \CSETUser by \CSETUser
2. The UI might not know how to talk to the API. Check the following file : C:\inetpub\wwwroot\CSETUI\assets\config.json. Make sure that the url, protocols and ports are correct.
3. I could not register a new account and had an error. Here is an explanation of the problem and its solution : https://cypressnorth.com/web-programming-and-development/solved-using-memory-repository-keys-will-not-persisted-storage-asp-net-core-iis/

[110dad]

The application pools are using the account the powershell script set up, the ports are correct for the API 5001, CSETReportAPI 5002, CSETUI 4200.

And still get the same results

[110dad]

I get this now when I browse out to the CSETUI from the default website in IIS: When trying to register a user, I have had not luck registering a user. The security question drop down box is unreadable.

[inlguy]

If the security question drop down box is unreadable, Then you are not talking to the database

[110dad]

If the security question drop down box is unreadable, Then you are not talking to the database

How & where can I check the database connection to make it talk?

[eyadrefai]

How & where can I check the database connection to make it talk?

[tropicsquirrel]

install error likely from unresolved dependencies. I needed https://www.microsoft.com/en-us/download/details.aspx?id=48145 (vc_redist 2015) in order for my VSS writer service to start properly.