Configuring EMBrowser Interface (EMBI) with an alternate IP address binding

Version 1

    Verified Product Versions

    AppSense Environment Manager 8.3AppSense Environment Manager 8.2

    Introduction

    The EmBrowserInterface site fails with 'An internal Error has occurred' on a server where the IP address binding for the web site hosting the EmBrowserInterface / EmBrowserService applications has been changed from 'All Unassigned' to a specified IP address.

    Detail

    The EmBrowserInterface utilizes WCF in a client-server relationship. The EmBrowserInterface is the WCF client and HTTP endpoint and the EmBrowserService is the WCF server. The web.config files for each of these applications contains the endpoint details for the interface between the two and by default specifies localhost as the connection details which resolves as the IP address 127.0.0.1 (or ::1: in IPv6). By removing the 'All Unassigned' IP address binding from IIS, the binding for 127.0.0.1 and therefore (localhost) is also removed, causing the WCF connection to fail.

    If a customer wishes to specify a second IP address on the NIC and the IIS bindings, you will need to change the WCF connection settings in both the EMBrowserInterface\web.config and EMBrowserService\web.config files. As WCF authenticates (using either kerberos or NTLM over an anonymous HTTP channel) using the DNS name specified in the web.config file, you will need to ensure a valid DNS name with SPNs / BackConnectionHostNames is specified.

    For example:

    Machine Name: server.domain.local
    IP Address: 192.168.0.10

    Add a second static IP address 192.168.0.11
    Add a DNS host record for alias.domain.local for 192.168.0.11
    Add the SPN HOST/alias.domain.local for server
    Add the SPN HOST/alias for server
    Add the SPN http/alias.domain.local for server
    Add the SPN http/alias for server
    Add the BackConnectionHostNames REG_MULTI_SZ to 'HKLM\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0' with the following entries 'server.domain.local server alias.domain.local alias localhost 192.168.0.10 192.168.0.11 127.0.0.1'
    Edit IIS Web Site binding from 'All Unassigned' to 192.168.0.11
    Edit EMBrowserInterface\web.config - find and replace localhost with alias
    Edit EMBrowserService\web.config - find and replace localhost with alias
    Restart Server

    From a client machine check:
    server.domain.local resolves to 192.168.0.10 but the web site does not load.
    alias.domain.local resolves to 192.168.0.11 and the web site loads.