W2k Svr Apache service Account

Ik heb hier mijn w2k server (geen AD) met Novell eDirectory 8.6.2. Hier draai ik Novell's Portal Service 1.5 Sp1 op. Dit geheel draait op Apache 2.0.39 en Tomcat 4.0.4 onder Win2k.
Alles werkt gewoon goed nu (na een week of wat klooien). Tomcat en Apache2 draaien al als service maar wel onder het local system account. Uit het oogpunt van beveiliging wil ik dit natuurlijk niet want mijn bak hangt ook aan internet.

Nu ben ik dus bezig een 2 service accounts in te richten voor tomcat en apache. Het service account voor tomcat werkt nu wel (moet hem via trail and error nog wel verder dicht spijkeren maar dat even terzijde).

Het apache account is lid van de users groep. verder mag deze aanmelden als service, mag files backuppen restoren en mag zich voor doen als stuk van het operating system (User rights assighments in Local Security settings)

Ik heb de system temp dir gemoved en het apache account daar full control op gegeven. Verder heeft het account ook full control op de apache directory zelf.

Ik gebruik de mod_jk.dll om apache via tomcat de pagina's te laten serveren. Steeds al ik de apache2 service probeer te starten dan krijg ik devolgende melding:
Service-Specific error code 1

In de eventlog staat dan:
The Apache service named reported the following error:
>>> (20024)The given path misformatted or contained invalid characters: Invalid config file path e:\svr_apps\apache20.39\apache2\conf\httpd.conf

Wie weet raad...

Het probleem zit em niet in de HTTPD.CONF. Zonder service account werkt de hap wel. Maar goed ik poot em er wel ff neer. (de ingebouwde apache syntax controle zegt dat er geen fouten in zitten apache -n "Apache2" -t daaruit volgt "Syntax OK"

Heb wel zin aan een pot feesten met die gasten ja... ik kijk wel ff

de gestripte httpd.conf file
------------------------------------------------

ServerRoot "E:/Svr_Apps/Apache20.39/Apache2"

PidFile logs/httpd.pid


Timeout 300

KeepAlive On

MaxKeepAliveRequests 100

KeepAliveTimeout 15

<IfModule mpm_winnt.c>
ThreadsPerChild 250
MaxRequestsPerChild 0
</IfModule>

Listen 10.0.0.2:80

LoadModule access_module modules/mod_access.so
LoadModule actions_module modules/mod_actions.so
LoadModule alias_module modules/mod_alias.so
LoadModule asis_module modules/mod_asis.so
LoadModule auth_module modules/mod_auth.so
#LoadModule auth_anon_module modules/mod_auth_anon.so
#LoadModule auth_dbm_module modules/mod_auth_dbm.so
#LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule autoindex_module modules/mod_autoindex.so
#LoadModule cern_meta_module modules/mod_cern_meta.so
#LoadModule cgi_module modules/mod_cgi.so
#LoadModule dav_module modules/mod_dav.so
#LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule dir_module modules/mod_dir.so
LoadModule env_module modules/mod_env.so
#LoadModule expires_module modules/mod_expires.so
#LoadModule file_cache_module modules/mod_file_cache.so
#LoadModule headers_module modules/mod_headers.so
#LoadModule imap_module modules/mod_imap.so
LoadModule include_module modules/mod_include.so
#LoadModule info_module modules/mod_info.so
#LoadModule isapi_module modules/mod_isapi.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule mime_module modules/mod_mime.so
#LoadModule mime_magic_module modules/mod_mime_magic.so
#LoadModule proxy_module modules/mod_proxy.so
#LoadModule proxy_connect_module modules/mod_proxy_connect.so
#LoadModule proxy_http_module modules/mod_proxy_http.so
#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule negotiation_module modules/mod_negotiation.so
#LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
#LoadModule speling_module modules/mod_speling.so
#LoadModule status_module modules/mod_status.so
#LoadModule unique_id_module modules/mod_unique_id.so
#LoadModule userdir_module modules/mod_userdir.so
#LoadModule usertrack_module modules/mod_usertrack.so
#LoadModule vhost_alias_module modules/mod_vhost_alias.so
#LoadModule ssl_module modules/mod_ssl.so
<IfModule !mod_jk.c>
LoadModule jk_module modules/mod_jk.dll
</IfModule>


ServerAdmin clan_dbg@hotmail.com
ServerName 10.0.0.1:80
UseCanonicalName Off
DocumentRoot "E:/Svr_Apps/Apache20.39/Apache2/Htdocs"

<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>


<Directory "E:/Svr_Apps/Apache20.39/Apache2/Htdocs">

Options Indexes FollowSymLinks


AllowOverride None


Order allow,deny
Allow from all

</Directory>


DirectoryIndex index.html index.html.var


AccessFileName .htaccess

<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>


TypesConfig conf/mime.types


DefaultType text/plain


<IfModule mod_mime_magic.c>
MIMEMagicFile conf/magic
</IfModule>


HostnameLookups Off


ErrorLog logs/error.log


LogLevel warn


LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent


CustomLog logs/access.log common

ServerSignature On

IndexOptions FancyIndexing VersionSort

AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip

AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*

AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core

AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^

DefaultIcon /icons/unknown.gif

ReadmeName README.html
HeaderName HEADER.html

IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t

AddEncoding x-compress Z
AddEncoding x-gzip gz tgz

AddLanguage da .dk
AddLanguage nl .nl
AddLanguage en .en
AddLanguage et .et
AddLanguage fr .fr
AddLanguage de .de
AddLanguage he .he
AddLanguage el .el
AddLanguage it .it
AddLanguage ja .ja
AddLanguage pl .po
AddLanguage ko .ko
AddLanguage pt .pt
AddLanguage nn .nn
AddLanguage no .no
AddLanguage pt-br .pt-br
AddLanguage ltz .ltz
AddLanguage ca .ca
AddLanguage es .es
AddLanguage sv .se
AddLanguage cz .cz
AddLanguage ru .ru
AddLanguage tw .tw
AddLanguage zh-tw .tw
AddLanguage hr .hr

LanguagePriority en da nl et fr de el it ja ko no pl pt pt-br ltz ca es sv tw

ForceLanguagePriority Prefer Fallback

AddDefaultCharset ISO-8859-1

AddCharset ISO-8859-1 .iso8859-1 .latin1
AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen
AddCharset ISO-8859-3 .iso8859-3 .latin3
AddCharset ISO-8859-4 .iso8859-4 .latin4
AddCharset ISO-8859-5 .iso8859-5 .latin5 .cyr .iso-ru
AddCharset ISO-8859-6 .iso8859-6 .latin6 .arb
AddCharset ISO-8859-7 .iso8859-7 .latin7 .grk
AddCharset ISO-8859-8 .iso8859-8 .latin8 .heb
AddCharset ISO-8859-9 .iso8859-9 .latin9 .trk
AddCharset ISO-2022-JP .iso2022-jp .jis
AddCharset ISO-2022-KR .iso2022-kr .kis
AddCharset ISO-2022-CN .iso2022-cn .cis
AddCharset Big5 .Big5 .big5
# For russian, more than one charset is used (depends on client, mostly):
AddCharset WINDOWS-1251 .cp-1251 .win-1251
AddCharset CP866 .cp866
AddCharset KOI8-r .koi8-r .koi8-ru
AddCharset KOI8-ru .koi8-uk .ua
AddCharset ISO-10646-UCS-2 .ucs2
AddCharset ISO-10646-UCS-4 .ucs4
AddCharset UTF-8 .utf8

AddCharset GB2312 .gb2312 .gb
AddCharset utf-7 .utf7
AddCharset utf-8 .utf8
AddCharset big5 .big5 .b5
AddCharset EUC-TW .euc-tw
AddCharset EUC-JP .euc-jp
AddCharset EUC-KR .euc-kr
AddCharset shift_jis .sjis

AddType application/x-tar .tgz


AddHandler type-map var


<IfModule mod_negotiation.c>
<IfModule mod_include.c>
Alias /error/ "E:/Svr_Apps/Apache20.39/Apache2/error/"

<Directory "E:/Svr_Apps/Apache20.39/Apache2/error">
AllowOverride None
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
Order allow,deny
Allow from all
LanguagePriority en es de fr
ForceLanguagePriority Prefer Fallback
</Directory>

ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
ErrorDocument 410 /error/HTTP_GONE.html.var
ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
ErrorDocument 415 /error/HTTP_SERVICE_UNAVAILABLE.html.var
ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var

</IfModule>
</IfModule>

BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0


BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully


Include e:/svr_apps/tomcat4.04/conf/auto/mod_jk.conf

JkWorkersFile e:/svr_apps/tomcat4.04/conf/jk/workers.properties
JkLogFile e:/svr_apps/tomcat4.04/logs/mod_jk.log

JkLogLevel debug

# JkMount /examples ajp13
# JkMount /examples/* ajp13

# JkMount /jk ajp13
# JkMount /jk/* ajp13

# JkMount /cocoon ajp13
# JkMount /cocoon/* ajp13

JkMount /nps ajp13
JkMount /nps/* ajp13

##JkMount /eGuide ajp13
##JkMount /eGuide/* ajp13

niet dus, ik had em ff weer op local system account gezet. dan doet ie het wel.... Als iemand dus iets weet,,, graag. want ik hang mijn webserver zo namelijk niet graag aan internet.