Search Results

Search found 173 results on 7 pages for 'impersonation'.

Page 3/7 | < Previous Page | 1 2 3 4 5 6 7  | Next Page >

  • Overrideen ASPNet.config does not apply for legacyImpersonationPolicy

    - by Grumbler85
    I tried to override the <legacyImpersonationPolicy> Element, so a single application, will enable this policy (which is necessary, since this application breaks if disabled). So my Framework64/aspnet.config states: <configuration> <runtime> <legacyUnhandledExceptionPolicy enabled="false" /> <legacyImpersonationPolicy enabled="false" /> <alwaysFlowImpersonationPolicy enabled="false" /> <SymbolReadingPolicy enabled="1" /> <shadowCopyVerifyByTimestamp enabled="true"/> </runtime> <startup useLegacyV2RuntimeActivationPolicy="true" /> </configuration> And a local aspnet.config file has this change: <legacyImpersonationPolicy enabled="false" /> Procmon tells me the file is read by the w3wp.exe, but the settings will not apply. Can anyone point out a way how to correctly override the setting? *The Server has been restarted meanwhile, but still no changes.

    Read the article

  • Response.TransmitFile() with UNC share (ASP.NET)

    - by frankadelic
    In the comments of this page: http://msdn.microsoft.com/en-us/library/12s31dhy.aspx ..it says that TransmitFile() cannot be used with UNC shares. As far as I can tell, this is the case; I get this error in Event Log when I attempt it: TransmitFile failed. File Name: \\myshare1\e$\file.zip, Impersonation Enabled: 0, Token Valid: 1, HRESULT: 0x8007052e The suggested alternative is to use WriteFile(), however, this is problematic because it loads the file into memory. In my application, the files are 200MB, so this is not going to scale. Is there a method in ASP.NET for streaming files to users that's: scalable (doesn't read entire file into RAM or occupy ASP.NET threads) works with UNC shares Mapping a network drive as a virtual directory is not an option for us. I would like to avoid copying the file to the local web server as well. Thanks

    Read the article

  • Cannot execute a program. The command being executed "dqiitg0c.cmdline"

    - by Laxman
    i have used impersonation in this application. whenever this error occurs i required to restart the IIS.. please guide me to solve this issue. Error: Cannot execute a program. The command being executed was "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\root\c825d188\1fae8a71\dqiitg0c.cmdline". Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Runtime.InteropServices.ExternalException: Cannot execute a program. The command being executed was "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\root\c825d188\1fae8a71\dqiitg0c.cmdline".

    Read the article

  • Impersonating a user in wrong domain doesn't throw exception

    - by Rita
    I've used the common impersonation code and it worked just fine, until I inserted random 'dggdgsdg' in domain - and it worked nonetheless... if (LogonUser(Username, Domain, Password, Logon32LogonInteractive, Logon32ProviderDefault, ref existingTokenHandle) && DuplicateToken(existingTokenHandle, (int)SecurityImpersonationLevel.SecurityDelegation, ref duplicateTokenHandle)) { Identity = new WindowsIdentity(duplicateTokenHandle); ImpersonationContext = Identity.Impersonate(); } else { throw new Win32Exception(Marshal.GetLastWin32Error()); } I used some TestUser on my domain, and it worked. I then switched domain, to random nonsense 'werwerhrg', and it impersonated the TestUser on my domain! Why? I would expect an exception to be thrown, why on earth is it working?

    Read the article

  • Setting directory security to allow user and deny all

    - by Rita
    I have winforms app, in which I need to access a secured directory. I'm using impersonation and create WindowsIdentity to access the folder. My problem is writing unit tests to test the directory security; I'd like to a write a code that creates a directory secured to only ONE user, which isn't the current user running the UT (or else the test would be worthless). I know how to add permissions to a certain user, but how can I deny the rest, including admins? (in case the user running the UT is an admin) (will this be a wise thing to do?) DirectoryInfo directoryInfo = new DirectoryInfo(path); DirectorySecurity directorySecurity = directoryInfo.GetAccessControl(); directorySecurity.AddAccessRule(new FileSystemAccessRule("Domain\SecuredUser", FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow)); directorySecurity.RemoveAccessRule(new FileSystemAccessRule("??", FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Deny)); directoryInfo.SetAccessControl(directorySecurity); This isn't working. I don't know who am I supposed to deny. Domain\Admins, Domain\Administrators, me... No one is being denied, and when I check folder's security - The SecuredUser has access to the folder, but the permissions are not checked, even though I specified FullControl. Basically I want to code this: <authorization> <allow users ="Domain\User" /> <deny users="*" /> </authorization> I was thinking about impersonating UT run with a weak user with no permissions, but this would result in: Impersonate - Run UT - Impersonate - Access folder, and I'm not sure if this is the right design. Help would be greatly appreciated, thank you.

    Read the article

  • How to tell what account my webservice is running under in Visual Studio 2005

    - by John Galt
    I'm going a little nuts trying to understand the doc on impersonation and delegation and the question has come up what account my webservice is running under. I am logged as myDomainName\johna on my development workstation called JOHNXP. From Vstudio2005 I start my webservice via Debug and the wsdl page comes up in my browser. From Task Manager, I see the following while sitting at a breakpoint in my .asmx code: aspnet_wp.exe pid=1316 UserName=ASPNET devenv.exe pid=3304 UserName=johna The IIS Directory Security tab for the Virtual Directory that hosts my ws.asmx code has "Enable Anonymous access" UNCHECKED and has "Integrated Windows Authentication" CHECKED. So when the MSDN people state "you must configure the user account under which the server process runs", what would they be refering to in the case of my little webservice described above? I am quoting from: http://msdn.microsoft.com/en-us/library/aa302400.aspx Ultimately, I want this webservice of mine to impersonate whatever authenticated domain user browses through to an invoke of my webservice. My webservice in turn consumes another ASMX webservice on a different server (but same domain). I need this remote webservice to use the impersonated domain user credentials (not those of my webservice on JOHNXP). So its getting a little snarly for me to understand this and I see I am unclear about the account my web service uses. I think it is ASPNET in IIS 5.1 on WinXP but not sure.

    Read the article

  • Integrated Windows authentication in IIS causing ADO.NET failure

    - by TrueWill
    We have a .NET 3.5 Web Service running under IIS. It must use identity impersonate="true" and Integrated Windows authentication in order to authenticate to third-party software. In addition, it connects to a SQL Server database using ADO.NET and SQL Server Authentication (specifying a fixed User ID and Password in the connection string). Everything worked fine until the database was moved to another SQL Server. Then the Web Service would throw the following exception: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) This error only occurs if identity impersonate is true in the Web.config. Again, the connection string hasn't changed and it specifies the user. I have tested the connection string and it works, both under the impersonated account and under the service account (and from both the remote machine and the server). What needs to be changed to get this to work with impersonation?

    Read the article

  • How to Impersonate a user for a file copy over the network when dns or netbios is not available

    - by Scott Chamberlain
    I have ComputerA on DomainA running as userA needing to copy a very large file to ComputerB on WorkgroupB which has the ip of 192.168.10.2 to a windows share that only userB has write access to. There is no netbios or dns resolving so the computer must be refrenced by IP I first I tried AppDomain.CurrentDomain.SetPrincipalPolicy(System.Security.Principal.PrincipalPolicy.WindowsPrincipal); WindowsIdentity UserB = new WindowsIdentity("192.168.10.2\\UserB", "PasswordB"); //Execption WindowsImpersonationContext contex = UserB.Impersonate() File.Copy(@"d:\bigfile", @"\\192.168.10.2\bifgile"); contex.Undo(); but I get a System.Security.SecurityException "The name provided is not a properly formed account name." So I tried AppDomain.CurrentDomain.SetPrincipalPolicy(System.Security.Principal.PrincipalPolicy.WindowsPrincipal); WindowsIdentity webinfinty = new WindowsIdentity("ComputerB\\UserB", "PasswordB"); //Execption But I get "Logon failure: unknown user name or bad password." error instead. so then I tried IntPtr token; bool succeded = LogonUser("UserB", "192.168.10.2", "PasswordB", LogonTypes.Network, LogonProviders.Default, out token); if (!succeded) { throw new Win32Exception(Marshal.GetLastWin32Error()); } WindowsImpersonationContext contex = WindowsIdentity.Impersonate(token); (...) [DllImport("advapi32.dll", SetLastError = true)] static extern bool LogonUser( string principal, string authority, string password, LogonTypes logonType, LogonProviders logonProvider, out IntPtr token); but LogonUser returns false with the win32 error "Logon failure: unknown user name or bad password" I know my username and password are fine, I have logged on to computerB as that user. Any reccomandations

    Read the article

  • LogonUser using LOGON32_LOGON_NEW_CREDENTIALS works against remote untrusted domain machine

    - by Jiho Han
    So between the two machines, there is no trust - they are in different domains. I've successfully connected to the remote machine using LogonUser API using logon type, *LOGON32_LOGON_NEW_CREDENTIALS*. I am able to retrieve the content of a directory using the UNC share, and create a file stream to "download" the file. So far so good. The only issue is that it seems, LogonUser fails unless there is an already open session. Let me clarify that. I found that the ASP.NET MVC page was not working this morning, specifically the page that retrieves the file list from this remote machine using LogonUser. I look at the log and I see in the stacktrace, *System.IO.__Error.WinIOError* above Directory.GetFiles call. I then remoted into the web server and tried to open the remote folder in the explorer using the same login/password used by the web site. It went through and I could see the files. I opened up the command prompt, type in net use, and I see that there is an open connection to the remote machine. Then I went back to the page and suddenly the page is working again. So, at this point, I am not exactly sure if the LogonUser is working as expected or not. If the call requires that a network connection opened first by other means, then this is certainly not satisfactory. Does anyone know what may be happening or suggest a workaround?

    Read the article

  • asp.net Impersonate User for network resource access

    - by lonelycoder
    code: System.Security.Principal.WindowsImpersonationContext impersonationContext; impersonationContext = ((System.Security.Principal.WindowsIdentity)User.Identity).Impersonate(); //access network resources. impersonationContext.Undo(); web.config: <authentication mode="Windows"> </authentication> <identity impersonate="true" userName="user" password="password"></identity> As clear from web.config file, the app runs in an impersonated mode. I need to impersonate temporarily on top of that to access a network resource. I do that as shown above. This works fine on server if I browse to the website on the local IE installed on the server but when I access the app from my PC or any other PC, I get a access denied. Btw, this is all within an enterprise domain environment. so IE in both cases is passing a valid authenticated token. Any ideas what is going on. thanks.

    Read the article

  • What is the difference: LoadUserProfile -vs- RegOpenCurrentUser

    - by Will5801
    These two APIs are very similar but it is unclear what the differences are and when each should be used (Except that LoadUserProfile is specified for use with CreateProcessAsUser which I am not using. I am simply impersonating for hive accesss). LoadUserProfile http://msdn.microsoft.com/en-us/library/bb762281(VS.85).aspx RegOpenCurrentUser http://msdn.microsoft.com/en-us/library/ms724894(VS.85).aspx According to the Services & the Registry article: http://msdn.microsoft.com/en-us/library/ms685145(VS.85).aspx we should use RegOpenCurrentUser when impersonating. But what does/should RegOpenCurrentUser do if the user profile is roaming - should it load it? As far as I can tell from these docs, both APIs provide a handle to the HKEY_CURRENT_USER for the user the thread is impersonating. Therefore, they both "load" the hive i.e. lock it as a database file and give a handle to it for registry APIs. It might seem that LoadUserProfile loads the user profile in the same way as the User does when he/she logs on, whereas RegOpenCurrentUser does not - is this correct? What is the fundamental difference (if any) in how these two APIs mount the hive? What are the implications and differences (if any) between what happens IF A user logs-on or logs-off while each of these impersonated handles is already in use? A user is already logged-on when each matching close function (RegCloseKey and UnloadUserProfile) is called?

    Read the article

  • Redmon's Run As User not loading user's enviroment variables

    - by catfish
    I'm attempting to use Redmon http://www.winimage.com/misc/redmon/ to send print jobs to a custom C# application. Redmon "runs" (actually the Print Spooler) as SYSTEM but has an option to Run As User to allow your application to run under the user that printed the job. The problem is that it doesn't appear to load the user's environment. So calling functions like Path.GetTempPath() points to \windows\temp instead of the user's. Also when attempting to run Outlook 2007+ via MAPI calls (to add attachments) it reports form errors due to, I think, the temp folder location. Is there a way to "reload" a profile or atleast get your environment vars within the Impersonated application? The only ideas I've had so far is to rebuild the vars directly from the registry, but I want to avoid this since it's a hack around (avoiding implementation details and all that). Or making a stub program that Redmon calls which then properly Run As User with full profile the custom application. Any other items or tricks?

    Read the article

  • C#: Check if administrator has write access to a file

    - by Bilal Aslam
    The Problem: I need to check if a user (local user or domain user, either one is possible) has write access to a file (if you're curious, %windir%\system32\inetsrv\applicationHost.config. This file is protected by Windows and you need to be an administrator to write to it.) My Solution: The general construct is: using (Impersonator impersonator = new Impersonator(domain, username, password)) { try { using (FileStream fs = File.OpenWrite(appHostConfigPath)) { return true; } catch { return false; } } As you can imagine, the Impersonator class is an IDisposible which uses native interop to call LogonUser. Nothing too creative, and it works. Where I am stuck: On Windows OSs with UAC enabled, this function always return false even if the user specified by username is an administrator. Even though my program is running elevated as an administrator, I suspect what's happening is that the impersonated code is running as a limited administrator. Hence, the method is returning false. I don't have any creative solutions to this. Can anyone help?

    Read the article

  • Impersonate SYSTEM (or equivalent) from Administrator Account

    - by KevenK
    This question is a follow up and continuation of this question about a Privilege problem I'm dealing with currently. Problem Summary: I'm running a program under a Domain Administrator account that does not have Debug programs (SeDebugPrivilege) privilege, but I need it on the local machine. Klugey Solution: The program can install itself as a service on the local machine, and start the service. Said service now runs under the SYSTEM account, which enables us to use our SeTCBPrivilege privilege to create a new access token which does have SeDebugPrivilege. We can then use the newly created token to re-launch the initial program with the elevated rights. I personally do not like this solution. I feel it should be possible to acquire the necessary privileges as an Administrator without having to make system modifications such as installing a service (even if it is only temporary). I am hoping that there is a solution that minimizes system modifications and can preferably be done on the fly (ie: Not require restarting itself). I have unsuccessfully tried to LogonUser as SYSTEM and tried to OpenProcessToken on a known SYSTEM process (such as csrss.exe) (which fails, because you cannot OpenProcess with PROCESS_TOKEN_QUERY to get a handle to the process without the privileges I'm trying to acquire). I'm just at my wit's end trying to come up with an alternative solution to this problem. I was hoping there was an easy way to grab a privileged token on the host machine and impersonate it for this program, but I haven't found a way. If anyone knows of a way around this, or even has suggestions on things that might work, please let me know. I really appreciate the help, thanks!

    Read the article

  • Permission issue when webservice deployed as virtual directory.Works in VS IDE

    - by Shyju
    I have an ASP.NET web service which will create a text file in a path which is being passed as a parameter to the method. private void CreateFile(string path) { string strFileName = path; StreamWriter sw = new StreamWriter(strFileName, true); sw.WriteLine(""); sw.Write("Created at " + DateTime.Now.ToString()); sw.Close(); } Now I am passing a folder in the network as the parameter and calling the method CreateFile(@"\\192.168.0.40\\labels\\test.txt"); When running the code from the Visual studio IDE,the file is getting created in the path.But when i published this and deployed as a virtual directoty,Its throwing me some error like "System.UnauthorizedAccessException: Access to the path '\\192.168.0.40\labels\test.txt' is denied. at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at System.IO.StreamWriter.CreateFile(String path, Boolean append) at System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding, Int32 bufferSize) at System.IO.StreamWriter..ctor(String path, Boolean append) I have in my web.config.My machine is running in XP and the other is in Windows Server 2003 Any idea to solve this ?? Thanks in advance

    Read the article

  • Call REST service while impersonating a user that is already authorized to the glasfish server

    - by user1894489
    There are two web-applications deployed on a glassfish server. Both web applications provide a REST web service. the access to both web-services is secured via glassfish security constraints (at the moment BASIC Auth and file-realm). Let's say a user is accessing the service of web application A. After he is authorized, service A wants to call service B via REST client. Is there a way for a service to impersonate a user that is already authorized to the glasfish server? Maybe something like forwarding the security context or editing the headers? Is there another Filter? @Context private SecurityContext securityContext; username = securityContext.getUserPrincipal().getName(); password = ??? client.addFilter(new com.sun.jersey.api.client.filter.HTTPBasicAuthFilter(username, password)); Thanks!

    Read the article

  • Passing windows credentials through web application, to WCF

    - by IP
    I've checked other questions, but I can't find a working answer I have a .Net web application which successfully takes on the callers windows credentials (Thread.CurrentPrincipal is my windows user). Within that app, I call to a WCF service, but my windows identity isn't passed up. Regardless of what I put in the binding: NetTcpBinding binding = new NetTcpBinding(); binding.Security.Mode = SecurityMode.Transport; binding.Security.Transport.ClientCredentialType = TcpClientCredentialType.Windows;

    Read the article

  • Accessing a drive on remote server via app.config

    - by user349134
    I am working on a website with a scheduled dataloader exe. The website lives on the web server and the dataloader lives on the DB server. One of the steps in the process is for the dataloader to access the WEB server (to copy/paste a maintenance page file..e.g.\192.168.1.101\c$\maintenance.htm). I am, not surprisingly, running into permissions issues because the dataloader needs to be able to login to the WEB server as an admin to copy the file. Is there a way I can set up logging in (something akin to impersonating a user through an App.config?) Thanks! -KC

    Read the article

  • Can I use a attribute to make .net impersonate another user?

    - by Rising Star
    I am familiar with impersonating an account in .net by using: dim myIdentity as WindowsIdentity = someIdentity using ctx as WindowsImpersonationContext = myIdentity.Impersonate() doStuff() end using Is it possible to define a .net attribute so that I could write something like: < runAsUser(someIdentity) public sub doStuff() and then have the .net framework always impersonate when running the method doStuff()?

    Read the article

  • Accessing network shares through ASP.Net

    - by jkrebsbach
    In my impersonation enabled web site I needed to access files on a network share.  Running locally, everything worked fine. After deploying out to the dev server and hitting the web site from my PC, things fell apart. With impersonation enabled, we can access files on the server itself, but a network share is another story.  Accessing a share on another server, we encounter the infamous "double hop" situation, were the credentials have already been digested on the web server and are not available for the file server. We need to either expose the shared files to the identity IIS is running under, or create a new impersonation context.

    Read the article

  • Start/Stop Window Service from ASP.NET page

    - by kaushalparik27
    Last week, I needed to complete one task on which I am going to blog about in this entry. The task is "Create a control panel like webpage to control (Start/Stop) Window Services which are part of my solution installed on computer where the main application is hosted". Here are the important points to accomplish:[1] You need to add System.ServiceProcess reference in your application. This namespace holds ServiceController Class to access the window service.[2] You need to check the status of the window services before you explicitly start or stop it.[3] By default, IIS application runs under ASP.NET account which doesn't have access rights permission to window service. So, Very Important part of the solution is: Impersonation. You need to impersonate the application/part of the code with the User Credentials which is having proper rights and permission to access the window service. If you try to access window service it will generate "access denied" error.The alternatives are: You can either impersonate whole application by adding Identity tag in web.cofig as:        <identity impersonate="true" userName="" password=""/>This tag will be under System.Web section. the "userName" and "password" will be the credentials of the user which is having rights to access the window service. But, this would not be a wise and good solution; because you may not impersonate whole website like this just to have access window service (which is going to be a small part of code).Second alternative is: Only impersonate part of code where you need to access the window service to start or stop it. I opted this one. But, to be fair; I am really unaware of the code part for impersonation. So, I just googled it and injected the code in my solution in a separate class file named as "Impersonate" with required static methods. In Impersonate class; impersonateValidUser() is the method to impersonate a part of code and undoImpersonation() is the method to undo the impersonation. Below is one example:  You need to provide domain name (which is "." if you are working on your home computer), username and password of appropriate user to impersonate.[4] Here, it is very important to note that: You need to have to store the Access Credentials (username and password) which you are going to user for impersonation; to some secured and encrypted format. I have used Machinekey Encryption to store the value encrypted value inside database.[5] So now; The real part is to start or stop a window service. You are almost done; because ServiceController class has simple Start() and Stop() methods to start or stop a window service. A ServiceController class has parametrized constructor that takes name of the service as parameter.Code to Start the window service: Code to Stop the window service: Isn't that too easy! ServiceController made it easy :) I have attached a working example with this post here to start/stop "SQLBrowser" service where you need to provide proper credentials who have permission to access to window service.  hope it would helps./.

    Read the article

  • The WaitForAll Roadshow

    - by adweigert
    OK, so I took for granted some imaginative uses of WaitForAll but lacking that, here is how I am using. First, I have a nice little class called Parallel that allows me to spin together a list of tasks (actions) and then use WaitForAll, so here it is, WaitForAll's 15 minutes of fame ... First Parallel that allows me to spin together several Action delegates to execute, well in parallel.   public static class Parallel { public static ParallelQuery Task(Action action) { return new Action[] { action }.AsParallel(); } public static ParallelQuery> Task(Action action) { return new Action[] { action }.AsParallel(); } public static ParallelQuery Task(this ParallelQuery actions, Action action) { var list = new List(actions); list.Add(action); return list.AsParallel(); } public static ParallelQuery> Task(this ParallelQuery> actions, Action action) { var list = new List>(actions); list.Add(action); return list.AsParallel(); } }   Next, this is an example usage from an app I'm working on that just is rendering some basic computer information via WMI and performance counters. The WMI calls can be expensive given the distance and link speed of some of the computers it will be trying to communicate with. This is the actual MVC action from my controller to return the data for an individual computer.  public PartialViewResult Detail(string computerName) { var computer = this.Computers.Get(computerName); var perf = Factory.GetInstance(); var detail = new ComputerDetailViewModel() { Computer = computer }; try { var work = Parallel .Task(delegate { // Win32_ComputerSystem var key = computer.Name + "_Win32_ComputerSystem"; var system = this.Cache.Get(key); if (system == null) { using (var impersonation = computer.ImpersonateElevatedIdentity()) { system = computer.GetWmiContext().GetInstances().Single(); } this.Cache.Set(key, system); } detail.TotalMemory = system.TotalPhysicalMemory; detail.Manufacturer = system.Manufacturer; detail.Model = system.Model; detail.NumberOfProcessors = system.NumberOfProcessors; }) .Task(delegate { // Win32_OperatingSystem var key = computer.Name + "_Win32_OperatingSystem"; var os = this.Cache.Get(key); if (os == null) { using (var impersonation = computer.ImpersonateElevatedIdentity()) { os = computer.GetWmiContext().GetInstances().Single(); } this.Cache.Set(key, os); } detail.OperatingSystem = os.Caption; detail.OSVersion = os.Version; }) // Performance Counters .Task(delegate { using (var impersonation = computer.ImpersonateElevatedIdentity()) { detail.AvailableBytes = perf.GetSample(computer, "Memory", "Available Bytes"); } }) .Task(delegate { using (var impersonation = computer.ImpersonateElevatedIdentity()) { detail.TotalProcessorUtilization = perf.GetValue(computer, "Processor", "% Processor Time", "_Total"); } }).WithExecutionMode(ParallelExecutionMode.ForceParallelism); if (!work.WaitForAll(TimeSpan.FromSeconds(15), task => task())) { return PartialView("Timeout"); } } catch (Exception ex) { this.LogException(ex); return PartialView("Error.ascx"); } return PartialView(detail); }

    Read the article

  • TFS 2012 API Create Alert Subscriptions

    - by Bob Hardister
    Originally posted on: http://geekswithblogs.net/BobHardister/archive/2013/07/24/tfs-2012-api-create-alert-subscriptions.aspxThere were only a few post on this and I felt like really important information was left out: What the defaults are How to create the filter string Here’s the code to create the subscription. Get the Collection public TfsTeamProjectCollection GetCollection(string collectionUrl) { try { //connect to the TFS collection using the active user TfsTeamProjectCollection tpc = new TfsTeamProjectCollection(new Uri(collectionUrl)); tpc.EnsureAuthenticated(); return tpc; } catch (Exception) { return null; } } Use Impersonation Because my app is used to create “support tickets” as stories in TFS, I use impersonation so the subscription is setup for the “requester.”  That way I can take all the defaults for the subscription delivery preferences. public TfsTeamProjectCollection GetCollectionImpersonation(string collectionUrl, string impersonatingUserAccount) { // see: http://blogs.msdn.com/b/taylaf/archive/2009/12/04/introducing-tfs-impersonation.aspx try { TfsTeamProjectCollection tpc = GetCollection(collectionUrl); if (!(tpc == null)) { //get the TFS identity management service (v2 is 2012 only) IIdentityManagementService2 ims = tpc.GetService<IIdentityManagementService2>(); //look up the user we want to impersonate TeamFoundationIdentity identity = ims.ReadIdentity(IdentitySearchFactor.AccountName, impersonatingUserAccount, MembershipQuery.None, ReadIdentityOptions.None); //create a new connection using the impersonated user account //note: do not ensure authentication because the impersonated user may not have //windows authentication at execution if (!(identity == null)) { TfsTeamProjectCollection itpc = new TfsTeamProjectCollection(tpc.Uri, identity.Descriptor); return itpc; } else { //the user account is not found return null; } } else { return null; } } catch (Exception) { return null; } } Create the Alert Subscription public bool SetWiAlert(string collectionUrl, string projectName, int wiId, string emailAddress, string userAccount) { bool setSuccessful = false; try { //use impersonation so the event service creating the subscription will default to //the correct account: otherwise domain ambiguity could be a problem TfsTeamProjectCollection itpc = GetCollectionImpersonation(collectionUrl, userAccount); if (!(itpc == null)) { IEventService es = itpc.GetService(typeof(IEventService)) as IEventService; DeliveryPreference deliveryPreference = new DeliveryPreference(); //deliveryPreference.Address = emailAddress; deliveryPreference.Schedule = DeliverySchedule.Immediate; deliveryPreference.Type = DeliveryType.EmailHtml; //the following line does not work for two reasons: //string filter = string.Format("\"ID\" = '{0}' AND \"Authorized As\" <> '[Me]'", wiId); //1. the create fails because there is a space between Authorized As //2. the explicit query criteria are all incorrect anyway // see uncommented line for what does work: you have to create the subscription mannually // and then get it to view what the filter string needs to be (see following commented code) //this works string filter = string.Format("\"CoreFields/IntegerFields/Field[Name='ID']/NewValue\" = '12175'" + " AND \"CoreFields/StringFields/Field[Name='Authorized As']/NewValue\"" + " <> '@@MyDisplayName@@'", projectName, wiId); string eventName = string.Format("<PT N=\"ALM Ticket for Work Item {0}\"/>", wiId); es.SubscribeEvent("WorkItemChangedEvent", filter, deliveryPreference, eventName); ////use this code to get existing subscriptions: you can look at manually created ////subscriptions to see what the filter string needs to be //IIdentityManagementService2 ims = itpc.GetService<IIdentityManagementService2>(); //TeamFoundationIdentity identity = ims.ReadIdentity(IdentitySearchFactor.AccountName, // userAccount, // MembershipQuery.None, // ReadIdentityOptions.None); //var existingsubscriptions = es.GetEventSubscriptions(identity.Descriptor); setSuccessful = true; return setSuccessful; } else { return setSuccessful; } } catch (Exception) { return setSuccessful; } }

    Read the article

  • Not able to access UNC share after doing the Imperosnation

    - by Nitin Jain
    We have to access a network UNC share which is say allowing access to USER1. Our exe is running with LOCAL SYSTEM account. In the exe, we do Impersonation with "USER1" credentials so that exe can access UNC share. But after doing the impersonation, we are still getting error "Access denied" while accessing that UNC share. After the impersonation, we are enabling following privileges on the Impersonated thread: SE_BACKUP_NAME SE_CHANGE_NOTIFY_NAME SE_CREATE_GLOBAL_NAME SE_DEBUG_NAME SE_IMPERSONATE_NAME SE_RESTORE_NAME SE_SECURITY_NAME SE_TAKE_OWNERSHIP_NAME SE_TCB_NAME Do we need to enable any other privileges or we are missing something else? Thanks -- Nitin

    Read the article

< Previous Page | 1 2 3 4 5 6 7  | Next Page >