Search Results

Search found 173 results on 7 pages for 'impersonation'.

Page 5/7 | < Previous Page | 1 2 3 4 5 6 7  | Next Page >

  • How to OpenWebConfiguration with physical path?

    - by aron
    hi, I have a win form that creates a site in IIS7. One function needs to open the web.config file and make a few updates. (connection string, smtp, impersonation) However I do not have the virtual path, just the physical path. Is there any way I can still use WebConfigurationManager? I need to use it's ability to find section and read/write. System.Web.Configuration.WebConfigurationManager.OpenWebConfiguration Thanks!!

    Read the article

  • IIS7 folder permissions for web application

    - by Andrew
    I am using windows authentication without impersonation on my company's intranet website with IIS7. Under IIS7, what account is used to access the folder which contains my web app using these settings? Would it be IIS_IUSRS? Or NETWORK SERVICE? Or another I don't know about?

    Read the article

  • Failure with LogonUser in MC++

    - by Alikar
    After fighting with this for a week I have not really gotten anywhere in why it constantly fails in my code, but not in other examples. My code, which while it compiles, will not log into a user that I know has the correct login information. Where it fails is the following line: wi = gcnew WindowsIdentity(token); It fails here because the token is zero, meaning that it was never set to a user token. Here is my full code: #ifndef UNCAPI_H #define UNCAPI_H #include <windows.h> #pragma once using namespace System; using namespace System::Runtime::InteropServices; using namespace System::Security::Principal; using namespace System::Security::Permissions; namespace UNCAPI { public ref class UNCAccess { public: //bool Logon(String ^_srUsername, String ^_srDomain, String ^_srPassword); [PermissionSetAttribute(SecurityAction::Demand, Name = "FullTrust")] bool Logon(String ^_srUsername, String ^_srDomain, String ^_srPassword) { bool bSuccess = false; token = IntPtr(0); bSuccess = LogonUser(_srUsername, _srDomain, _srPassword, 8, 0, &tokenHandle); if(bSuccess) { wi = gcnew WindowsIdentity(token); wic = wi->Impersonate(); } return bSuccess; } void UNCAccess::Logoff() { if (wic != nullptr ) { wic->Undo(); } CloseHandle((int*)token.ToPointer()); } private: [DllImport("advapi32.dll", SetLastError=true)]//[DllImport("advapi32.DLL", EntryPoint="LogonUserW", SetLastError=true, CharSet=CharSet::Unicode, ExactSpelling=true, CallingConvention=CallingConvention::StdCall)] bool static LogonUser(String ^lpszUsername, String ^lpszDomain, String ^lpszPassword, int dwLogonType, int dwLogonProvider, IntPtr *phToken); [DllImport("KERNEL32.DLL", EntryPoint="CloseHandle", SetLastError=true, CharSet=CharSet::Unicode, ExactSpelling=true, CallingConvention=CallingConvention::StdCall)] bool static CloseHandle(int *handle); IntPtr token; WindowsIdentity ^wi; WindowsImpersonationContext ^wic; };// End of Class UNCAccess }// End of Name Space #endif UNCAPI_H Now using this slightly modified example from Microsoft I was able to get a login and a token: #using <mscorlib.dll> #using <System.dll> using namespace System; using namespace System::Runtime::InteropServices; using namespace System::Security::Principal; using namespace System::Security::Permissions; [assembly:SecurityPermissionAttribute(SecurityAction::RequestMinimum, UnmanagedCode=true)] [assembly:PermissionSetAttribute(SecurityAction::RequestMinimum, Name = "FullTrust")]; [DllImport("advapi32.dll", SetLastError=true)] bool LogonUser(String^ lpszUsername, String^ lpszDomain, String^ lpszPassword, int dwLogonType, int dwLogonProvider, IntPtr* phToken); [DllImport("kernel32.dll", CharSet=System::Runtime::InteropServices::CharSet::Auto)] int FormatMessage(int dwFlags, IntPtr* lpSource, int dwMessageId, int dwLanguageId, String^ lpBuffer, int nSize, IntPtr *Arguments); [DllImport("kernel32.dll", CharSet=CharSet::Auto)] bool CloseHandle(IntPtr handle); [DllImport("advapi32.dll", CharSet=CharSet::Auto, SetLastError=true)] bool DuplicateToken(IntPtr ExistingTokenHandle, int SECURITY_IMPERSONATION_LEVEL, IntPtr* DuplicateTokenHandle); // GetErrorMessage formats and returns an error message // corresponding to the input errorCode. String^ GetErrorMessage(int errorCode) { int FORMAT_MESSAGE_ALLOCATE_BUFFER = 0x00000100; int FORMAT_MESSAGE_IGNORE_INSERTS = 0x00000200; int FORMAT_MESSAGE_FROM_SYSTEM = 0x00001000; //int errorCode = 0x5; //ERROR_ACCESS_DENIED //throw new System.ComponentModel.Win32Exception(errorCode); int messageSize = 255; String^ lpMsgBuf = ""; int dwFlags = FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS; IntPtr ptrlpSource = IntPtr::Zero; IntPtr prtArguments = IntPtr::Zero; int retVal = FormatMessage(dwFlags, &ptrlpSource, errorCode, 0, lpMsgBuf, messageSize, &prtArguments); if (0 == retVal) { throw gcnew Exception(String::Format( "Failed to format message for error code {0}. ", errorCode)); } return lpMsgBuf; } // Test harness. // If you incorporate this code into a DLL, be sure to demand FullTrust. [PermissionSetAttribute(SecurityAction::Demand, Name = "FullTrust")] int main() { IntPtr tokenHandle = IntPtr(0); IntPtr dupeTokenHandle = IntPtr(0); try { String^ userName; String^ domainName; // Get the user token for the specified user, domain, and password using the // unmanaged LogonUser method. // The local machine name can be used for the domain name to impersonate a user on this machine. Console::Write("Enter the name of the domain on which to log on: "); domainName = Console::ReadLine(); Console::Write("Enter the login of a user on {0} that you wish to impersonate: ", domainName); userName = Console::ReadLine(); Console::Write("Enter the password for {0}: ", userName); const int LOGON32_PROVIDER_DEFAULT = 0; //This parameter causes LogonUser to create a primary token. const int LOGON32_LOGON_INTERACTIVE = 2; const int SecurityImpersonation = 2; tokenHandle = IntPtr::Zero; dupeTokenHandle = IntPtr::Zero; // Call LogonUser to obtain a handle to an access token. bool returnValue = LogonUser(userName, domainName, Console::ReadLine(), LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, &tokenHandle); Console::WriteLine("LogonUser called."); if (false == returnValue) { int ret = Marshal::GetLastWin32Error(); Console::WriteLine("LogonUser failed with error code : {0}", ret); Console::WriteLine("\nError: [{0}] {1}\n", ret, GetErrorMessage(ret)); int errorCode = 0x5; //ERROR_ACCESS_DENIED throw gcnew System::ComponentModel::Win32Exception(errorCode); } Console::WriteLine("Did LogonUser Succeed? {0}", (returnValue?"Yes":"No")); Console::WriteLine("Value of Windows NT token: {0}", tokenHandle); // Check the identity. Console::WriteLine("Before impersonation: {0}", WindowsIdentity::GetCurrent()->Name); bool retVal = DuplicateToken(tokenHandle, SecurityImpersonation, &dupeTokenHandle); if (false == retVal) { CloseHandle(tokenHandle); Console::WriteLine("Exception thrown in trying to duplicate token."); return -1; } // The token that is passed to the following constructor must // be a primary token in order to use it for impersonation. WindowsIdentity^ newId = gcnew WindowsIdentity(dupeTokenHandle); WindowsImpersonationContext^ impersonatedUser = newId->Impersonate(); // Check the identity. Console::WriteLine("After impersonation: {0}", WindowsIdentity::GetCurrent()->Name); // Stop impersonating the user. impersonatedUser->Undo(); // Check the identity. Console::WriteLine("After Undo: {0}", WindowsIdentity::GetCurrent()->Name); // Free the tokens. if (tokenHandle != IntPtr::Zero) CloseHandle(tokenHandle); if (dupeTokenHandle != IntPtr::Zero) CloseHandle(dupeTokenHandle); } catch(Exception^ ex) { Console::WriteLine("Exception occurred. {0}", ex->Message); } Console::ReadLine(); }// end of function Why should Microsoft's code succeed, where mine fails?

    Read the article

  • Cube project doesn't work because of permissions

    - by sms
    I'm doing "Multidimensional Project" with MS SQL Server 2012 (Server Data Tools - Visual Studio 2010 Shell). I can't run (debug) it. If the data source's impersonation information is set to "use the service account", this error occures: Error 2 Internal error: The operation terminated unsuccessfully. 0 0 Error 3 OLE DB error: OLE DB or ODBC error: Login failed for user 'NT Service\MSSQLServerOLAPService'.; 28000. 0 0 Error 4 Errors in the high-level relational engine. A connection could not be made to the data source with the DataSourceID of 'Data Warehouse', Name of 'Data Warehouse'. 0 0 Error 5 Errors in the OLAP storage engine: An error occurred while the dimension, with the ID of 'Items', Name of 'Items' was being processed. 0 0 Error 6 Errors in the OLAP storage engine: An error occurred while the 'Id' attribute of the 'Items' dimension from the 'Warehouse_MultidimensionalProject_Cube' database was being processed. 0 0 Error 7 Server: The current operation was cancelled because another operation in the transaction failed. 0 0 I guessed that this account has no premissions but (1) I coudn't even add this account (it seems that it doesn't exist) and (2) how is that even possible for it to not have built-it poremissions? When I'm setting impersonation to "use the credentials of current user" (which is the owner of the data source, btw.), another error occures: Error 2 Internal error: The operation terminated unsuccessfully. 0 0 Error 3 The datasource, 'Data Warehouse', contains an ImpersonationMode that is not supported for processing operations. 0 0 Error 4 Errors in the high-level relational engine. A connection could not be made to the data source with the DataSourceID of 'Data Warehouse', Name of 'Data Warehouse'. 0 0 Error 5 Errors in the OLAP storage engine: An error occurred while the dimension, with the ID of 'Items', Name of 'Items' was being processed. 0 0 Error 6 Errors in the OLAP storage engine: An error occurred while the 'Id' attribute of the 'Items' dimension from the 'Warehouse_MultidimensionalProject_Cube' database was being processed. 0 0 Error 7 Server: The current operation was cancelled because another operation in the transaction failed. 0 0 Any help?

    Read the article

  • What privileges do I need?

    - by IAbstract
    I have a Windows service that isn't writing to the Application Event log under UserAccount. When the service is set to use AdminAccount, the Security log reports the following attributes: Under UserAccount, the only privilege reported is SeImpersonatePrivilege. Is there a security impersonation that I can implement to give the UserAccount the ability to write to the Application Event log? I would prefer to use the UserAccount for this service rather than the AdminAccount.

    Read the article

  • WebSockets authentication

    - by Tomi
    What are the possible ways to authenticate user when websocket connection is used? Example scenario: Web based multi-user chat application through encrypted websocket connection. How can I ensure (or guarantee) that each connection in this application belongs to certain authenticated user and "can't be" exploited by false user impersonation during the connection.

    Read the article

  • Possible ways to keep XP admin password encrypted using c#

    - by srk
    My application runs on windows XP restricted user account. The application needs Domain Name, Admin User ID, Admin Password in order to work out with Impersonation class for executing some piece of code with admin privileges. The Admin will also change the Password every 90 days. Due to security reasons, i cannot maintain the admin credentials in my app.config file. What else would be best idea ?

    Read the article

  • Kerberos: connection from win app running from IIS to SQL failed

    - by Mikhail Kislitsyn
    I have an IIS web-application with Windows authentication and impersonation. This application connects to SQL server. In this case Kerberos works fine. But there is a problem. Web-application runs windows application (not .NET), which also connects to the SQL server. Windows application runs with IIS app user credentials and impersonates current site user to connect to SQL server. scheme: http://i.stack.imgur.com/2cgv7.png When delegation for IIS user is set to "Trust this computer for delegation to any service" everything works fine. But I can't use this type of delegation according to security requirements. When I set delegation to "Specific services" and choose MSSQLSvc SPN, connection from windows application fails with "ANONIMOUS" fault. WireShark shows "KRB5KDC_ERR_BADOPTION" packet. What I'm doing wrong?

    Read the article

  • Windows Authentication Website Asking for Credentials

    - by ChrisHDog
    I have a website that has ASP.Net Impersonation Enabled and Windows Authentication Enabled. When navigating to that site using IE8 with "Enable Integrated Windows Authentication" (under Tools - Internet Options - Advanced) checked, the browser pops-up a "Windows Security" dialog box asking for User name and Password. My understanding was that this was automatically passed through and I would not need to type in those details. Additional Information: If I uncheck "Enable Integrated Windows Authentication" I do not get the pop-up window and it appears to work was intended (though that is the opposite of what I would be expecting) If I enable Windows Authentication in Firefox I do not get the pop-up window (i.e. works as intended) Are there some settings or similar that could have been set to create this behavior? Or has anyone else seen similar behavior and know how to fix?

    Read the article

  • Viewpoint gem and Exchange resource account

    - by scott.simpson
    Hi- I'm trying my hand at using the Viewpoint gem (by zenchild @ github) as the base for a meeting scheduling system. It's great at reading calendar information from regular Exchange 2007 accounts, but I got stuck trying to change the SOAP request header to allow me to read resource accounts as a delegate. I came across http://blogs.msdn.com/b/mstehle/archive/2009/06/16/exchange-api-team-blog-exchange-impersonation-vs-delegate-access.aspx and it seems to be what I need, and I have the feeling I'm on the edge of getting it working, but I'm just not quite there yet as a ruby programmer. Any help would be appreciated... Thanks!

    Read the article

  • Is it necessary for a Windows Server 2008 R2 to join a domain so that its IIS can communicate correctly?

    - by Jack
    I have a Windows Server 2008 R2 that is not join to any domain. I have developed an web application that will display the domain name and the username on the server itself. However, when I publish my web application to IIS, it always fail and display different types of error messages (because I change settings such as Enabled ASP.NET Impersonation, Disable Anonymous Authentication, Set Application Pool to Classic and so on) So, I was wondering if it is necessary for the Server to join in a domain so that I can reduce any unnecessary error message and be able to zoom into the correct direction?

    Read the article

  • SQL SERVER – Weekly Series – Memory Lane – #049

    - by Pinal Dave
    Here is the list of selected articles of SQLAuthority.com across all these years. Instead of just listing all the articles I have selected a few of my most favorite articles and have listed them here with additional notes below it. Let me know which one of the following is your favorite article from memory lane. 2007 Two Connections Related Global Variables Explained – @@CONNECTIONS and @@MAX_CONNECTIONS @@CONNECTIONS Returns the number of attempted connections, either successful or unsuccessful since SQL Server was last started. @@MAX_CONNECTIONS Returns the maximum number of simultaneous user connections allowed on an instance of SQL Server. The number returned is not necessarily the number currently configured. Query Editor – Microsoft SQL Server Management Studio This post may be very simple for most of the users of SQL Server 2005. Earlier this year, I have received one question many times – Where is Query Analyzer in SQL Server 2005? I wrote small post about it and pointed many users to that post – SQL SERVER – 2005 Query Analyzer – Microsoft SQL SERVER Management Studio. Recently I have been receiving similar question. OUTPUT Clause Example and Explanation with INSERT, UPDATE, DELETE SQL Server 2005 has a new OUTPUT clause, which is quite useful. OUTPUT clause has access to insert and deleted tables (virtual tables) just like triggers. OUTPUT clause can be used to return values to client clause. OUTPUT clause can be used with INSERT, UPDATE, or DELETE to identify the actual rows affected by these statements. OUTPUT clause can generate a table variable, a permanent table, or temporary table. Even though, @@Identity will still work with SQL Server 2005, however I find the OUTPUT clause very easy and powerful to use. Let us understand the OUTPUT clause using an example. Find Name of The SQL Server Instance Based on database server stored procedures has to run different logic. We came up with two different solutions. 1) When database schema is very much changed, we wrote completely new stored procedure and deprecated older version once it was not needed. 2) When logic depended on Server Name we used global variable @@SERVERNAME. It was very convenient while writing migrating script which depended on the server name for the same database. Explanation of TRY…CATCH and ERROR Handling With RAISEERROR Function One of the developers at my company thought that we can not use the RAISEERROR function in new feature of SQL Server 2005 TRY… CATCH. When asked for an explanation he suggested SQL SERVER – 2005 Explanation of TRY… CATCH and ERROR Handling article as excuse suggesting that I did not give example of RAISEERROR with TRY…CATCH. We all thought it was funny. Just to keep records straight, TRY… CATCH can sure use RAISEERROR function. Different Types of Cache Objects Serveral kinds of objects can be stored in the procedure cache: Compiled Plans: When the query optimizer finishes compiling a query plan, the principal output is compiled plan. Execution contexts: While executing a compiled plan, SQL Server has to keep track of information about the state of execution. Cursors: Cursors track the execution state of server-side cursors, including the cursor’s current location within a resultset. Algebrizer trees: The Algebrizer’s job is to produce an algebrizer tree, which represents the logic structure of a query. Open SSMS From Command Prompt – sqlwb.exe Example This article is written by request and suggestion of Sr. Web Developer at my organization. Due to the nature of this article most of the content is referred from Book On-Line. sqlwbcommand prompt utility which opens SQL Server Management Studio. Squib command does not run queries from the command prompt. sqlcmd utility runs queries from command prompt, read for more information. 2008 Puzzle – Solution – Computed Columns Datatype Explanation Just a day before I wrote article SQL SERVER – Puzzle – Computed Columns Datatype Explanation which was inspired by SQL Server MVP Jacob Sebastian. I suggest that before continuing this article read the original puzzle question SQL SERVER – Puzzle – Computed Columns Datatype Explanation.The question was if the computed column was of datatype TINYINT how to create a Computed Column of datatype INT? 2008 – Find If Index is Being Used in Database It is very often I get a query that how to find if any index is being used in the database or not. If any database has many indexes and not all indexes are used it can adversely affect performance. If the number of indices are higher it reduces the INSERT / UPDATE / DELETE operation but increase the SELECT operation. It is recommended to drop any unused indexes from table to improve the performance. 2009 Interesting Observation – Execution Plan and Results of Aggregate Concatenation Queries If you want to see what’s going on here, I think you need to shift your point of view from an implementation-centric view to an ANSI point of view. ANSI does not guarantee processing the order. Figure 2 is interesting, but it will be potentially misleading if you don’t understand the ANSI rule-set SQL Server operates under in most cases. Implementation thinking can certainly be useful at times when you really need that multi-million row query to finish before the backup fire off, but in this case, it’s counterproductive to understanding what is going on. SQL Server Management Studio and Client Statistics Client Statistics are very important. Many a times, people relate queries execution plan to query cost. This is not a good comparison. Both parameters are different, and they are not always related. It is possible that the query cost of any statement is less, but the amount of the data returned is considerably larger, which is causing any query to run slow. How do we know if any query is retrieving a large amount data or very little data? 2010 I encourage all of you to go through complete series and write your own on the subject. If you write an article and send it to me, I will publish it on this blog with due credit to you. If you write on your own blog, I will update this blog post pointing to your blog post. SQL SERVER – ORDER BY Does Not Work – Limitation of the View 1 SQL SERVER – Adding Column is Expensive by Joining Table Outside View – Limitation of the View 2 SQL SERVER – Index Created on View not Used Often – Limitation of the View 3 SQL SERVER – SELECT * and Adding Column Issue in View – Limitation of the View 4 SQL SERVER – COUNT(*) Not Allowed but COUNT_BIG(*) Allowed – Limitation of the View 5 SQL SERVER – UNION Not Allowed but OR Allowed in Index View – Limitation of the View 6 SQL SERVER – Cross Database Queries Not Allowed in Indexed View – Limitation of the View 7 SQL SERVER – Outer Join Not Allowed in Indexed Views – Limitation of the View 8 SQL SERVER – SELF JOIN Not Allowed in Indexed View – Limitation of the View 9 SQL SERVER – Keywords View Definition Must Not Contain for Indexed View – Limitation of the View 10 SQL SERVER – View Over the View Not Possible with Index View – Limitations of the View 11 SQL SERVER – Get Query Running in Session I was recently looking for syntax where I needed a query running in any particular session. I always remembered the syntax and ha d actually written it down before, but somehow it was not coming to mind quickly this time. I searched online and I ended up on my own article written last year SQL SERVER – Get Last Running Query Based on SPID. I felt that I am getting old because I forgot this really simple syntax. Find Total Number of Transaction on Interval In one of my recent Performance Tuning assignments I was asked how do someone know how many transactions are happening on a server during certain interval. I had a handy script for the same. Following script displays transactions happened on the server at the interval of one minute. You can change the WAITFOR DELAY to any other interval and it should work. 2011 Here are two DMV’s which are newly introduced in SQL Server 2012 and provides vital information about SQL Server. DMV – sys.dm_os_volume_stats – Information about operating system volume DMV – sys.dm_os_windows_info – Information about Operating System SQL Backup and FTP – A Quick and Handy Tool I have used this tool extensively since 2009 at numerous occasion and found it to be very impressive. What separates it from the crowd the most – it is it’s apparent simplicity and speed. When I install SQLBackupAndFTP and configure backups – all in 1 or 2 minutes, my clients are always impressed. Quick Note about JOIN – Common Questions and Simple Answers In this blog post we are going to talk about join and lots of things related to the JOIN. I recently started office hours to answer questions and issues of the community. I receive so many questions that are related to JOIN. I will share a few of the same over here. Most of them are basic, but note that the basics are of great importance. 2012 Importance of User Without Login Question: “In recent version of SQL Server we can create user without login. What is the use of it?” Great question indeed. Let me first attempt to answer this question but after reading my answer I need your help. I want you to help him as well with adding more value to it. Preserve Leading Zero While Coping to Excel from SSMS Earlier I wrote two articles about how to efficiently copy data from SSMS to Excel. Since I wrote that post there are plenty of interest generated on this subject. There are a few questions I keep on getting over this subject. One of the question is how to get the leading zero preserved while copying the data from SSMS to Excel. Well it is almost the same way as my earlier post SQL SERVER – Excel Losing Decimal Values When Value Pasted from SSMS ResultSet. The key here is in EXCEL and not in SQL Server. Solution – 2 T-SQL Puzzles – Display Star and Shortest Code to Display 1 Earlier on this blog we had asked two puzzles. The response from all of you is nothing but Amazing. I have received 350+ responses. Many are valid and many were indeed something I had not thought about it. I strongly suggest you read all the puzzles and their answers here - trust me if you start reading the comments you will not stop till you read every single comment. Seriously trust me on it. Personally I have learned a lot from it. Identify Most Resource Intensive Queries – SQL in Sixty Seconds #028 – Video http://www.youtube.com/watch?v=TvlYy-TGaaA Importance of User Without Login – T-SQL Demo Script Earlier I wrote a blog post about SQL SERVER – Importance of User Without Login and my friend and SQL Expert Vinod Kumar has written excellent follow up blog post about Contained Databases inside SQL Server 2012. Now lots of people asked me if I can also explain the same concept again so here is the small demonstration for it. Let me show you how login without user can help. Before we continue on this subject I strongly recommend that you read my earlier blog post here. In following demo I am going to demonstrate following situation. Login using the System Admin account Create a user without login Checking Access Impersonate the user without login Checking Access Revert Impersonation Give Permission to user without login Impersonate the user without login Checking Access Revert Impersonation Clean up Reference: Pinal Dave (http://blog.sqlauthority.com) Filed under: Memory Lane, PostADay, SQL, SQL Authority, SQL Query, SQL Server, SQL Tips and Tricks, T SQL, Technology

    Read the article

  • xcopy file, suppress &ldquo;Does xxx specify a file name&hellip;&rdquo; message

    - by MarkPearl
    Today we had an interesting problem with file copying. We wanted to use xcopy to copy a file from one location to another and rename the copied file but do this impersonating another user. Getting the impersonation to work was fairly simple, however we then had the challenge of getting xcopy to work. The problem was that xcopy kept prompting us with a prompt similar to the following… Does file.xxx specify a file name or directory name on the target (F = file, D = directory)? At which point we needed to press ‘Y’. This seems to be a fairly common challenge with xcopy, as illustrated by the following stack overflow link… One of the solutions was to do the following… echo f | xcopy /f /y srcfile destfile This is fine if you are running from the command prompt, but if you are triggering this from c# how could we daisy chain a bunch of commands…. The solution was fairly simple, we eventually ended up with the following method… public void Copy(string initialFile, string targetFile) { string xcopyExe = @"C:\windows\system32\xcopy.exe"; string cmdExe = @"C:\windows\system32\cmd.exe"; ProcessStartInfo p = new ProcessStartInfo(); p.FileName = cmdExe; p.Arguments = string.Format(@"/c echo f | {2} {0} {1} /Y", initialFile, targetFile, xcopyExe); Process.Start(p); } Where we wrapped the commands we wanted to chain as arguments and instead of calling xcopy directly, we called cmd.exe passing xcopy as an argument.

    Read the article

  • Partner Webcast - Oracle WebCenter: Portal Highlights - 31 Oct 2013

    - by Thanos Terentes Printzios
    Oracle WebCenter is the center of engagement for business. In order to succeed in today’s economy, organizations need to engage with information across all channels to ensure customers, partners and employees have access to the right information in the context of the business process in which they are engaged. The latest release of Oracle WebCenter addresses this challenge with updates across its complete portfolio.Nowadays, Portals are multi-channel applications that enable the creation, sharing and distribution of personalized content, as well as access to social networking and self-service capabilities. Web 2.0 and social technologies have already transformed the ways customers, employees, partners, and suppliers communicate and stay informed.The new release of Oracle WebCenter Portal makes it easier and faster for business users to create intuitive portals with integrated application content Streamlining development with an integrated set of tools for web and mobile. Providing out-of-the box templates for common use cases. Expediting the portal creation experience with new development tools empower business users to build and deploy mobile portals and websites with unprecedented speed—without having to wait for IT which leads to a shorter time to market and reduced costs. Join us to discover a Web platform that allows organizations to quickly and easily create intranets, extranets, composite applications, and self-service portals, providing users a more secure and efficient way of consuming information and interacting with applications, processes, and other users – the latest Oracle WebCenter Portal release 11gR1 PS7. Agenda Oracle WebCenter Overview Oracle WebCenter Portal New and enhanced features to improve the user experience: For Knowledge Workers Simplified Portal Creation Search Enhancements For Application Specialists New Portal Builder Simplify Mobile Development For Developers : Enhanced APIs and ADF Support For Administrators Lifecycle Enhancements Search Administration Impersonation Summary - Q&A This is our first webcast of an Oracle Webcenter Series for Partners, with the support of  Oracle EMEA Webcenter Partner Community. Delivery Format This FREE online LIVE eSeminar will be delivered over the Web. Registrations received less than 24hours prior to start time may not receive confirmation to attend. New invitations will be shared of additional webcasts planned for Oracle Webcenter. Thursday, October 31st, 2013 10am CET (8am UTC / 11am EEST)  Register Now For any questions please contact us at [email protected] Stay Connected

    Read the article

  • My application had a WindowsIdentity crisis

    - by Brian Donahue
    The project I have been working on this week to test computer environments needs to do various actions as a user other than the one running the application. For instance, it looks up an installed Windows Service, finds out who the startup user is, and tries to connect to a database as that Windows user. Later on, it will need to access a file in the context of the currently logged-in user. With ASP .NET, this is super-easy: just go into Web.Config and set up the "identity impersonate" node, which can either impersonate a named user or the one who had logged into the website if authentication was enabled. With Windows applications, this is not so straightforward. There may be something I am overlooking, but the limitation seems to be that you can only change the security context on the current thread: any threads spawned by the impersonated thread also inherit the impersonated credentials. Impersonation is easy enough to do, once you figure out how. Here is my code for impersonating a user on the current thread:         using System;         using System.ComponentModel;         using System.Runtime.InteropServices;         using System.Security.Principal;         public class ImpersonateUser         {                 IntPtr userHandle;   [DllImport("advapi32.dll", SetLastError = true)]                 static extern bool LogonUser(                         string lpszUsername,                         string lpszDomain,                         string lpszPassword,                         LogonType dwLogonType,                         LogonProvider dwLogonProvider,                         out IntPtr phToken                         );                     [DllImport("kernel32.dll", SetLastError = true)]                 static extern bool CloseHandle(IntPtr hHandle);                     enum LogonType : int                 {                         Interactive = 2,                         Network = 3,                         Batch = 4,                         Service = 5,                         NetworkCleartext = 8,                         NewCredentials = 9,                 }                     enum LogonProvider : int                 {                         Default = 0,                 }                 public static WindowsImpersonationContext Impersonate(string user, string domain, string password)                 {   IntPtr userHandle = IntPtr.Zero;                         bool loggedOn = LogonUser(                                 user,                                 domain,                                 password,                                 LogonType.Interactive,                                 LogonProvider.Default,                                 out userHandle);                               if (!loggedOn)                         throw new Win32Exception(Marshal.GetLastWin32Error());                           WindowsIdentity identity = new WindowsIdentity(userHandle);                         WindowsPrincipal principal = new WindowsPrincipal(identity);                         System.Threading.Thread.CurrentPrincipal = principal;                         return identity.Impersonate();   }         }   /* Call impersonation */ ImpersonateUser.Impersonate("UserName","DomainName","Password"); /* When you want to go back to the original user */ WindowsIdentity.Impersonate(IntPtr.Zero); When you want to stop impersonating, you can call Impersonate() again with a null pointer. This will allow you to simulate a variety of different Windows users from the same applicaiton.

    Read the article

  • WCF contract mismatch problem

    - by Tom
    Hi there, I have a client console app talking to a WCF service and I get the following error: "The server did not provide a meaningful reply; this might be caused by a contract mismatch, a premature session shutdown or an internal server error." I think it's becuase of a contract mismatch but i can't figure out why. The service runs just fine by itself and the 2 parts were working together until i added the impersonation code. Can anyone see what is wrong? Here is the client, all done in code: NetTcpBinding binding = new NetTcpBinding(); binding.Security.Mode = SecurityMode.Message; binding.Security.Message.ClientCredentialType = MessageCredentialType.Windows; EndpointAddress endPoint = new EndpointAddress(new Uri("net.tcp://serverName:9990/TestService1")); ChannelFactory<IService1> channel = new ChannelFactory<IService1>(binding, endPoint); channel.Credentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Impersonation; IService1 service = channel.CreateChannel(); And here is the config file of the WCF service: <configuration> <system.serviceModel> <bindings> <netTcpBinding> <binding name="MyBinding"> <security mode="Message"> <transport clientCredentialType="Windows"/> <message clientCredentialType="Windows" /> </security> </binding> </netTcpBinding> </bindings> <behaviors> <serviceBehaviors> <behavior name="WCFTest.ConsoleHost2.Service1Behavior"> <serviceMetadata httpGetEnabled="true" /> <serviceDebug includeExceptionDetailInFaults="true" /> <serviceAuthorization impersonateCallerForAllOperations="true" /> </behavior> </serviceBehaviors> </behaviors> <services> <service behaviorConfiguration="WCFTest.ConsoleHost2.Service1Behavior" name="WCFTest.ConsoleHost2.Service1"> <endpoint address="" binding="wsHttpBinding" contract="WCFTest.ConsoleHost2.IService1"> <identity> <dns value="" /> </identity> </endpoint> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" /> <endpoint binding="netTcpBinding" bindingConfiguration="MyBinding" contract="WCFTest.ConsoleHost2.IService1" /> <host> <baseAddresses> <add baseAddress="http://serverName:9999/TestService1/" /> <add baseAddress="net.tcp://serverName:9990/TestService1/" /> </baseAddresses> </host> </service> </services> </system.serviceModel> </configuration>

    Read the article

  • ProtectedData.Unprotect() after Impersonate()

    - by Andrey
    The following code doesn't work: IntPtr token = Win32Dll.LogonUser(“user1”, “mydomain”, “password1”); WindowsIdentity id = new WindowsIdentity(token); WindowsImpersonationContext ic = id.Impersonate(); byte[] unprotectedBytes = ProtectedData.Unprotect(passwordBytes, null, DataProtectionScope.CurrentUser); password = Encoding.Unicode.GetString(unprotectedBytes); ic.Undo(); The password is not decrypted. MSDN said "If you use this method during impersonation, you may receive the following error: "Key not valid for use in specified state." This error can be prevented by loading the profile of the user you want to impersonate, before calling the method." I would be very grateful for the help!

    Read the article

  • C# - Screenshot of process under Windows Service

    - by Jonathan.Peppers
    We have to run a process from a windows service and get a screenshot from it. We tried the BitBlt and PrintWindow Win32 calls, but both give blank (black) bitmaps. If we run our code from a normal user process, it works just fine. Is this something that is even possible? Or could there be another method to try? Things we tried: Windows service running as Local System, runs process as Local System - screenshot fails Windows service running as Administrator, runs process as Administrator - screenshot fails. Windows application running as user XYZ, runs a process as XYZ - screenshot works with both BitBlt or PrintWindow. Tried checking "Allow service to interact with desktop" from Local System We also noticed that PrintWindow works better for our case, it works if the window is behind another window. For other requirements, both the parent and child processes must be under the same user. We can't really use impersonation from one process to another.

    Read the article

  • Visual Studio / Visual Source Safe / Integrated Security / IIS 7

    - by Jason
    Using Visual Source Safe with IIS integration (the working dir is the IIS site) Visual Studio, pointed to the IIS site would load up the Web project. It would be under VSS control (have to check out files, etc). Recently, we had to switch to Integrated Security for our database connections from the web app. This means changing the impersonation of the IIS app pool (and anon authentication) to the impersonated account. Since I did this -- my project loads in Visual Studio, but it acts as if I'm not me, and the files aren't under source control anymore. I'm going to assume it's something with the pass-through from IIS to the VSS (as if you'll remember you had to add IIS_USERS to the VSS list of users). Even trying to add the impersonated account didn't work. Any ideas?

    Read the article

  • Can't resolve "UnauthorizedAccessException" with MVC 2 application running under IIS7

    - by Daniel Crenna
    We use MVC controllers that access System.File.IO in our application and they work fine in localhost (IIS 6.0-based Cassini). Deploying to IIS7, we have problems getting the controllers to work because they throw UnauthorizedAccessExceptions. We have done the following to try to resolve the issue: - Set NETWORK SERVICE and IUSR accounts to have permission on the files and folders in question - Ensured the App Pool is running under NETWORK SERVICE and loading the user profile - Application is running under full trust - We tried adding impersonation to web.config and giving NETWORK SERVICE write permissions Now, we alternate between getting UnauthorizedAccessException and an IIS7 404 page that suggests the routes are being ignored completely (for example we serve "/favicon.ico" via a controller when the physical file actually lives at /content/images/favicon.ico). We used ProcessMonitor to try to track down the issue but weren't successful.

    Read the article

  • Using DLL that using COM in C#

    - by chekalin-v
    I have been writing DLL on C++, that will be use in C#. DLL have some function, where I call hres = CoInitializeEx(NULL, COINIT_MULTITHREADED); and next call hres = CoInitializeSecurity( NULL, -1, // COM authentication NULL, // Authentication services NULL, // Reserved RPC_C_AUTHN_LEVEL_PKT, // Default authentication RPC_C_IMP_LEVEL_IMPERSONATE, // Default Impersonation NULL, // Authentication info EOAC_NONE, // Additional capabilities NULL // Reserved ); There are no error then I trying to use this dll in C++. But if I call function from DLL via C# application I see Error (80010106) Cannot change thread mode after it is set. I changed hres = CoInitializeEx(NULL, COINIT_MULTITHREADED); to hres = CoInitialize(NULL); After this changes error appear after CoInitializeSecurity: (80010119) Security must be initialized before any interfaces are marshalled or unmarshalled. It cannot be changed once initialized. How resolve this trouble?

    Read the article

  • FBA site owner encounter access deny in sharepoint 2007

    - by intangible02
    I created a sharepoint 2007 publishing site first using windows authentication, then extended it to another site using FBA. I created a FBA user and set it as site collection admin as well as top site owner. I also make application pool which the FBA site is running in to run with a user account which is within administrator group. But I encounter access deny error when browsing certain links using this site owner account. Is there other settings I need to configure? I found in the web.config, the impersonation is set to true. How does this affect the access rights?

    Read the article

  • WCF digest Authentication

    - by dudia
    What should be specified on the client side? Is this enough: binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Digest; ... cf.Credentials.HttpDigest.ClientCredential = new NetworkCredential("myuser", "mypass", "mydomain"); cf.Credentials.HttpDigest.AllowedImpersonationLevel = TokenImpersonationLevel.Impersonation; What should be specified on the server side? obviously one needs: binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Digest; but where do one specify in the server the digest username\password to validate the client against? In addition when Micosoft says that Digest Authentication uses the Domain Controller, what does it mean? Does it validate username\password against it?

    Read the article

< Previous Page | 1 2 3 4 5 6 7  | Next Page >