I have a VSTO workbook. I have a set of security measures that check the users credentials when opening the file (checks e-mail account exchange and other company security policies) which ensures that only someone within the company can open the file.
I do this in the startup property; however, I know a simple way to get round this is to simply have another workbook open and set enableevents to false in VBA. This will stop the security check from firing.
Is there a way to always ensure that events are active?
I have tried checking if the events are turned on but I cannot get it to work.
Excel workbooks are not secure. Period.
Embedded code can always be viewed, changed, removed and/or disabled.
The data can be typically be accessed without even opening Excel.
Related
I have a very tricky situation right now..
I have an application which downloads the email attachments of a particular email account, and then saves those attachment to a specified folder. The application also has some features, like sort the attachments by date, sort by keywords, etc.
So the app has two key features:
Email Attachment Download
Sorting
The requirement:
Only ONE administrator can run both features, and the normal users can only run the sorting feature
The Problem:
If there are two administrator accounts, how can I limit it to one only?
I only have one useful code as of now..
If My.User.IsInRole(ApplicationServices.BuiltInRole.Administrator) Then
MsgBox("I have admin privileges")
Else
MsgBox("I do not have admin privileges")
End If
I just need to know if other admins are using the app. If one admin already ran the app, other admins can't run it anymore..only 1 instance of the app should run for all admins.. thanks.
Why not Create one application level variable to keep count
AdminLoggedinCount
default to 0 and +1 when app starts
If My.User.IsInRole(ApplicationServices.BuiltInRole.Administrator) Then
If AdminLoggedinCount >=1
MsgBox("try again later another admin is using now")
Else
MsgBox("I have admin privileges")
End if
Else
MsgBox("I do not have admin privileges")
End If
You could do it by doing with a simple Semaphore file. The basic premise, when the application starts, and user is an admin user, try to open a file to a common location visible by all users. if the file exsits, try to erase it, in case the other user may have aborted out and did not properly close and erase the file.
If the file can not be deleted, then an admin is STILL active with the file open. When the user is finished, close and erase the file...
You could have a variable in the app for the status that the semaphore file is theirs (or not), and to allow (or not) the special extra feature.
Again, the file could be as simple as...
X:\YourSharePath\ActiveAdminUser.txt
I'm currently working on a .NET application that will be invoked from Lotus Notes 8.5. This .NET application is suppose to read some data from a Lotus Notes database, and export it to a file.
The code to connect to the Lotus Notes database is:
NotesSession ns = new NotesSession();
NotesView nv;
ns.Initialize("");
NotesDatabase nd = ns.GetDatabase("server", "file.nsf", false);
nv = nd.GetView("viewName");
Unfortunately, when ns.Initialize is invoked, the Lotus Notes component will prompt the user for their password. I understand that the method Initialize is overloaded, the user name and password can be provided. However, I will not know the username / password.
Since Lotus Notes will be open already, is there a way to access the Notes Database using the credentials of the user that is already logged into Lotus Notes? Essentially, I'd like to avoid having the user enter their Notes credentials again, but still access the database.
There is a setting that can be turned on in Notes in the User Security dialog. (You didn't mention the version of Lotus Notes. The dialog may be different if you're on an older version.) The setting is:
Don't prompt for a password from other Lotus Notes-based programs (reduces security).
Those last two words may be in parenthesis, but don't let that fool you. They are pretty important! The setting allows all programs running on that user's computer to use the Notes APIs without authentication. That opens the door for an email-borne piece of malware, amongst other threats. And never mind the fact that such threats have been rare in the Lotus Notes world. A big part of the reason for that is that keeping this setting disabled is the default.
From what I've said above, I'm sure you can understand why there isn't an easy way to do what you want to do!
The only way to disable the password prompt specifically for your application will be to use the Lotus Notes C API's feature set known as Extension Manager. I.e., you write a C source file that is compiled into a DLL. Your DLL must be installed on all users' machines, and an entry must be made in the notes.ini file in order to have it loaded when the Notes core DLLs run. The help files for the C API include some sample code showing how to do the Notes-specific part of this. You'd have to figure out the details of identifying the fact that it was invoked for your application, and (if I remember correctly) you would also have to write code to prompt the user for their password once and be responsible for securely storing it somewhere where your DLL can retrieve and decrypt it whenever it needs it.
I did find another way to perform this, without having to turn the "Don't prompt for a password from other Lotus Notes-based programs (reduces security)." check box on.
System.Type objNotesType = System.Type.GetTypeFromProgID("Notes.NotesSession");
dynamic ns = System.Activator.CreateInstance(objNotesType);
dynamic nd = ns.GetDatabase(AppSettings.NotesServer, AppSettings.NotesReplicaID);
if (nd.IsOpen != true) nd.OpenByReplicaID(nd.Server, AppSettings.NotesReplicaID);
dynamic nv = nd.GetView(AppSettings.NotesView);
I've tested it, and it works. I am not prompted for a password, and when accessing the Notes Database, I am accessing it under the current user's credentials. Also, no COM references needed to be added to the project.
I want to delete my Nlog logfile between each application run only if it was emailed to me successfully otherwise it should keep adding to the logfile. I am using Outlook to email the file. I don't want to use Smtp since some networks block port 25 and then it does not get emailed to me.
The problem is when I try to delete the logfile with File.Delete(logfile) is says that the the file is in use by aonther process. How do I unlock or close the file in order for me to email it using Outlook (and then re-open it fo further logging)?
I was thinking of making a copy of the logfile and emailing that, but I'm not sure if its the best way to do it.
Thx for any ideas.
It's not Outlook which prevents the deletion of the file - your application is still running and logging to that file is still active, hence it is the Nlog part of your application which prevents the deletion.
Tell nlog to use a different log file, or not to log at all (you may resume logging later on).
By default nlog doesn't keep files open (file target, keepFileOpen). So either you try to delete file when your application is writing data, or outlook still using the file.
First, you may want to send it via outlook a copy of the log file. So you'd be sure that original file is not locked by an external process.
Second, you'll be able to reconfigure current file target to write to another file (log(n+1).txt or something. There are some hints about programmatic configuration at Add, enable and disable NLog loggers programmatically). So you'll be sure that application isn't logging to the file.
Then you'll be able to remove it, I think.
Option 1 :
if(chkLogger.Checked){
NLog.Config.SimpleConfigurator.ConfigureForFileLogging("Logfile.log",NLog.LogLevel.Trace);
}
else
{
NLog.Config.SimpleConfigurator.ConfigureForFileLogging("Logfile.log", NLog.LogLevel.Off);
}
Option 2 : LogManager.DisableLogging() and LogManager.EnableLogging()
from website Stopping-Starting-NLog-on-runtime
I am in the process of writing an application that sets a signature based on pre-acquired data for each Microsoft Outlook account(a user may have multiple Outlook accounts for various purposes).
I am able to set a signature for the default account, but I have yet to find how to set a signature for each Outlook account individually. I have done a lot of my own research and poked around the Microsoft.Office.Interop objects without much luck.
Is there a way to achieve this?
To choose the Outlook profile programmatically, you just use
Microsoft.Office.Interop.Outlook.Application App =
new Microsoft.Office.Interop.Outlook.Application();
NameSpace mapi = App.GetNamespace("MAPI");
mapi.Logon(profileName);
obviously setting the profileName to what is shown in the dropdown list upon starting Outlook (if you do not set a default profile in the control panel email settings).
This however is problematic in a number of ways since Outlook does not support multiple sessions even though the MAPI logon does:
http://msdn.microsoft.com/en-us/library/bb219914(v=office.12).aspx
Meaning: if Outlook is already running, you can even set NewSession to true, but it won't help. It will give you the currently-logged-in profile regardless of what name you set. If you have an Outlook zombie (I got that while testing, check with task manager), i.e. an Outlook without an UI showing up, the problem is the same.
If you can ensure Outlook does not run while doing stuff with signatures, you should be fine though.
I have an automation addin for excel developed using C#. How do I package and distribute it ? Also when the addin is installed for the first time, I want a username and password check to pop for the first time.
How can I go about doing this ?
thanks
Visual Studio creates a setup project for each Add-in project. You could start by using that. It produces an MSI file that you can distribute.
About the second part - if you stay with Studio-generated setup you probably cannot add custom dialogs to installation. You'll need some tool that builds the installations.
How about asking for username and password on the first use? This way the installation remains simple. In my experience every question during installation increases the risk that the user says "WTF, why do I have to answer these stupid questions. Cancel".
To ask for username and password on the first use only you have to save them somewhere after asking, so that next time you know them. Approved Microsoft way is saving them in Settings. By default Studio creates Settings file in your peoject just for that. Just add two variables to that file with empty default values. Mark them as User variables (not the Application variables).
From your add-in, access them as Properties.Setings.VariableName.
When your add-in starts, check if you have the username and password in settings. If they are empty, ask and save.
if (string.IsNullOrEmpty(Properties.Settings.Default.UserName))
{
string name;
string password;
//ask for name and password, replace with your code
AskForUserandPassword(out name, out password);
Properties.Settings.Default.UserName=name;
Properties.Settings.Default.Password=password;
Properties.Settings.Default.Save()
}
Physically, this is saved somewhere deep in user directory in an XML file.