I have a Windows Service that is responsible for deploying desktop applications. It detects windows logons, and then should install applications into local appdata, and start menu icons in the correct place.
What is the correct way to find a given user's local app data folder? I have a session id, but no win32 user token.
OK, I solved it.
I was able to retrieve the user token given the session id by calling WTSQueryUserToken.
I was then able to present this token to SHGetKnownFolderPath, which returned the correct path for local app data.
Related
Here is my scenario: I have a web application developped on Razor pages and it's published on a server with IIS connected to the company's network. I use windows identification for the user to log into the application. Each time an user makes a change or uses the application I save windows user into a SQL database. The problem is that sometimes the user is not the current user using the application. It's not frequent that this happens but I'm wondering if an user leaves the app open and another user logs in then the new user is saved? I tried to replicate the error on my local machine but I can't get to the same problem. I use User.Identity.Nameand save the value inside a static variable. Do you know what can cause this problem?
I have a paid app and want to offer it as free for a few days in the Store. But only for those who installed it during these special days I want to show ads.
How can I check if a user installed the app in a specific time range?
I thought of these solutions:
I could have a sign in previous packages and check it in this
package. if it was not available this was the first install.
I could save the date after installation since the first time.
But these won't work now.
Thanks.
You can get App receipt from the store (here is how it can look like) and parse the PurchaseDate of your product. However this will return the date when the app has been first installed, if the user has reinstalled the app, then it will return the date of the very first installation (first 'purchase' from the store).
You can also have a value in LocalSettings that will be responsible for remembering the date of first run of the app. But this doesn't mean the date of installation - user can install the app and run it after a month. Also when user reinstalls the app, you will get the new value.
You can use Windows collection API to scope your query to your particular product (app or add-on). After sending request, you will receive a response including an array item CollectionItemContractV6 which contains the parameters like acquireDate and some others which you're likely to use. Then you can unlock the feature to the user who installed your app within the correct time range.
You may follow the steps below to use this API:
Configure a Web application in Azure AD.
Associate your Azure AD client ID with your application in the
Windows Dev Center dashboard.
In your service, create Azure AD access tokens that represent your
publisher identity.
In client-side code in your Windows app, create a Windows Store ID
key that represents the identity of the current user, and pass the
Windows Store ID key back to your service.
After you have the required Azure AD access token and Windows Store
ID key, call the Windows Store collection API or purchase API from
your service.
For more details, you could check Query for products which includes both the request and response sample.
We have a machine that basically runs as a local system in kiosk mode by auto-logging in as a local machine user.
The user needs to launch a program that runs in a domain account. What we've done in the past is to encrypt the domain, user and password details in a file. Then decrypt them to launch the program (C# Process.Start). This program needs a domain account to use Windows authentication for accessing a SQLServer database.
However this is a security hole, the decryption password is inside the launcher program so someone could inspect the code and get access to a domain account.
Also, we cannot require the users to type in the account details, the users don't know these details, it's a one user for all type of account.
One thought is maybe there's a way to store an access token that I could use to launch the domain program. At least in that scenario the access token wouldn't have the clear text of the password. I looked at Windows Credential Manager but that seems mainly to be used for web sites and wants to store details as text.
Another option I'm investigating is a Windows service. The service would run in a third account and would hold the "secrets". However, I'm not sure how I would launch a process for the kiosk user and have it work properly with the user desktop / UI.
I am working in C# on a web application that requires a login username and password. This application is made to be compatible with Windows and is being written in VS 2013. In this company's network, all computers require user credentials, and in all cases the user's credentials for the app will be the same as their Windows logon credentials. Therefore we are trying to implement a system where, instead of signing onto Windows and then entering the same credentials again in the app, the app can access the Windows credentials that were given by the current user and attempt to sign in automatically with those. I know there is a way to do this using active directory with Azure, but for the time being we are trying to avoid using Azure. I have tried using WindowsIdentity.GetCurrent() and Environment.UserName so far, but both of those only supply the username, not the password, and we need the full credentials. It wouldn't shock me if this cannot be done in this way for security purposes, but if there is a way it would be incredibly helpful. Does anyone know of a way to access the current user's credentials? Thanks
You don't need Azure to accomplish this. Your application pool simply needs to have Windows Authentication enabled. You will not have access to the password, however.
After that, you will need to most likely write a HttpHandler which will get the HttpContext.Current.User.Identity value and check it against a database or collection of authorized users. You don't need to "re-authenticate".
I have created a sample ASP.NET website and hosted it in IIS 6.0 . It is working fine , if the identity of the defalut app pool is "local system". But when i changed the identity with some other configurable user id then it is showing as "Service Unavailable".
The following message is found in the event viewver.
"The identity of application pool 'DefaultAppPool' is invalid, so the World Wide Web Publishing Service can not create a worker process to serve the application pool. Therefore, the application pool has been disabled."
Either the credentials provided for the user is not valid, or the user does not have the needed permissions.
I believe there is a security group on the machine called IIS_WPG that is created when Asp.net is installed, add the user to this group, it should give them the needed permissions.
Message is self-explanatory. The selected user id isn't valid - probably due to insufficient privaledges to run the service.
The user identity you use needs to have fairly significant rights to operate. At a minimum the user needs to have read/execute permission on the root directory of the folder. This user should also have read/write/execute permission on the Temporary Asp.Net Files folder located within the %SystemRoot%/Microsoft.Net/Framework/ folder.
FYI,
In a development environment you can use the default app pool to create your web applications.
In production environment you want to use lusrmgr.msc (Server 2008/R2/7 Ultimate and Pro) to create new users (and their credentials) on the machine and assign the users to the right group (IIS_IUSRS).
Also once you have created the user, you will want to give it access to your data source back-end (if sql is running on the same machine and using windows authentication to access SQL).
Check Application Pools which assign Site on IIS, probably it is stopped.