I have a very tricky situation right now..
I have an application which downloads the email attachments of a particular email account, and then saves those attachment to a specified folder. The application also has some features, like sort the attachments by date, sort by keywords, etc.
So the app has two key features:
Email Attachment Download
Sorting
The requirement:
Only ONE administrator can run both features, and the normal users can only run the sorting feature
The Problem:
If there are two administrator accounts, how can I limit it to one only?
I only have one useful code as of now..
If My.User.IsInRole(ApplicationServices.BuiltInRole.Administrator) Then
MsgBox("I have admin privileges")
Else
MsgBox("I do not have admin privileges")
End If
I just need to know if other admins are using the app. If one admin already ran the app, other admins can't run it anymore..only 1 instance of the app should run for all admins.. thanks.
Why not Create one application level variable to keep count
AdminLoggedinCount
default to 0 and +1 when app starts
If My.User.IsInRole(ApplicationServices.BuiltInRole.Administrator) Then
If AdminLoggedinCount >=1
MsgBox("try again later another admin is using now")
Else
MsgBox("I have admin privileges")
End if
Else
MsgBox("I do not have admin privileges")
End If
You could do it by doing with a simple Semaphore file. The basic premise, when the application starts, and user is an admin user, try to open a file to a common location visible by all users. if the file exsits, try to erase it, in case the other user may have aborted out and did not properly close and erase the file.
If the file can not be deleted, then an admin is STILL active with the file open. When the user is finished, close and erase the file...
You could have a variable in the app for the status that the semaphore file is theirs (or not), and to allow (or not) the special extra feature.
Again, the file could be as simple as...
X:\YourSharePath\ActiveAdminUser.txt
Related
I'm currently running into an odd little problem in an installation wizard. On one single test VM--all the others are fine--I cannot create subdirectories in a directory I created. On the first screen I select an install location and, if it doesn't exist, create it:
c:\Program Files\Foo
Then a couple screens later, I get user credentials for the software to use and, to make sure they have the appropriate permissions, use them via impersonation to create subdirectories under Foo, say Bar and Baz. The impersonation I'm using is based on link.
The thing is, if I'm logged in as myself, that first directory is created just fine. But if I put my EXACT SAME CREDENTIALS into that later screen, it fails to create those subdirs. Despite the fact that it's the same creds that the program itself are currently running under.
Also, as I said, this works literally everywhere else except this one machine. So it doesn't make any sense. All we can figure is something broken about the impersonation system. That's all we can figure. But you'd think it would show up elsewhere. If it was something with the VM, then how did we create the Foo directory in the first place?
Anyway, any suggestions would be most welcome. This is really nutso.
EDIT: I have verified my account is local Admin on the VM. Nothing helpful in the Event viewer. Also, fixed link to MS impersonator code.
Im trying to get the Users/Shared folder location in Mac so that i can write common user data(license) to it.I tried using
System.IO.Path.Combine (Environment.GetFolderPath (Environment.SpecialFolder.CommonApplicationData));
But its returning the folder in which I'm logged in.I know that i need to place the common application data in the Application Support folder but i think root privilege is required for this.If there is a better way to write to that folder,please suggest.
UPDATE:
I tried doing
File.Copy ("myfile.rtf", "Users//Shared//ll.txt");
But i get this exception >> Destination directory not found: Users/Shared
In OS X the directory is simply /Users/Shared, and it's directly off the root of the volume. There's no need to do Environment.GetFolderPath...
If you want to have user data or application data that can be shared by multiple users (read+write) you'll either want to create your own directory:
/Users/Shared/MyApp
and/or you can use:
/Users/Shared/Library/Application Support/MyApp
This way your application can share user data and application settings with all users. The /Library/Application Support folder (not to be confused with the one shared one), is owned by the system and anything that needs to write to it must obtain permission. The contents are read only, even for admin level users — something you'll want to consider when deciding where to store shared application data.
I am trying to achive a situation:
I am logged as a user on my account.
I've created a two more accounts which I will try to log on in the
"background"
And now I want to execute my code to log on different user in the background,
so that if i can click ctrl+alt+del and go to the switch user screen
i can see that another account was logged on the system.
During investigation I've read that this was possbile with some undocumented winapi methods before Microsoft implemented Fast User Switch(FUS) which replaced GINA.
I don't want to Impersonate code as user. I want to start up the whole windows session for a user from code.
I've tried to do sth with CreateProcessWithLogonW() but this was unsuccessful.
Big virtual beer for anybody who can give me a hand with this! :)
Okay had to do a bit of digging to figure this out my self.
Essentially you would need to run a command in command prompt.
This should load explorer.exe as a second user.
runas /user:*computer name\*account name explorer.exe
Follow this to get an idea on running a command line command via c#:
How To: Execute command line in C#, get STD OUT results
Other sources:
http://www.computerhope.com/runas.htm
http://lifehacker.com/290435/switch-user-accounts-from-the-command-prompt
HI All,
i wish begin to work about a feature new for me ,i'n my project i have a database( with SqlServer) and an application (developing in WPF) the purpose of this application is to manage/handle about Accountancy and other Departement,so i created a Passwords and Roles(for Users) to access in the application ,now i will create a system to knows how many Usera are connected to the Application(via Database )and show that in a listBox(for example like a normal Chat Application i wish knows who is online and offline) but i don't know where i need begin to work out this feature ,i'm strange to this feature so if you have any suggestion,link and else i will appreciate so much your help.
Thanks so much.
P.S. if my question is not clear i will rewrite it...however sorry in anticipate
Without knowing the details of your application, I would suggest setting a timestamp field in the database when they log in, and then set it again every X minutes while they are logged in. This has two advantages over just setting a flag:
1) If the application crashes, or the user's machine crashes, the flag will not be reset, and you will have no way of knowing that they are not still logged in.
2) The timestamp will tell you the last time each user was logged in, even if they are not logged in currently.
Maybe in the database itself? When the user logs in, you can set a flag for each user "LoggedInd = true", and when they log out "LoggedIn = false". And do a query on that flag "SELECT * FROM Users WHERE LoggedIn = true"
I have got a project that can copy files to another client's desktops in my domain.There is 300+ client machine.But there is a problem.When i run this project in a non admin user account in my domain.It cant copy files getting error about Access Denied , user restrictions.I wanna do this program like this , in non admin user account when user start to copy files ;
first my program will get admin access by loggin in my admin user accoun to domain than will copy files.Than logout.How can i do this ? I wanna do this with C#.
I had a similar problem: Production needed to run one of my programs that processes files on a location on the network where they don't have any access.
I ended up using Impersonation, which allowed me to run the file processing thread under a set of credentials set at runtime by my program.
In AD I created a special user account with all required permissions for exclusive use by this program.
I know it’s not at all secure, but it works and the odds that it would even occur to someone to hack my program to get these credentials is remote.
Anyway, look into Impersonation I found these resources helpful:
Safely Impersonating Another User
Brian Low's ImpersonationHelper class
-Jay
You can switch privileges when starting the program from itself or from another program. You can do this with two programs, one that runs as the user account and then launches your privileged application. (or launch itself with a different command line to indicate the different run-mode.)
To launch a program in C# as a different user, do this,
// Create a secure version of the password
SecureString pass = new SecureString();
foreach ( char c in _pass.Text )
{
pass.AppendChar( c );
}
Process process = Process.Start( "PrivilegedProgram.exe", _arguments, _user.Text, pass, _domain.Text );
you need to change the thread to the context of an admin user. How you do that in a secure way is the challenge. This sounds like a quick utility program where the security may not be a big deal, however. Just change the admin's password once the utility has been run.