I'm trying to edit the hosts file while my program is started as "NT AUTHORITY\SYSTEM" with psexec, and I still get UnauthorizedAccessException. I thought that SYSTEM should be able to edit hosts file that's why I'm started my program with psexec -i -d -s myapp.exe.
So what should I do to be able to edit hosts file?
Make sure that your hosts file is not marked as read-only. If it is, you will get this exception regardless of current user permissions.
Related
I have programmed a Windows Service that is calling another service over the network.
The other service's IP is defined in the hosts file.
The Windows Service is running as local system.
On Windows Server 2008 this works fine. The IP from the hosts file is used.
On Windows 7, the IP from the hosts file is not used. Instead it uses normal DNS.
If I use a normal user instead of local system, the behaviour is correct. The same as on Windows Server 2008. The host file is used.
I can reliably switch between local system and a normal user for the same service binary without touching the hosts file, the error is reproducable. So it's not about caching anything anywhere or having a wrong hosts file.
Is there anything in Windows 7 I missed? Why would a service running as local system not use the hosts file?
The reason why it works as normal user could be this: you could have a duplicate hosts file in %LOCALAPPDATA%\VirtualStore, which is a redirection folder for programs running as non-admin and trying to write to system locations. If this is the case, then you actually see wrong hosts file when you think you edit the system's one!
The other reason could be wrong permissions set to file. Please try point 5 from https://serverfault.com/a/452269
First close other runnings applications and have a look at your system logs
You can run anything as system to debug like explorer.exe or cmd.exe
with the folowing command using PSTools you could then browser your hosts and check it
psexec -i -s cmd.exe
psexec -i -s ping your.host
Avoid multiple entry for the same host on hosts file
Even if you talked about it i post some debug commands
ipconfig /flushdns
nbtstat -R (reset netbios)
You can check DNS Cache
ipconfig /displaydns | more
Windows set the hosts file location with this registry key
\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DataBasePath
Check proxy config it could bypass hosts
Check "etc" directory permission and "hosts" file permission
I am a new C# programmer. I made a setup file of an application in Inno setup, but when I use this application after installation, the application crashes when it tries to access (read) an existing folder in the computer (which the user has permission to access otherwise). This folder does not contain any program file, or logs. It just contains some media files which are already in the computer.
I saw the Inno script format, but it shows only how to give permission to access program files/folders only, what about the files which are already there in the computer? Shouldn't the application should have access to files which the user (who installed it)has access to ?
To set permissions on existing files or folders, you can use the Windows cacls command in the [Run] section.
Filename: "{sys}\cacls.exe"; Parameters: """C:\My Folder\My File.ext"" /t /e /g ""Everyone"":f ""Power Users"":f ""Users"":f ""Authenticated Users"":f "; StatusMsg: "Configuring Windows settings..."; Flags: runhidden
Type cacls /? at a command prompt for all available switches and syntax.
It worked when I used
"Permissions: users-modify" in [Dirs] section.
I am attempting to remotely call an executable on a target machine, with the executable located on a UNC network path. I am using the Win32_Process.Create method to do this. I am able to use this method to launch files that are stored locally on the C: drive, but I get Return Value 2, Access Denied, when I try to launch the file from a UNC path. I am confident the path is correct, because if I alter it to a bogus path, I get Return Value 9, Path Not Found.
In Powershell I am using invoke-wmimethod to call the Create method of Win32_Process and passing a credential object that has administrative rights on the target system and read rights on the UNC path. In C# I am impersonating using ConnectionOptions with the same credentials. The results are the same in both cases.
I have also tried using various methods (CIM_DataFile, remotely invoking XCopy) to copy the EXE file locally first. None of these methods have worked. I want to copy directly from a file server, to a target system, without pulling the file to the application server first, because the application server is not in the same datacenter as most target systems and as such would be pulling a large file down over the WAN twice, which is slow and less reliable. One option I have found is to use FTP, but I consider that a last resort.
I can also remotely invoke the EXE from the UNC path using PSExec and the same credentials, but I want to avoid shelling out from my web application to call PSExec. I know it will work if that's what I have to do, and I have used PSExec many times to solve problems like this, but I really want to do this all within the application and not hacking around it using an external program.
Is there any way I can use Win32_Process to launch an EXE on a remote machine, when that EXE is located on a UNC path? Could this be a Group Policy issue wherein the process launched by WMI does not have permission to invoke an EXE from a network location? I am out of ideas and out of search terms.
Powershell code examples. This works:
$launchproc = Invoke-WmiMethod -ComputerName $compName -Class Win32_process -Name Create -ArgumentList "c:\temp\installer.exe /s /f1c:\temp\installer.iss" #-Credential $adminCreds
This does not:
$launchproc = Invoke-WmiMethod -ComputerName $compName -Class Win32_process -Name Create -ArgumentList "\\fileserver\share\installer.exe /s /f1\\fileserver\share\installer.iss" -Credential $adminCreds
Note that if I issue the command locally from a command window, interactively, the UNC based command DOES work just fine. The funny syntax is an artifact of InstallShield's silent install switches. Also note that if I double-backslash or backtick escape the backslashes, I get Path Not Found, so I don't think it's an escaping issue.
Edit: while not exactly the same problem, I did check the GP rights described here: WMI Win32_Process.Create fails with Insufficient Privs and I do have those rights set correctly.
Edit #2: I found someone else having a similar problem:
Win32_Process Create method. Trying to copy a file from a remote machine to a remote machine Again it's a batch file-ish hack launching Net Use on the remote system. Is this my only real option?
In the end, I just called PsExec using System.Diagnostics.Process() in C#. It's not the solution I wanted, but I wasn't able to make anything else work, and while I don't like shelling out to an external EXE, it does end up being relatively straightforward.
I asked some of the PowerShell MVPs who are more knowledgeable in WMI and got the response that unless the remote machine was the domain controller you won't be able to do it. However, if you could use PowerShell remoting to remote to the computer with -Authentication CredSSP, then you could use Invoke-WmiMethod with the network path. Richard Siddaway did a write up on this that might be useful to peruse.
I am trying to run xxx.exe file using command prompt with silent mode. i saw this link in Google: http://www.powerware.com/Software/lansafe_help/LSHelp424.htm.
when i run this command : C:>"D:\xxx.exe" -r -f1"D:\Test.iss"
am getting error : "xxx.exe" is not recognized as an internal or external command operable program or batch file.
Can any body give the idea where i am doing mistake.
As others said, make sure your path to your exe file is correct. You can change directory where exe is before execution or write out the full path.
By silent mode if you mean to run exe without any output on screen, then simply redirect the output to a file.
E.g. if your exe is in D:\myprog\myprog.exe, then following command will make your program run in "silent" mode:
c:>"D:\myprog\myprog.exe" > "D:\myprog\output.txt"
Above example will dump output into output.txt file.
you have to run your command in which location EXE file is located. can you check whether its residing in d:?
You may switch over to the D:\ drive before running your command, but it shouldn't matter. Double check it actually exists in that location
I have a batch file that I have been using to install my C# Windows Services for awhile now, never had a problem until Windows 7. I have attempted to run the batch file with Administrator privileges. I have attempted to run the command prompt with admin privs, navigate to the windows service EXE and run InstallUtil there. Still doesn't work.
After reading some other suggestions I tried moving my files out of the /bin folder and running them from another location but that also didn't work.
The batch file looks like this
#ECHO OFF
REM The following directory is for .NET 2.0
set DOTNETFX2=%SystemRoot%\Microsoft.NET\Framework\v2.0.50727
set PATH=%PATH%;%DOTNETFX2%
echo Installing IEPPAMS Win Service...
echo ---------------------------------------------------
InstallUtil /i IEPPAMS_WinService1.exe
echo ---------------------------------------------------
echo Done.
and I have a install log file that I dump info to. If I just double click the .bat file I get
Running a transacted installation.
Beginning the Install phase of the
installation. See the contents of the
log file for the
C:\Users\Justin\Desktop\service
test\IEPPAMS_WinService1.exe
assembly's progress. The file is
located at
C:\Users\Justin\Desktop\service
test\IEPPAMS_WinService1.InstallLog.
An exception occurred during the
Install phase.
System.InvalidOperationException:
Cannot open Service Control Manager on
computer '.'. This operation might
require other privileges. The inner
exception
System.ComponentModel.Win32Exception
was thrown with the following error
message: Access is denied.
The Rollback phase of the installation
is beginning. See the contents of the
log file for the
C:\Users\Justin\Desktop\service
test\IEPPAMS_WinService1.exe
assembly's progress. The file is
located at
C:\Users\Justin\Desktop\service
test\IEPPAMS_WinService1.InstallLog.
The Rollback phase completed
successfully.
The transacted install has completed.
When I run the .bat file with admin privileges nothing is written to the log file, and the service is still not installed.
Any thoughts? Is there a new way to install services in Windows 7?
Right click on the batch file and run it as Administrator.
You are most likely running into battle with the new security model (User Account Control) from Windows Vista and Windows 7. Even if you are running as an account that has Admin rights you will still need to elevate to do some (most) administrative activities. (Yes it is possible to disable this feature, but don't)
UAC (MSDN)
UAC (Wikipedia)
InstallUtil (MSDN)
Edit... The correct commandline is InstallUtil YourApp.exe. The /i does not look to be a vaild switch for InstallUtil.
So I was able to fix the problem by typing in the command line the entire path to InstallUtil and it worked. So after navigating to the folder that had my EXE I typed the following:
C:\Windows\Microsoft.NET\Framework\v4.0.21006\installutil.exe
IEPPAMS_WinService1.exe
Not sure why I have to do that in Windows 7 now when I never had to in XP, but oh well. Thanks for all the suggestions!
When I run the .bat file with admin privileges nothing is written to the log file, and the service is still not installed.
First off, you HAVE to run as admin permissions.
Second, when you "Run as Administrator", it actually changes the directory to c:\windows\system32 as the initial directory ( no idea why ), which would probably explain why running as admin causes no log file. Manually change to the path IEPPAMS_WinService1.exe resides in that the start of your script.