Im deploying my website onto my new server (windows 2003) from my local pc (windows 7) and my local homeserver (windows 2008) and have run in to a issue.
I have a process that starts up with the below code. It is passed a video file which gets converted.
System.Diagnostics.ProcessStartInfo StartInfo = new System.Diagnostics.ProcessStartInfo(Command, Parameters);
Them problem I have is on my new windows 2003 server it fails to work. No error or anything. Looking at the server and its taskmgr.exe I see the Process start but nothing happens.
Looking into it, everyone seems to say I need to have impersonate="true" in the webconfig which I do have, I currently have it set to the Administrator account which I use to log into remote desktop (I assume this is fine???)
<identity impersonate="true" userName="Administrator" password="********" />
This still doesn't work.. Looking in the taskmgr.exe the process is started with the username ="NETWORK SERVICE" ...
Any ideas???
A concrete solution i can't provide, but maybe this can help:
Take a low level look with Process Monitor to find if it is security related (missing permissions etc.)
Build a Debug Version of your programm and insert some Debug.Print() statements to narrow the problem. These messages can be seen bei Debug Viewer.
Maybe it's a problem with a wrong or missing assembly. To find these problem take a look into the Fusion Log Viewer.
Maybe one of these techniques will help you to tackle down your problem.
Related
I have the following simple code:
SPDiagnosticsService diagnosticsService = SPDiagnosticsService.Local;
SPDiagnosticsCategory cat = diagnosticsService.Areas["SharePoint Foundation"].Categories["Unknown"];
string format = "Test trace logging for category {0} in area {1}";
diagnosticsService.WriteTrace(1, cat, TraceSeverity.Medium, format, cat.Name, cat.Area.Name);
I only want to write to the SharePoint ULS Logs. But this does not work. What could be the reason?
UPDATE:
Oh sorry!! I get no entries in the ULS Logs. ULS Logs are generated, but mine are not written to the Logs. All categories in diagnostics logging configuration in the CA are set to Trace level Medium and Event Level Information. There is no exception thrown, too. The code runs fine when I run it via F5 and step through it.
SOLUTION FOUND!
The AppPool Account has to be in the local Performance Log Users group! I have blogged about it here, too: http://www.bog1.de/2015/03/es-ist-nicht-moglich-in-die-uls-logs-zu-schreiben-performance-log-users/
Are you running this on the target SharePoint server?
Are you running it under a suitable SharePoint admin account?
You could try a more comprehensive example - from a google, something like http://blog.mastykarz.nl/logging-uls-sharepoint-2010/
Lastly, if you are calling this code from within a SharePoint Sandbox Solution, it will not work, you need to write a proxy. http://blog.sharepointsite.co.uk/2012/01/sandbox-solution-uls-logging.html
I couldn't find the reason why it did not work on the vm but I decided to setup a fresh one and to test after each step if my solution works.
It seems to be a config issue.
With the new machine everything works fine.
I had a similar problem, my solution was to change the monitoring level from inside SharePoint Central Administration.
Central Admin -> Configure diagnostic logging -> then select what you want log.
I'm getting TrustNotGrantedException thrown for some specific users of our VSTO word addin.
These users have the certificate installed correctly.
The exception is being thrown when the app checks for updates:
try
{
ApplicationDeployment.CurrentDeployment.CheckForUpdate()
}
catch(TrustNotGrantedException ex)
{
Log(ex);
}
The stack trace is logged as follows:
User has refused to grant required permissions to the application.
at System.Deployment.Application.ApplicationTrust.RequestTrust(SubscriptionState subState, Boolean isShellVisible, Boolean isUpdate, ActivationContext actCtx, TrustManagerContext tmc) at System.Deployment.Application.DeploymentManager.DetermineTrustCore(Boolean blocking, TrustParams tp) at System.Deployment.Application.DeploymentManager.DetermineTrust(TrustParams trustParams) at System.Deployment.Application.ApplicationDeployment.CheckForDetailedUpdate(Boolean persistUpdateCheckResult) at System.Deployment.Application.ApplicationDeployment.CheckForUpdate() at iReport.iReportAddIn.CheckForUpdates()
Has anyone experienced this or knows how to prevent this in the code or with any workarounds?
Edit:
I have read through this blog post on the issues and it seems like it could be an issue with CAS Permissions for the problem users.
I'll try and give a problem user access to the update URL using this and will follow up in a bit, although I would much prefer to be able to prevent this in the code instead of fixing individual client machines. Something like:
caspol -m -ag 1 -url "http://machinename/application/*" FullTrust -exclusive on
Edit2:
Using caspol.exe worked! Does anyone know a way to prevent this from happening in the code?
Or can anyone explain why it could only be happening to select users?
Edit3:
I'm going to try add
<system.web>
<!-- level="[Full|High|Medium|Low|Minimal]" -->
<trust level="Full" originUrl=""/>
</system.web>
to the app.config
Edit4:
Adding full CAS trust to the app.config didn't help. Can anyone show me if its possible to achieve what CASPOL is doing in code?
Edit5:
If it isn't possible to do this in code, is there a easy way to run the CASPOL command as part of the clickonce install?
In recent versions of Windows, downloaded files are flagged as blocked and have security restrictions imposed on them that can cause breakage when consumed by other apps due to the sandboxing.
The implementation uses NTFS alternate streams. If the file is blocked you can tell by right clicking on the file, viewing properties and seeing the unblock button. Clicking unblock removes the stream and releases the extra security restrictions.
It can also be removed using sysinternals streams.exe. Test whether this is your issue by downloading your plugin on a Windows 7 machine, and then install without unblocking to see if it reproduces the issue.
I've this situation: i've buld a .net application that use .chm file as Integrated Help, when user press F1, Help.ShowHelp is invoked like in this example:
Help.ShowHelp(ctrl, HelpNamespace, HelpNavigator.TopicId, GetTopicId(ctrl));
This work like a charm on my machine in Application debug and release mode. But when i try to do the same on other machine (Windows XP, equal my working machine), when user press f1, nothing append, Help File is not opened.
I've done some tests. I'm sure HelpNamespace (string containing chm file path) is correct, i've tried do something more simple:
Help.ShowHelp(ctrl, HelpNamespace);
This work but is not context sensitive. I'm not able tu understend what append on the remote machine and why the seconth example work and first not.
Does anyone have any idea where the problem can be?
I solved this problem. My Machine is Windows XP Service Pack 3, Remote machine is Windows XP with no SP. I ask system administrator to update machine, after i've made new install of my Application and all work fine.
Before ask Administrator to update machine (that in all cases is a good practice, i don't know why a lot sys admin don't do this!) i've do this tests:
on my machine from command line i have emulated the comand probably called from Help.ShowHelp:
hh.exe -mapid 2900 ms-its:C:\Programs\AppFolder\Help.chm
if all work fine this command show chm file with Selected TopicId, this command, on remote machine don't produce anything and this is the reason that convinced me to ask for an update of the system
I have an issue with a Windows Service which throws a NullReference exception whenever I try to use
var myType = Activator.CreateInstance(typeof(MyType))
There is no problem whenever I run the exact same code in a console window - and after debugging the obvious "which user is running this code" I doubt that it is a mere fact of changing the user running the service as I've tried to run the service using the computer's Administrator account as well as LocalSystem. I'm suspecting a Windows Update fiddling with default user rights but that's a bit of a desperate guess I feel.
Remember: The type and assembly exist and works fine - otherwise I wouldn't be able to run the code in a console window. It is only when running in the context of a Windows Service I get an error.
The question is: Can I in any way impersonate i.e. LocalSystem in a unittest by creating a GenericPrincipal (how would that GenericPrincipal look)?
You could always run a visual studio instance as LocalSystem. From the command line, enter the following:
at <time in near future> /interactive <path to devenv.exe>
Then wait for that time to roll around and VS should open up, but will be running under the LocalSystem account.
I'd personally not suspect the user account, and instead suspect that it's something to do with being interactive - does the constructor or class constructor for MyType have some implicit dependency on the desktop?
(Edit - oops, should be time before /interactive, corrected command line).
e.g.
at 11:48 /interactive "c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\devenv.exe"
I know its a simple answer but have you tried putting it in a try catch block then writing out the exception to see if it is Permission based or otherwise.
I have a developer tool that I want to run from an internal site. It scans source code of a project and stores the information in a DB. I want user to be able to go to the site, chose their project, and hit run.
I don't want the code to be uploaded to the site because the projects can be large. I want to be able to run my assembly locally on their machine. Is there an easy way to do this?
EDIT: I should note, for the time being, this needs to be accomplished in VS2005.
EDIT 2: I am looking for similar functionality to TrendMicro's Housecall. I want the scan to run locally, but the result to be displayed in the web page
You could use a ClickOnce project (winform/wpf) - essentially a regular client app, deployed via a web-server. At the client, it can do whatever it needs. VS2005/VS2008 have this (for winform/wpf) as "Publish" - and results in a ".application" file that is recognised by the browser (or at least, some browsers ;-p).
You might be able to do the same with Silverlight, but that has a stricter sandbox, etc. It would also need to ask the web-server to do all the db work on its behalf.
I want to be able to run my assembly
locally on their machine
Sounds like you want them to download the tool and run it from their local machine, does that work for you?
Any code can scan files given the location and permissions. For a website to open an exe on a different machine and permit that to run and get access to the files contained on the web server would require a horrifically low level of security that would mean the entire system is practically completely open to attack. If your system is completely behind a firewall and hence protected from outside intererance then you want to look more at the permissions and less at the code.
To run an exe on a machine try following notepad example, though you may have to use a specified directory as well
ProcessStartInfo psi = new ProcessStartInfo("notepad.exe");
psi.WindowStyle = ProcessWindowStyle.Hidden;
Process p = new Process();
p.EnableRaisingEvents = true;
p.Exited += new EventHandler(ExitHandlerToKillProcess);
p.StartInfo = psi;
p.Start();
and when done dont forget to kill the Process. Alternately use javascript. Either way watch the security permissions and remember the risks of doing this.
I would probably write some sort of command line tool or service that does the processing and extraction of project data. Then I would use a page to update/register projects that the web server and the command line tool both have common access to. then at specified times either manually or via cron or similar mechanisms extract the data to your database. once you have this, you just use the website to display last extraction times and the extracted data.
if the projects/end users are on a different subnet etc, then you will need the end users to run the tool and then have it post the data into the database.