Apologies for the double-post.. I'm new, just getting used to this.. and
should have posted this way in the first place..
How does one go about taking ownership of a registry key using C# & .NET 2.0
*IF* one has _only_ TakeOwnership privilege?
The problem is exactly as specified in MS KB Article ID: 111546 at: http://support.microsoft.com/kb/111546/EN-US/
...except that I would like to know how to do it in C#
Any help would be much appreciated. Thanks! (Again!) 9  7207 
Hi Rheal,
Thanks for your post.
In .Net 1.1, there is no build-in for Access Control support, however,
Net2.0 has finally released several access control namespace such as
System.Security .AccessControl and System.Security .Principal. The article
below showed how to use these 2 namespaces to do what you want:
"Item 46: How to take ownership of an object" http://www.pluralsight.com/keith/boo...ownership.html
Hope this helps.
Best regards,
Jeffrey Tan
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.
Thank you for your reply:
On Fri, 23 Sep 2005 09:13:33 GMT, "Jeffrey Tan[MSFT]" wrote: In .Net 1.1, there is no build-in for Access Control support, however,
.Net2.0 has finally released several access control namespace such as
System.Security .AccessControl and System.Security .Principal. The article
below showed how to use these 2 namespaces to do what you want:
"Item 46: How to take ownership of an object"
http://www.pluralsight.com/keith/boo...ownership.html
Unfortunately, the code example uses a type that VS 2005 RC does not
recognize - "LeafObjectSecu rity"
A google search turns up very little, but more than a search on msdn,
microsoft.com, or the Visual Studio 2005 RC help, all of which turned up
absolutely *nothing* when I searched for simply "LeafObjectSecu rity" - Of
the few results from Google, only one provided any hint - which seems to be
that LeafObjectSecur ity was introduced in .NET Beta 1, but dropped in .NET
Beta 2. http://www.aspnetdev.de/ClassReferen...ssControl.aspx
I am aware of the other namespaces you mentioned, and am able to pretty
much do any type of security manipulation with the Registry Keys *except*
take ownership when I have no other privileges than TakeOwner. ;)
Do you have any other thoughts on how I might be able to take ownership of
a Registry Key using C# and any of the new .NET 2.0 features? (that are
still valid in RC1, and hopefully also in Beta 2) .. and assuming still, of
course, that I have no other privileges than TakeOwner.
Thank you again for your time and assistance.
Cheers
Hi Andrew,
Thanks for your feedback.
Yes, Whidbey is in beta versions, and everything may be changed in RTM.
Currently, I suggest you p/invoke RegOpenKeyEx and RegSetKeySecuri ty to get
this done. With this, we do not reply on the change of Whidbey framework.
Thanks
Best regards,
Jeffrey Tan
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.
On Wed, 28 Sep 2005 09:21:56 GMT, "Jeffrey Tan[MSFT]" wrote: Hi Andrew,
Thanks for your feedback.
Yes, Whidbey is in beta versions, and everything may be changed in RTM.
Currently, I suggest you p/invoke RegOpenKeyEx and RegSetKeySecuri ty to get
this done. With this, we do not reply on the change of Whidbey framework.
Thanks
Hi Jeffrey,
Thank you very much again for your reply, and for the information. :)
Just to clarify - Is .NET 2.0 essentially a part of Whidbey? (and thus
meaning there's essentially no documented way to do what I want in .NET 2.0
for now..?)
I only ask because I sort of had the impression the .NET 2.0 went with
Visual Studio .NET 2005, and was thus going to be "released" with VS 2005.
If that were true (and I could obviously be totally mistaken) then there
"should" be a way to use the new .NET 2.0 functionality to take ownership
of a registry key as I wanted to, shouldn't there?
Meantime -- I'll try your suggestion about p/invoke - I've just never used
that before and it sounds complicated. ;)
Thanks again! I totally appreciate having you and the Concierge available!
Cheers
- Andrew
Hi
Thanks for your feedback.
Yes, Whidbey is the code name of .Net 2.0. I agree with you that Whidbey
should have build-in method to take the ownership of an object. But,
because Whidbey is still does not release, everything may change, and may
not available in RTM version. So using p/invoke to do this should be more
reliable currently. This is why I suggest you use legacy Win32 way(p/invoke
to Win32 API).
Anyway, in my Whidbey Beta2 version, there is a RegistrySecurit y class can
be used for representing registry security. The code snippet below how to
get this done:
NTAccount account = new NTAccount(Envir onment.UserDoma inName+
"\\"+Environmen t.UserName);
RegistryKey rk = Registry.Classe sRoot.CreateSub Key("mytest");
RegistrySecurit y rs=rk.GetAccess Control();
rs.SetOwner(acc ount);
rk.SetAccessCon trol(rs);
Note: we should first enable the TakeOwnership privilege in the process
token, however, currently, .Net still did not provide a way to enable this
privilege, we have to resort to win32 way. For a sample, please refer to
the link below: http://pluralsight.com/wiki/default....oUseAPrivilege.
html
=============== =============== =============== ======
Thank you for your patience and cooperation. If you have any questions or
concerns, please feel free to post it in the group. I am standing by to be
of assistance.
Best regards,
Jeffrey Tan
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.
Hi Andrew,
Does my reply make sense to you? Is your problem resolved? Please feel free
to tell me, thanks
Best regards,
Jeffrey Tan
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.
On Tue, 11 Oct 2005 07:35:45 GMT, "Jeffrey Tan[MSFT]" wrote: Hi Andrew,
Does my reply make sense to you? Is your problem resolved? Please feel free
to tell me, thanks
Hi Jeffrey,
Thanks for the reply! :) And.. well.. your reply in and of itself does
make sense to me... ;)
However, that code you pointed me at, over on pluralsight.com seems
excessively complicated just to be _able_ to take ownership of a registry
key.. But if that's what I need to do, well, I'll try and figure it out. :)
I have to admit that all that token stuff is new to me... nor am I really
that sure how I'm supposed to use that code. It sounds like he's talking
about multiple privileges (privCount) - I don't even know how to begin to
call it and specify that I want the TakeOwnership privilege in the process
token. He also seems to be indicating that I should disable the privilege
afterwards.
I get the feeling that I can't just take that code, and dump it in at the
end of my source file and have it work. ;) (even if I _did_ know how to
call it..)
Is there somewhere that sort of eases into that stuff slowly, so that I
might have some hope of understanding it, and how I might make use of it? I
feel that I'm just missing some fundamentals about dealing with this type
of coding. (The privilege stuff from C++ _and_ calling C++ from C#)
Any pointers to documentation, tips, suggestions, thoughts, ideas, or any
other type of further assistance in figuring this out would again be very
much appreciated!
Thank you (again!) for your time and assistance with this!
- Andrew
Hi Andrew,
Thanks for your feedback.
I think your current concern is how to use the unmanaged code snippet of
enabling privilege in your application, yes?
I am not sure if you are familiar with making dll in VC++. I suggest you
use VC++ with that code snippet to create a dll which exports a function to
enable privilege. Then in .Net, we can use P/invoke to call this exported
function. After doing this, we should can use .Net2.0 classes to take the
ownership of registry.
Addtionally, if you just want to set the ownership of the registry to your
login account, just enabling SeTakeOwnership Privilege is enough. However,
if you want to set its ownership to any other valid account SID, we have to
enable another privilege: SeRestorePrivil ege(These 2 privileges are both
assigned to Administrators local group by default, however it is disabled
by default, so we should enable it in our login account). For more
information about ownership, please refer to the links below: http://win32.mvps.org/security/ownership.html
"A .NET Developer's Guide to Windows Security: Understanding Ownership" http://www.awprofessional.com/articl...?p=350386&rl=1
For more information about p/invoke, please refer to the msdn article
below: http://msdn.microsoft.com/msdnmag/issues/03/07/NET/
At last, for debugging or testing purpose, I usually use PView.exe in
Platform SDK to enable certain privilege of certain process. To do this, we
can first run up the application, then use PView.exe to find our process
and view its Process token, in the popup process token dialog, we can
enable any privilege we want. After enabling the privilege, we can force
the application to run the take ownership security code.
Hope this helps
Best regards,
Jeffrey Tan
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.
Hi Andrew,
Does my reply make sense to you? Is your problem resolved? Please feel free
to tell me, thanks
Best regards,
Jeffrey Tan
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: steve b |
last post by:
I need to add a registry entry to internet explorer (I'm adding a right
click menu item) with vb.net setup program. Anyone know how to do that?
Thanks!
|
by: Jacob |
last post by:
I am trying to find the best way of documenting (in code and
comments) ownership of secondary contained objects. This is my
current status, and I would appreciate feedback on it:
Case 1: When the secondary object is created with the object
and dies with the object.
Solution: Keep the secondary object as a stack variable, and
|
by: Howard |
last post by:
Hi,
I recently had a problem where I decided to store objects in a vector.
(Previously, I had always stored pointers in vectors). Well, naturally,
when storing an object in a vector, using push_back, the object I had in
hand was getting copied (twice, in fact). That led to a problem, in that my
object contained a "handle" to another object, and when the object being
pushed went out of scope and was destroyed, the referenced object was...
|
by: Andrew |
last post by:
I spent tons of time searching the web for how to use .NET 2.0 and C# to
modify Registry key security. After finally finding an example, and once I
knew the function names a few other small examples.. I can still find
nothing that demonstrates how to take ownership of a Registry key if one
has (potentially) *only* "write owner"
The problem, of course is that normally, to read or change permissions, one
needs to "open" the registry key to...
|
by: Andrew |
last post by:
How does one go about taking ownership of a registry key using C# & .NET 2.0
*IF* one has _only_ TakeOwnership privilege?
The problem is exactly as specified in MS KB Article ID: 111546 at:
http://support.microsoft.com/kb/111546/EN-US/
...except that I would like to know how to do it in C#
Any help would be much appreciated. Thanks!
| | |
by: Stephen Engle |
last post by:
I am trying to allow for user account to take ownership of an Active
Directory object. I have assigned the Modify Owner permission to the user
on the AD object - a distribution list in this case. Using Active Directory
Users and Computers, the user can take ownership of the object. But I have
not been able to get the program I am working on to do so. Whenever I try
to write the Security Descriptor back to the object, I get the...
|
by: Martin Horn |
last post by:
Hi all,
I need to be able to do what it says in the subject line.
For example I need to be able to take ownership of a file and set it's file
security to Everyone/Full control.
Had a quick look on google and haven't been able to locate any examples, can
someone point me in the right direction?
|
by: YXQ |
last post by:
Hello,
I need to programmatically take ownership of a registry-key as
current user using VB2005. To test this , i created a key
HKEY_LOCAL_MACHINE\Software\TestKey and removed all accessrights from this
key using RegEdt32.
Now i tried to set the accessrights by my programm. Since i do not have
rights to this key, i cannot open the key to get a handle for modifying the
rights.
|
by: riteshtechie |
last post by:
I am trying to add following reg file to registry programatically using VB.NET
http://www.winhelponline.com/fileasso/avi_fix_w7.zip
But I am getting the following error.
A search on Google reveals that it is because of the registry Key permission setting for the key I want to edit. I have looked for the same topic earlier in the forum but it is of no help.
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| | |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
