Hi
I need to create a MessageQueue in my C# service (running as SYSTEM). Users
will have no permissions on this queue, so I can't look if messages are
present. When setting MessageQueue.SetPermissions, I have the problem of
knowing the Windows Group Name. I'd like to set Full Control to either Users
or Everyone (doesn't really matter), but the service might run under English
(Users, Everyone) or German Windows (Benutzer, Jeder). On a German Windows,
SetPermissions failes with "Everyone" and succeeds with "Jeder".
How can I get the locale-specific name of a role, say "Users"?
Or is there a much easier way to set Full Control Permissions on a
MessageQueue for Everyone?
Thanks a lot
Simon 4 5910
Can you p/invoke the LookupAccountName API, passing in the SID of the group
you want to use? Everyone and Authenticated Users are both well-known SID
values that don't change, so that might be a good way to get the localized
version.
It is too bad that the .NET MQ API won't take a SID directly as then you
would not have this problem.
Joe K.
"Simon Niederberger" <si***@sincore.ch> wrote in message
news:ec**************@TK2MSFTNGP14.phx.gbl... Hi
I need to create a MessageQueue in my C# service (running as SYSTEM). Users will have no permissions on this queue, so I can't look if messages are present. When setting MessageQueue.SetPermissions, I have the problem of knowing the Windows Group Name. I'd like to set Full Control to either Users or Everyone (doesn't really matter), but the service might run under English (Users, Everyone) or German Windows (Benutzer, Jeder). On a German Windows, SetPermissions failes with "Everyone" and succeeds with "Jeder". How can I get the locale-specific name of a role, say "Users"?
Or is there a much easier way to set Full Control Permissions on a MessageQueue for Everyone?
Thanks a lot Simon
Great, got that to work. However, now my assembly has an Win32API call, so
for deployment, I need full trust on the client. I found that I should add a
custom action in the setup project, but apart from that, I'm stumped.
Can you direct me to a step-by-step guide on how to make my assembly being
distributed with a Setup Project be fully trusted on the client?
(Essentially run the .NET framework 1.1 Wizard "Trust assembly" as custom
action). I'm using VS 2003.
Thanks a lot
Simon
"Joe Kaplan (MVP - ADSI)" <jo*************@removethis.accenture.com> wrote
in message news:uL*************@TK2MSFTNGP14.phx.gbl... Can you p/invoke the LookupAccountName API, passing in the SID of the
group you want to use? Everyone and Authenticated Users are both well-known SID values that don't change, so that might be a good way to get the localized version.
It is too bad that the .NET MQ API won't take a SID directly as then you would not have this problem.
Joe K.
"Simon Niederberger" <si***@sincore.ch> wrote in message news:ec**************@TK2MSFTNGP14.phx.gbl... Hi
I need to create a MessageQueue in my C# service (running as SYSTEM). Users will have no permissions on this queue, so I can't look if messages are present. When setting MessageQueue.SetPermissions, I have the problem of knowing the Windows Group Name. I'd like to set Full Control to either Users or Everyone (doesn't really matter), but the service might run under English (Users, Everyone) or German Windows (Benutzer, Jeder). On a German Windows, SetPermissions failes with "Everyone" and succeeds with "Jeder". How can I get the locale-specific name of a role, say "Users"?
Or is there a much easier way to set Full Control Permissions on a MessageQueue for Everyone?
Thanks a lot Simon
I thought you needed full trust to call into System.Messaging anyway since
it doesn't have the AllowPartiallyTrustedCallersAttribute. If your code is
being installed to the local machine, you will have full trust by default
anyway, so that probably isn't an issue. Are you actually get security
exceptions?
If you really feel like you need to change security policy, I'd suggest
starting a new thread as Nicole is much better at that stuff than me and can
provide you with more guidance.
Joe K.
"Simon Niederberger" <si***@sincore.ch> wrote in message
news:O$*************@TK2MSFTNGP10.phx.gbl... Great, got that to work. However, now my assembly has an Win32API call, so for deployment, I need full trust on the client. I found that I should add a custom action in the setup project, but apart from that, I'm stumped.
Can you direct me to a step-by-step guide on how to make my assembly being distributed with a Setup Project be fully trusted on the client? (Essentially run the .NET framework 1.1 Wizard "Trust assembly" as custom action). I'm using VS 2003.
Thanks a lot Simon
"Joe Kaplan (MVP - ADSI)" <jo*************@removethis.accenture.com> wrote in message news:uL*************@TK2MSFTNGP14.phx.gbl... Can you p/invoke the LookupAccountName API, passing in the SID of the group you want to use? Everyone and Authenticated Users are both well-known SID values that don't change, so that might be a good way to get the localized version.
It is too bad that the .NET MQ API won't take a SID directly as then you would not have this problem.
Joe K.
"Simon Niederberger" <si***@sincore.ch> wrote in message news:ec**************@TK2MSFTNGP14.phx.gbl... > Hi > > I need to create a MessageQueue in my C# service (running as SYSTEM). > Users > will have no permissions on this queue, so I can't look if messages are > present. When setting MessageQueue.SetPermissions, I have the problem > of > knowing the Windows Group Name. I'd like to set Full Control to either > Users > or Everyone (doesn't really matter), but the service might run under > English > (Users, Everyone) or German Windows (Benutzer, Jeder). On a German > Windows, > SetPermissions failes with "Everyone" and succeeds with "Jeder". > How can I get the locale-specific name of a role, say "Users"? > > Or is there a much easier way to set Full Control Permissions on a > MessageQueue for Everyone? > > Thanks a lot > Simon > >
No Joe, you're absolutely right. That was an apparent newbie question. I was
testing my test.exe from a network share, which doesn't reflect the final
setup. If I move the exe to a local drive, everything is great.
So my final solution is:
Use code from http://www.codeproject.com/csharp/SidTranslator.asp
Install application locally (was gonna do that anyway)
Use SID S-1-1-0 for group "Everyone"
Thanks a lot, Joe
Simon
"Joe Kaplan (MVP - ADSI)" <jo*************@removethis.accenture.com> wrote
in message news:Oq*************@TK2MSFTNGP15.phx.gbl... I thought you needed full trust to call into System.Messaging anyway since it doesn't have the AllowPartiallyTrustedCallersAttribute. If your code
is being installed to the local machine, you will have full trust by default anyway, so that probably isn't an issue. Are you actually get security exceptions?
If you really feel like you need to change security policy, I'd suggest starting a new thread as Nicole is much better at that stuff than me and
can provide you with more guidance.
Joe K.
"Simon Niederberger" <si***@sincore.ch> wrote in message news:O$*************@TK2MSFTNGP10.phx.gbl... Great, got that to work. However, now my assembly has an Win32API call,
so for deployment, I need full trust on the client. I found that I should
add a custom action in the setup project, but apart from that, I'm stumped.
Can you direct me to a step-by-step guide on how to make my assembly
being distributed with a Setup Project be fully trusted on the client? (Essentially run the .NET framework 1.1 Wizard "Trust assembly" as
custom action). I'm using VS 2003.
Thanks a lot Simon
"Joe Kaplan (MVP - ADSI)" <jo*************@removethis.accenture.com>
wrote in message news:uL*************@TK2MSFTNGP14.phx.gbl... Can you p/invoke the LookupAccountName API, passing in the SID of the group you want to use? Everyone and Authenticated Users are both well-known SID values that don't change, so that might be a good way to get the localized version.
It is too bad that the .NET MQ API won't take a SID directly as then
you would not have this problem.
Joe K.
"Simon Niederberger" <si***@sincore.ch> wrote in message news:ec**************@TK2MSFTNGP14.phx.gbl... > Hi > > I need to create a MessageQueue in my C# service (running as SYSTEM). > Users > will have no permissions on this queue, so I can't look if messages
are > present. When setting MessageQueue.SetPermissions, I have the problem > of > knowing the Windows Group Name. I'd like to set Full Control to
either > Users > or Everyone (doesn't really matter), but the service might run under > English > (Users, Everyone) or German Windows (Benutzer, Jeder). On a German > Windows, > SetPermissions failes with "Everyone" and succeeds with "Jeder". > How can I get the locale-specific name of a role, say "Users"? > > Or is there a much easier way to set Full Control Permissions on a > MessageQueue for Everyone? > > Thanks a lot > Simon > >
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Ken Lindner |
last post by:
I have a need to become familiar with SQL Server 2000 for work.
Needless to say I am new to SQL Server any version, but not IT in
general. My employer has provided me with the SQL Server 2000...
|
by: Christian McArdle |
last post by:
REQUEST FOR DISCUSSION (RFD)
unmoderated group comp.os.ms-windows.programmer.64bit
This is a formal Request For Discussion (RFD) to create
comp.os.ms-windows.programmer.64bit as an unmoderated...
|
by: Steven Fox |
last post by:
============================================================
About DB2 Administration Tools Environment
============================================================
DB2 administration tools level:...
|
by: pberna |
last post by:
Dear all,
I built a Web Form application to start and stop a Windows Service remotely.
I successful tested the application on Windows 2000 server + IIS. I must
include the ASPNET user
to the...
|
by: James |
last post by:
I have a VB windows forms application that accesses a Microsoft Access
database that has been secured using user-level security. The
application is being deployed using No-Touch deployment. The...
|
by: Amjad |
last post by:
Hi,
I just wrote a test Windows Service that creates a text file on startup
(please see my code below). The file is never created.
Protected Overrides Sub OnStart(ByVal args() As String)
Dim...
|
by: =?Utf-8?B?Q2Fubm9kYWwxOQ==?= |
last post by:
I'm having a problem getting the accurate information to the guide.. Its
saying its soposted to be this one show, and its somthing else.. I've double
check my setting for what general area, and I...
|
by: =?Utf-8?B?SnJ4dHVzZXIx?= |
last post by:
I just started using Windows Live OneCare, I had been using Norton, but was
unable to fix the problems I was having. I have yet been unsuccessful with
OneCare as well. I keep getting the same...
|
by: Max2006 |
last post by:
Hi,
I am trying to limit my wcf service endpoint to response to only given
windows user or group. How can I do that? Is there any way to configure that
in the .config file?
Thank you,
Max
|
by: josequinonesii |
last post by:
I've searched, I've read, I've tested and re-read numerous post but to no avail yet...
Quite simply, the settings I've applied to my httpd.conf, httpd-vhost.conf and my hosts files simply does not...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |