473,240 Members | 1,641 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,240 software developers and data experts.

Get Windows Group Name

Hi

I need to create a MessageQueue in my C# service (running as SYSTEM). Users
will have no permissions on this queue, so I can't look if messages are
present. When setting MessageQueue.SetPermissions, I have the problem of
knowing the Windows Group Name. I'd like to set Full Control to either Users
or Everyone (doesn't really matter), but the service might run under English
(Users, Everyone) or German Windows (Benutzer, Jeder). On a German Windows,
SetPermissions failes with "Everyone" and succeeds with "Jeder".
How can I get the locale-specific name of a role, say "Users"?

Or is there a much easier way to set Full Control Permissions on a
MessageQueue for Everyone?

Thanks a lot
Simon
Jul 22 '05 #1
4 5902
Can you p/invoke the LookupAccountName API, passing in the SID of the group
you want to use? Everyone and Authenticated Users are both well-known SID
values that don't change, so that might be a good way to get the localized
version.

It is too bad that the .NET MQ API won't take a SID directly as then you
would not have this problem.

Joe K.

"Simon Niederberger" <si***@sincore.ch> wrote in message
news:ec**************@TK2MSFTNGP14.phx.gbl...
Hi

I need to create a MessageQueue in my C# service (running as SYSTEM).
Users
will have no permissions on this queue, so I can't look if messages are
present. When setting MessageQueue.SetPermissions, I have the problem of
knowing the Windows Group Name. I'd like to set Full Control to either
Users
or Everyone (doesn't really matter), but the service might run under
English
(Users, Everyone) or German Windows (Benutzer, Jeder). On a German
Windows,
SetPermissions failes with "Everyone" and succeeds with "Jeder".
How can I get the locale-specific name of a role, say "Users"?

Or is there a much easier way to set Full Control Permissions on a
MessageQueue for Everyone?

Thanks a lot
Simon

Jul 22 '05 #2
Great, got that to work. However, now my assembly has an Win32API call, so
for deployment, I need full trust on the client. I found that I should add a
custom action in the setup project, but apart from that, I'm stumped.

Can you direct me to a step-by-step guide on how to make my assembly being
distributed with a Setup Project be fully trusted on the client?
(Essentially run the .NET framework 1.1 Wizard "Trust assembly" as custom
action). I'm using VS 2003.
Thanks a lot
Simon


"Joe Kaplan (MVP - ADSI)" <jo*************@removethis.accenture.com> wrote
in message news:uL*************@TK2MSFTNGP14.phx.gbl...
Can you p/invoke the LookupAccountName API, passing in the SID of the group you want to use? Everyone and Authenticated Users are both well-known SID
values that don't change, so that might be a good way to get the localized
version.

It is too bad that the .NET MQ API won't take a SID directly as then you
would not have this problem.

Joe K.

"Simon Niederberger" <si***@sincore.ch> wrote in message
news:ec**************@TK2MSFTNGP14.phx.gbl...
Hi

I need to create a MessageQueue in my C# service (running as SYSTEM).
Users
will have no permissions on this queue, so I can't look if messages are
present. When setting MessageQueue.SetPermissions, I have the problem of
knowing the Windows Group Name. I'd like to set Full Control to either
Users
or Everyone (doesn't really matter), but the service might run under
English
(Users, Everyone) or German Windows (Benutzer, Jeder). On a German
Windows,
SetPermissions failes with "Everyone" and succeeds with "Jeder".
How can I get the locale-specific name of a role, say "Users"?

Or is there a much easier way to set Full Control Permissions on a
MessageQueue for Everyone?

Thanks a lot
Simon


Jul 22 '05 #3
I thought you needed full trust to call into System.Messaging anyway since
it doesn't have the AllowPartiallyTrustedCallersAttribute. If your code is
being installed to the local machine, you will have full trust by default
anyway, so that probably isn't an issue. Are you actually get security
exceptions?

If you really feel like you need to change security policy, I'd suggest
starting a new thread as Nicole is much better at that stuff than me and can
provide you with more guidance.

Joe K.

"Simon Niederberger" <si***@sincore.ch> wrote in message
news:O$*************@TK2MSFTNGP10.phx.gbl...
Great, got that to work. However, now my assembly has an Win32API call, so
for deployment, I need full trust on the client. I found that I should add
a
custom action in the setup project, but apart from that, I'm stumped.

Can you direct me to a step-by-step guide on how to make my assembly being
distributed with a Setup Project be fully trusted on the client?
(Essentially run the .NET framework 1.1 Wizard "Trust assembly" as custom
action). I'm using VS 2003.
Thanks a lot
Simon


"Joe Kaplan (MVP - ADSI)" <jo*************@removethis.accenture.com> wrote
in message news:uL*************@TK2MSFTNGP14.phx.gbl...
Can you p/invoke the LookupAccountName API, passing in the SID of the

group
you want to use? Everyone and Authenticated Users are both well-known
SID
values that don't change, so that might be a good way to get the
localized
version.

It is too bad that the .NET MQ API won't take a SID directly as then you
would not have this problem.

Joe K.

"Simon Niederberger" <si***@sincore.ch> wrote in message
news:ec**************@TK2MSFTNGP14.phx.gbl...
> Hi
>
> I need to create a MessageQueue in my C# service (running as SYSTEM).
> Users
> will have no permissions on this queue, so I can't look if messages are
> present. When setting MessageQueue.SetPermissions, I have the problem
> of
> knowing the Windows Group Name. I'd like to set Full Control to either
> Users
> or Everyone (doesn't really matter), but the service might run under
> English
> (Users, Everyone) or German Windows (Benutzer, Jeder). On a German
> Windows,
> SetPermissions failes with "Everyone" and succeeds with "Jeder".
> How can I get the locale-specific name of a role, say "Users"?
>
> Or is there a much easier way to set Full Control Permissions on a
> MessageQueue for Everyone?
>
> Thanks a lot
> Simon
>
>



Jul 22 '05 #4
No Joe, you're absolutely right. That was an apparent newbie question. I was
testing my test.exe from a network share, which doesn't reflect the final
setup. If I move the exe to a local drive, everything is great.

So my final solution is:
Use code from http://www.codeproject.com/csharp/SidTranslator.asp
Install application locally (was gonna do that anyway)
Use SID S-1-1-0 for group "Everyone"

Thanks a lot, Joe
Simon

"Joe Kaplan (MVP - ADSI)" <jo*************@removethis.accenture.com> wrote
in message news:Oq*************@TK2MSFTNGP15.phx.gbl...
I thought you needed full trust to call into System.Messaging anyway since
it doesn't have the AllowPartiallyTrustedCallersAttribute. If your code is being installed to the local machine, you will have full trust by default
anyway, so that probably isn't an issue. Are you actually get security
exceptions?

If you really feel like you need to change security policy, I'd suggest
starting a new thread as Nicole is much better at that stuff than me and can provide you with more guidance.

Joe K.

"Simon Niederberger" <si***@sincore.ch> wrote in message
news:O$*************@TK2MSFTNGP10.phx.gbl...
Great, got that to work. However, now my assembly has an Win32API call, so for deployment, I need full trust on the client. I found that I should add a
custom action in the setup project, but apart from that, I'm stumped.

Can you direct me to a step-by-step guide on how to make my assembly being distributed with a Setup Project be fully trusted on the client?
(Essentially run the .NET framework 1.1 Wizard "Trust assembly" as custom action). I'm using VS 2003.
Thanks a lot
Simon


"Joe Kaplan (MVP - ADSI)" <jo*************@removethis.accenture.com> wrote in message news:uL*************@TK2MSFTNGP14.phx.gbl...
Can you p/invoke the LookupAccountName API, passing in the SID of the

group
you want to use? Everyone and Authenticated Users are both well-known
SID
values that don't change, so that might be a good way to get the
localized
version.

It is too bad that the .NET MQ API won't take a SID directly as then you would not have this problem.

Joe K.

"Simon Niederberger" <si***@sincore.ch> wrote in message
news:ec**************@TK2MSFTNGP14.phx.gbl...
> Hi
>
> I need to create a MessageQueue in my C# service (running as SYSTEM).
> Users
> will have no permissions on this queue, so I can't look if messages are > present. When setting MessageQueue.SetPermissions, I have the problem
> of
> knowing the Windows Group Name. I'd like to set Full Control to either > Users
> or Everyone (doesn't really matter), but the service might run under
> English
> (Users, Everyone) or German Windows (Benutzer, Jeder). On a German
> Windows,
> SetPermissions failes with "Everyone" and succeeds with "Jeder".
> How can I get the locale-specific name of a role, say "Users"?
>
> Or is there a much easier way to set Full Control Permissions on a
> MessageQueue for Everyone?
>
> Thanks a lot
> Simon
>
>



Jul 22 '05 #5

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
by: Ken Lindner | last post by:
I have a need to become familiar with SQL Server 2000 for work. Needless to say I am new to SQL Server any version, but not IT in general. My employer has provided me with the SQL Server 2000...
3
by: Christian McArdle | last post by:
REQUEST FOR DISCUSSION (RFD) unmoderated group comp.os.ms-windows.programmer.64bit This is a formal Request For Discussion (RFD) to create comp.os.ms-windows.programmer.64bit as an unmoderated...
3
by: Steven Fox | last post by:
============================================================ About DB2 Administration Tools Environment ============================================================ DB2 administration tools level:...
5
by: pberna | last post by:
Dear all, I built a Web Form application to start and stop a Windows Service remotely. I successful tested the application on Windows 2000 server + IIS. I must include the ASPNET user to the...
4
by: James | last post by:
I have a VB windows forms application that accesses a Microsoft Access database that has been secured using user-level security. The application is being deployed using No-Touch deployment. The...
3
by: Amjad | last post by:
Hi, I just wrote a test Windows Service that creates a text file on startup (please see my code below). The file is never created. Protected Overrides Sub OnStart(ByVal args() As String) Dim...
12
by: =?Utf-8?B?Q2Fubm9kYWwxOQ==?= | last post by:
I'm having a problem getting the accurate information to the guide.. Its saying its soposted to be this one show, and its somthing else.. I've double check my setting for what general area, and I...
2
by: =?Utf-8?B?SnJ4dHVzZXIx?= | last post by:
I just started using Windows Live OneCare, I had been using Norton, but was unable to fix the problems I was having. I have yet been unsuccessful with OneCare as well. I keep getting the same...
5
by: Max2006 | last post by:
Hi, I am trying to limit my wcf service endpoint to response to only given windows user or group. How can I do that? Is there any way to configure that in the .config file? Thank you, Max
6
by: josequinonesii | last post by:
I've searched, I've read, I've tested and re-read numerous post but to no avail yet... Quite simply, the settings I've applied to my httpd.conf, httpd-vhost.conf and my hosts files simply does not...
3
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 3 Jan 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). For other local times, please check World Time Buddy In...
0
by: jianzs | last post by:
Introduction Cloud-native applications are conventionally identified as those designed and nurtured on cloud infrastructure. Such applications, rooted in cloud technologies, skillfully benefit from...
0
by: abbasky | last post by:
### Vandf component communication method one: data sharing ​ Vandf components can achieve data exchange through data sharing, state sharing, events, and other methods. Vandf's data exchange method...
2
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 7 Feb 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:30 (7.30PM). In this month's session, the creator of the excellent VBE...
0
by: fareedcanada | last post by:
Hello I am trying to split number on their count. suppose i have 121314151617 (12cnt) then number should be split like 12,13,14,15,16,17 and if 11314151617 (11cnt) then should be split like...
0
by: stefan129 | last post by:
Hey forum members, I'm exploring options for SSL certificates for multiple domains. Has anyone had experience with multi-domain SSL certificates? Any recommendations on reliable providers or specific...
1
by: davi5007 | last post by:
Hi, Basically, I am trying to automate a field named TraceabilityNo into a web page from an access form. I've got the serial held in the variable strSearchString. How can I get this into the...
0
by: Aftab Ahmad | last post by:
Hello Experts! I have written a code in MS Access for a cmd called "WhatsApp Message" to open WhatsApp using that very code but the problem is that it gives a popup message everytime I clicked on...
0
by: Aftab Ahmad | last post by:
So, I have written a code for a cmd called "Send WhatsApp Message" to open and send WhatsApp messaage. The code is given below. Dim IE As Object Set IE =...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.