G'day group.
Currently our organization us using VB6 based applications, and I am
trying to push forward and migrate some of the smaller things to
VB.NET, eventually migrating all applications from VB6 and other legacy
languages/systems (Pure VBScript, DataEase, etc.) over to .NET.
Currently, *all* user data is stored on network shares. When a user
logs in to a workstation, their home drive is mounted from one share,
all of their settings are copied down to the machine, and they are good
to go. The only thing installed on the local HD is the OS itself
(Windows XP SP2) and any "native" applications. Native applications
are controlled by another body in our organization, so smaller programs
that we create ad-hoc must be installed in one of two ways:
- Manually going up to the machine and installing it; we have local
admin rights to machines so we can do this
- Installing the application on a network share, and have the user run
it from there.
The majority of our ad-hoc apps are run from Network shares. This
makes updates a lot easier, since we only have to update one copy and
everyone gets it.
Now, I've been attempting to do some things with .NET, but run into
problems because we use network shares everywhere, so I keep getting
security issues since nothing is run from the local HD. Even my
development environment uses network shares to store data, so I can't
develop in the local HD. I did some experimenting and managed to
create Interop assemblies for COM stuff that we are currently using,
copying them to the local HD (C:\tmp\Interop for example) and setting
my .NET references to those local copies. However, this means that for
an update I'd have to go to each machine and update the local Interops.
To sum up my problem(s):
- We use a number of COM objects from third-parties
- 99% of our stuff is stored on Network shares
- We'd like to go .NET
- We'd like to simplify management of upgrades to software
- We don't have rights to change the security levels for different
zones
Can anyone make some suggestions how I can go about doing the above?
>From what I've read, COM objects have to be wrapped by Interop
assemblies before they can be used by .NET. Those assemblies can not
be on a network share in our case due to the zone security settings.
Thanks for any input.
-Patrick 6  2940 
The security issue of running .NET code that from outside of the running
computer does not mean you cannot do that. It means you have to configure
your system correctly: make the .NET code run safely.
By default, .NET consider any code which is not located/installed on the
machine as unsafe code a,d does not allow it to run, such as the code you
downloaded from the net, from the network share. You can configure your
computer to give certain trust to certain code source, such as trusted
website, a folder on the network share, or even whole intranet, the Internet
(you wouldn't trust whole Internet, would you?).
In your case, you can create a code group, which points to a folder on the
network share, give it full or partial trust (as your apps requires). Then
you can run your .NET from there.
Which version of .NET are you targeting? For 1.X, you go to Control
Panel->Administrative Tools->Microsoft .NET Framework 1.x Configuration
applet to configure a machine's .NET security setings. Or you can use
CAPOL.exe tool that comes with .NET framework. YOu may need to do some study
on how to do that.
With 2.0, unfortunately, there is no GUI tool (Microsoft .NET Framework 2.0
Configuration applet is only available if you have .NET2.0 SDK installed,
meaning only .NET developers have it), you have to use command line tool
CAPOL.exe.
<te****@gmail.comwrote in message
news:11*********************@p79g2000cwp.googlegro ups.com...
G'day group.
Currently our organization us using VB6 based applications, and I am
trying to push forward and migrate some of the smaller things to
VB.NET, eventually migrating all applications from VB6 and other legacy
languages/systems (Pure VBScript, DataEase, etc.) over to .NET.
Currently, *all* user data is stored on network shares. When a user
logs in to a workstation, their home drive is mounted from one share,
all of their settings are copied down to the machine, and they are good
to go. The only thing installed on the local HD is the OS itself
(Windows XP SP2) and any "native" applications. Native applications
are controlled by another body in our organization, so smaller programs
that we create ad-hoc must be installed in one of two ways:
- Manually going up to the machine and installing it; we have local
admin rights to machines so we can do this
- Installing the application on a network share, and have the user run
it from there.
The majority of our ad-hoc apps are run from Network shares. This
makes updates a lot easier, since we only have to update one copy and
everyone gets it.
Now, I've been attempting to do some things with .NET, but run into
problems because we use network shares everywhere, so I keep getting
security issues since nothing is run from the local HD. Even my
development environment uses network shares to store data, so I can't
develop in the local HD. I did some experimenting and managed to
create Interop assemblies for COM stuff that we are currently using,
copying them to the local HD (C:\tmp\Interop for example) and setting
my .NET references to those local copies. However, this means that for
an update I'd have to go to each machine and update the local Interops.
To sum up my problem(s):
- We use a number of COM objects from third-parties
- 99% of our stuff is stored on Network shares
- We'd like to go .NET
- We'd like to simplify management of upgrades to software
- We don't have rights to change the security levels for different
zones
Can anyone make some suggestions how I can go about doing the above?
>>From what I've read, COM objects have to be wrapped by Interop
assemblies before they can be used by .NET. Those assemblies can not
be on a network share in our case due to the zone security settings.
Thanks for any input.
-Patrick
Norman Yuan wrote:
The security issue of running .NET code that from outside of the running
computer does not mean you cannot do that. It means you have to configure
your system correctly: make the .NET code run safely.
This I know.
By default, .NET consider any code which is not located/installed on the
machine as unsafe code a,d does not allow it to run, such as the code you
downloaded from the net, from the network share. You can configure your
computer to give certain trust to certain code source, such as trusted
website, a folder on the network share, or even whole intranet.
This too.
In your case, you can create a code group, which points to a folder on the
network share, give it full or partial trust (as your apps requires). Then
you can run your .NET from there.
The problem is that if I go this route, I have to go to each computer
in our organization (over 100) and manually configure them to trust
that code group, don't I? To make matters worse, since someone else
manages the network, they have locked down many of the security
features and configurable options in XP.
>
Which version of .NET are you targeting?
VB.NET 2.0, from the latest MSDN CD's (VS 2005 Pro from the Dec/2005
disc-set).
With 2.0, unfortunately, there is no GUI tool (Microsoft .NET Framework 2.0
Configuration applet is only available if you have .NET2.0 SDK installed,
meaning only .NET developers have it), you have to use command line tool
CAPOL.exe.
I've probably got that disc kicking around in these MSDN binders, I'll
see if I can find it.
Short of creating a trusted code group, am I SOL? Does the security
only apply to shared libraries and the like? For arguments sake, if I
had a one-file executable compiled statically, and ran that straight
from a network share, would it work at all?
[Sorry if I've horribly mangled some terminology -- I took a .NET
course a year ago and havne't touched .NET since! The learning curve
has been steep the past few days but it's all coming back now.
Unfortuantely the course didn't cover much in the way of deployment.]
Thanks,
Patrick
Tendim,
Did you ever made a document longer than this message "Why I have everything
on Shares?"
Mostly is this a habbit from the time that the Hard Disk was very expensive
(about 25 years ago) to buy, so a lot of Lan inventors have sold that as a
cheap way to use Disk. People still believe that it is a good idea to do
that.
Data should be on a Server because of security, sharing and backup reasons.
A copy of a program can be everywhere, the best as thight to the processor
as possible to save high LAN costs and backup trouble.
Just my thought,
Cor
<te****@gmail.comschreef in bericht
news:11*********************@p79g2000cwp.googlegro ups.com...
G'day group.
Currently our organization us using VB6 based applications, and I am
trying to push forward and migrate some of the smaller things to
VB.NET, eventually migrating all applications from VB6 and other legacy
languages/systems (Pure VBScript, DataEase, etc.) over to .NET.
Currently, *all* user data is stored on network shares. When a user
logs in to a workstation, their home drive is mounted from one share,
all of their settings are copied down to the machine, and they are good
to go. The only thing installed on the local HD is the OS itself
(Windows XP SP2) and any "native" applications. Native applications
are controlled by another body in our organization, so smaller programs
that we create ad-hoc must be installed in one of two ways:
- Manually going up to the machine and installing it; we have local
admin rights to machines so we can do this
- Installing the application on a network share, and have the user run
it from there.
The majority of our ad-hoc apps are run from Network shares. This
makes updates a lot easier, since we only have to update one copy and
everyone gets it.
Now, I've been attempting to do some things with .NET, but run into
problems because we use network shares everywhere, so I keep getting
security issues since nothing is run from the local HD. Even my
development environment uses network shares to store data, so I can't
develop in the local HD. I did some experimenting and managed to
create Interop assemblies for COM stuff that we are currently using,
copying them to the local HD (C:\tmp\Interop for example) and setting
my .NET references to those local copies. However, this means that for
an update I'd have to go to each machine and update the local Interops.
To sum up my problem(s):
- We use a number of COM objects from third-parties
- 99% of our stuff is stored on Network shares
- We'd like to go .NET
- We'd like to simplify management of upgrades to software
- We don't have rights to change the security levels for different
zones
Can anyone make some suggestions how I can go about doing the above?
>>From what I've read, COM objects have to be wrapped by Interop
assemblies before they can be used by .NET. Those assemblies can not
be on a network share in our case due to the zone security settings.
Thanks for any input.
-Patrick
Hi Cor.
Cor Ligthert [MVP] wrote:
Data should be on a Server because of security, sharing and backup reasons.
A copy of a program can be everywhere, the best as thight to the processor
as possible to save high LAN costs and backup trouble.
I agree, but from a maintanence perspective that is over 100 machines
that would have to be physically updated on a weekly basis due to code
changes and the like; we are a very active site with changes occuring
continuously due to outside specifications outside of our control. :(
If I could figure out a way to push changes down automatically to the
computers on a daily/weekly basis, that would be sufficient as well.
Unfortuantely I don't think anyone on our site has security to do so
from a network-administrative perspective.
Thanks,
-p
Tending,
Ever looked at the "Click once" technique or whatever name there is used for
that.
Microsoft is updating every month probably many million computers. The
technique is the same as you can use. http://msdn.microsoft.com/msdnmag/is...e/default.aspx
I took the first article I could find, I did not read it, it is one of
thousands
Cor
<te****@gmail.comschreef in bericht
news:11**********************@i3g2000cwc.googlegro ups.com...
Hi Cor.
Cor Ligthert [MVP] wrote:
>Data should be on a Server because of security, sharing and backup
reasons.
A copy of a program can be everywhere, the best as thight to the
processor
as possible to save high LAN costs and backup trouble.
I agree, but from a maintanence perspective that is over 100 machines
that would have to be physically updated on a weekly basis due to code
changes and the like; we are a very active site with changes occuring
continuously due to outside specifications outside of our control. :(
If I could figure out a way to push changes down automatically to the
computers on a daily/weekly basis, that would be sufficient as well.
Unfortuantely I don't think anyone on our site has security to do so
from a network-administrative perspective.
Thanks,
-p
I agree with Cor.
I only place some very simply .NET Winform apps that are used occasionally
on our office's network share. and make one specific entry on the new
computer setup checklist that will make sure a specific code group is set up
and pointing to that network share.
But, for any regular .NET Winform app, I use "Click Once" to deploy since
..NET2.0, it make deployment and update very enjoyful, seeing that whenever
user starts my app, he alway gets the latest version auotmatically.
<te****@gmail.comwrote in message
news:11**********************@i3g2000cwc.googlegro ups.com...
Hi Cor.
Cor Ligthert [MVP] wrote:
>Data should be on a Server because of security, sharing and backup
reasons.
A copy of a program can be everywhere, the best as thight to the
processor
as possible to save high LAN costs and backup trouble.
I agree, but from a maintanence perspective that is over 100 machines
that would have to be physically updated on a weekly basis due to code
changes and the like; we are a very active site with changes occuring
continuously due to outside specifications outside of our control. :(
If I could figure out a way to push changes down automatically to the
computers on a daily/weekly basis, that would be sufficient as well.
Unfortuantely I don't think anyone on our site has security to do so
from a network-administrative perspective.
Thanks,
-p
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: brian.oneil2 |
last post by:
Is there a way to install this onto a network file share and allow a
team to access it? I would say share a CD from a networked CD drive,
but there are multiple CD's that would have to be inserted....
|
by: Lam |
last post by:
HI
anyone knows how can I open a mapped network file in C#?
I try string file = @"T:\file.txt"; it shows me the error: "Could not find
a part of the path"
but if I copy the file to my C dirve,...
|
by: Gerben van Loon |
last post by:
Hi there, hope someone can help me on this:
I'm planning to deploy several ASP.NET projects to a production server.
Normally I used the "Project / Copy project" option in VS.NET, but to this...
|
by: musosdev |
last post by:
Hi guys
Okay, I've setup my projects to open and compile fine in VS2005 using FPSE
and remote web, but it's *really* slow. So I thought I'd have a go at doing
it the normal way, by loading from...
|
by: Jeremy S. |
last post by:
We're in the process of writing a new Windows Forms app and the desktop
support folks want for it to be run from a network share. I know it's
possible (i.e., just have the framework on the clients...
|
by: John Kotuby |
last post by:
Hello all,
Note: This is the full version of a Post that I inadvertently sent before it
was complete.
About a year ago I wrote a VB.NET 2003 solution that consists of a number
of assemblies...
|
by: David P. Donahue |
last post by:
I have a relatively simple .NET application that I'm trying to deploy to
a Citrix server. However, when I try to run it on that server (just
using Remote Desktop, not even going through Citrix...
|
by: Keld R. Hansen |
last post by:
I am coding a .NET 2.0 application that needs to be able to run from a
network share (intranet), but the security settings does not allow me to do
this by default.
How can I - in the...
|
by: Akut |
last post by:
hi,
I need some help , I have developed an application that needs to connect to over 30 reports designed using crystal reports 10 with are located on a shared drive on the network which...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
| |
