|
Do you mean when running you site from Visual Studio in debug mode?
I can't see a reason why not, but maybe you are running on different IIS while debugging?
Try to add as much relevant info as you have...
I'm not questioning your powers of observation; I'm merely remarking upon the paradox of asking a masked man who he is. (V)
תפסיק לספר לה' כמה הצרות שלך גדולות, תספר לצרות שלך כמה ה' גדול!
|
|
|
|
|
|
The link you show us here is ****. You can use a simple function like
public static void ProtectConfiguration()
{
Configuration config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
config.ConnectionStrings.SectionInformation.ProtectSection(null);
config.Save(ConfigurationSaveMode.Full, true);
}
|
|
|
|
|
if your way encryption, decryption can still be, but the example above you do not decipher if you do not have private const string SharedSecret = "?????";
|
|
|
|
|
Hi,
I would like to write a console app that can determine the local administrator account using its SID and then change the password. I have been using a vbscript to do this but ran into an issue where it no longer works properly (long story). I would like to rewrite this as a C# console app instead. I am hoping that a compiled app will sufficiently hide the password being used which would be present in the source code.
The vbscript uses the WMI Win32_UserAccount namespace to determine which local account belongs to the administrator. It's done this way because you don't always know the name of the administrator account (it's renamed for increased security).
I'm fairly new to C# and I'm not sure where to start. I have been doing some searches for awhile now but I'm not finding any good sources on using WMI with C# or any other method for that matter.
What is the proper way to approach this task? Is WMI the wrong way to go about it? I think using WMI would be the easiest approach if I could figure out how to use it. I think I'll need a reference to System.Management for starters.
I'm not necessarily looking for someone to give me a solution but rather offer guidance to get me on the right track. I really want to learn C# but it feels like a huge task at this point even for this simple project. The language is enormous!
Thanks,
Rob
|
|
|
|
|
robwm1 wrote: which would be present in the source code.
Ummm... may I recommend a command-line parameter?
|
|
|
|
|
I could use the command "net use" to change the password but I need the local admin's username first. That is the part I'm having trouble with.
|
|
|
|
|
it doesn't sound 'too hard' in c# - I guess its far for me to suggest that
a) using MSAD is a better choice
b) hiding the password in a compiled app, well, it can still be discovered - it all depends on a risk analysis of what the threats are as to wether that risk is acceptable
c) you could do a first cut with C# & WMI since you know WMI already - I personally don't like WMI, I feel it has too much overhead, I may get shouted down for that comment - but heck, if it works and you're happy with it - else translate out the WMI parts for 'native' C# (which may also be p/invokes since C# doesn't cover every possible Win32 API)
d) how is this program supposed to run ? obviously someone could simply stop it running - which is a risk in itself
e) what if the program 'breaks' - how do you then get access to that machine/account ? ( a back-door ? [shiver] )
There is plenty (even here on CP) about using WMI with .Net - there's even a tool somewhere, Im still looking for the reference that iirc build the WMI query for you
Have a look at this for example while I try to find the tool I was thinking of .. http://www.developerfusion.com/article/5450/using-wmi-from-managed-code/[^]
Don't be discouraged - even by my questions - if you have a good enough reason, and there's no other way, then ya gotta do what ya gotta do
|
|
|
|
|
Garth,
a) MSAD - If you're suggesting GPO, information security rejected that method because the communication is all clear text.
b) My executable will be inspected before it is adopted to see how easily the password can be discovered. Only then will I be able to deploy it. I'm currently using Microsoft Encoder to encode my vbscript. VBS becomes VBE but it is only protection from casual browsing. That has been acceptable for the last 13 years, so I'll have to see if I can gain approval. I can report back the result for those that are curious.
c) I don't use WMI much but there are some cases where it's pretty handy. I get what you're saying about overhead. It does noticeably slows things down. Another method that is perhaps more efficient would be to read the keys from HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList into an array and look for the local admin. I don't know if the SID is the same for local admin across all computers but I'd lean towards that it's not the same. I notice the username isn't located in those profiles but WMI will expose that information.
d) This app would run hidden/silent on a daily basis. Our users aren't savvy enough to kill the process. It would happen in a random fashion and run in a split second. This has been considered acceptable risk.
e) In the event a password doesn't seem to be working properly, we have accounts to get around that.
I haven't found very much info on C# and WMI so far. I do know where to find a list of WMI classes. I can also figure out which properties are available with each class. I find MSDN to be difficult to understand at times until you understand the basic concepts. You can literally get lost in all of the documentation.
I'm not discouraged. I've found everyone in this forum to be very helpful and professional. Every project you can come up with is a bit of a puzzle. It's fun to work as a community to find solutions...
|
|
|
|
|
|
I wouldn't be opposed to writing this in C++ especially if I can encrypt the password. I haven't written any code yet so perhaps I should investigate this avenue. C# and C++ aren't that different.
|
|
|
|
|
I wouldn't make encryption the deciding factor between the choice of c++ or c# - encryption can be done well in either platform
|
|
|
|
|
So it is possible to use encryption in some way with C#? That would certainly be a desirable feature. I didn't even know you could use encryption unless I'm not fully understanding what you're saying.
|
|
|
|
|
most certainly yes - there's a whole 'namespace' System.Security.Cryptography - some of its abilities are here http://msdn.microsoft.com/en-us/library/e970bs09(v=vs.100).aspx[^]
ok, so, let me ask a questions about your 'process'
how are you going to 'start' it - are you for example going to run this new program, and pass into it (maybe via the commandline) the current password (possibly encrypted), just as a 'start' step to transition off your script
so far you've got
a) get the current password (possibly command line)
b) possibly decrypt the current password
c) find the local Administrator account
d) derive a new random password
e) change the Administrator account password to the new password
f) store the new password & possibly Administrator account name [somewhere], encrypted
g) possibly email an administrator the machine name, administrator account name, password, all encrypted with some other 'key'
|
|
|
|
|
The application will be deployed via System Center Configuration Manager 2012 to all client workstations. I haven't written any Pseudocode yet but I would basically do the following:
Set variable to new password of my choosing (it is the same on all workstations)
Find the local administrator account
Reset the local administrator password
Output the results to event viewer log
This solution only needs to be very simple.
I just found out from information security that if they can see the password within the EXE, they will accept it as a temporary solution. Not sure if this is a waste of time or not. It sounds like they will be looking for a commercial solution in the end.
modified 5-Nov-14 18:50pm.
|
|
|
|
|
Hello,
I need a sample code to implement the Conditional Activities (IfElse, IfElseBranch and While Activity). I want to implement it using C# code. Kindly provide a sample or an example of to implement the Activity
|
|
|
|
|
We do not do your homework: it is set for a reason. It is there so that you think about what you have been told, and try to understand it. It is also there so that your tutor can identify areas where you are weak, and focus more attention on remedial action.
Try it yourself, you may find it is not as difficult as you think!
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
In my WPF application, if I click a button, it invokes a producer-consumer process.
private async void Start_Click(object sender, RoutedEventArgs e)
{
try
{
var producer = Producer();
var consumer = Consumer();
await Task.WhenAll(producer, consumer);
It will create some static results.
I want to generate a report by them then.
private void Summary()
{
}
My question is where can I call the method Summary()
I think is that to create another task, then still place it in the button event.
So the code will be like:
await Task.WhenAll(producer, consumer,Summary);
Is that correct?
Thanks.
|
|
|
|
|
My web application consume web service developed in ASP.NET C# When I try to run
it takes to long to respond, How can I resolve this issues
thx.
|
|
|
|
|
We can't answer that: we can't see your screen, access your HDD, or read your mind.
We don't even know what you consider "too long"! For some applications a couple of seconds will be "too long" - for others, a couple of milliseconds needs speeding up: but we can't tell.
Please, try giving a better idea of exactly what is going on: what your service does, where it is in relation to your app, how long it takes to respond and so forth. Because we can't help based on no information!
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
Hi,
To test the webservice use SOAPUI tool. This is open Source and a completely free tool. You can also use .NET tool provided to test the webservice.
Check the following for your webservice response
Network response.
Database.
Resources.
Do the ping or telnet request to the objects and servers your webservice is trying to access.
|
|
|
|
|
|
|
i capture image from webcam and displayed in dynamicDotNetTwain1 i want to save this image into my local sql server for show it in picture box.
could please help regarding the same.
|
|
|
|
|