How to get Local development STS running - security

I am in need of help getting Local Development STS running. I just started with MSDN tutorials and got stuck when trying to build WCF service using WIF. So far I did following:
Installed "Identity and Access Tools" in my Visual Studio 2012
Created new WCF Service project in new solution
Right clicked projects name and selected "Identity and access..."
Selected "Use the Local Development STS" option on first tab and changed token
type to "SAML 2.0" on "Local Development STS" tab
Clicked "Ok"
I end up with following that informs me about problems with certificate:
I verified that the file is there physically.
I verified access to it - System, Administrators and my user have full access to it (only last option is unchecked)
I tried to install the certificate manually, but it is protected with password and I cant find it anywhere
I tried to toy around with "Identity and Access..." wizard
I tried to google the answer
I tried to check if I have certificate like that installed, there are tree Personal certificates in my Local Machine store, but I have no idea how to check their subject or whatever else
So far I wasn't successful. Could anyone advise how to fix the situation, so I can be sure I have proper certificate installed, I would be eternally grateful.
Erchi

Are you using the .NET 4.5 tutorials - WIF Code Sample Index?
To check the subject:
Start / Run / mmc
File / Add - Remove Snap In
Certificates - Add.
My User Account - Finish - OK
Expand the tree as required - double click on certificate - Details.

Related

SharePoint 2019 Installation problem in SharePoint Workflow Manager

I am facing issue "Downloaded file failed system verification and may have been tampered with" while installing new Work flow manager. I have tried through Web Platform Installer and also tried by offline webpicmd but still issue is there.
I am attaching screen shot below:
Please check this link https://fixingsharepoint.blogspot.com/2021/02/download-file-failed-signature.html. I found solution in it.
All you have todo is get the Workflow_Manager.msi file and from powershell prompt (in the same directory you have Workflow_Manager.msi file) and try this
./Workflow_Manager.msi IACCEPTEULA=yes WEBPI=1

SharePoint 2016 - Copying content DB from Prod to Dev

I tried to copy the content DB from Prod to Dev server for the first time in my SP 2016 environment. Both the environments build versions are same (16.0.4705.1000). However in the prod under "Manage Patch Status" I see one extra Feature Pack 2 patch (16.0.4588.1001).
https://support.microsoft.com/en-us/help/4011127/descriptionofthesecurityupdateforsharepointserver2016september12-2017
Now when I am doing Mount-SPContentDatabase, I get the following error.
Mount-SPContentDatabase : An extension defined in the database is not registered with the farm.
In the ULS I see the following information. It says the project server database extensions are missing.
Following are my questions,
Is this because I have installed Feature Pack 2(link above) in Prod which has security updates for Project server? We don't have project server enabled in either of the environments.
Can I install the Feature Pack 2 in Dev now even though it has higher security update already installed? Isn't the later patch includes everything that was released in the previous patches?
This is just for my understanding. In the manage patch status why does the Install Status for feature pack 2 shows as "Superseded" even though I have other later patches?
Tried Restore-SPsite as well but getting error "The extension set does not match."
Had the same problem during the migration from 2016 -> 2019.
My solution:
Register the missing extension https://techcommunity.microsoft.com/t5/sharepoint-support-blog/upgrading-a-content-db-from-sharepoint-2016-to-sharepoint-2019/ba-p/1374209 (look at the bottom of the post)
remount the contentDB
Required code to perform the registration in step 1:
Check extensions in old farm
$contentservice=[Microsoft.sharepoint.Administration.SPwebservice]::ContentService
$contentservice.RegisteredDatabaseExtensionTypes >> SP2016Farm_registered_Extn.txt
Check extensions in new farm
$contentservice=[Microsoft.sharepoint.Administration.SPwebservice]::ContentService
$contentservice.RegisteredDatabaseExtensionTypes >>SP2019Farm_registered_Extn.txt
Register missing extension in new farm
$svc = [Microsoft.SharePoint.Administration.SPWebService]::ContentService
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.Office.Project.Server.Database.Extension") | FL
$svc.RegisteredDatabaseExtensionTypes.EnsureAdded([Microsoft.Office.Project.Server.Database.Extension.ProjectDatabaseExtension])
$svc.Update($true)
In my case i did the steps below before i have registered the missing extension, but i think/hope there is no need to do that.
Powershell: Enable-ProjectServerLicense (Trail License)
Check running Sharepoint CA > ProjectServer Service
Check/create Sharepoint CA > ProjectServer Application

msdeploy.axd returns 404

I'm trying to setup webdeploy on IIS8, but why am I getting 404 when accessing both https://[servername]:8172/msdeploy.axd and https://localhost:8172/msdeploy.axd locally.
I've installed management service.
I've installed webdeploy 3.5 using web platform installer. In Program and Features a changed the instalation of webdeploy to include all features including the handler.
In IIS Manager I've chosen Configure Web Deploy Publishing for default website's context menu.
I've restarted management service.
when i tried https://[servername]:8172/msdeploy.axd I was asked to enter credentials and accept the certificate. after that I got 404.
I've uninstalled webdeploy and installed using MSI manually including all features.
restarted entire server.
getting 404.
I don't believe you can open the service from a browser. I attempted that against a dev server that we deploy to many times a day and also received a 404. I would try deploying from VS instead as a test.
Also if anyone comes here and is using Visual Studio Publish dialog and the "Validate Connection" button fails: do NOT use the button when creating. Just click Ok, then Edit (in More actions menu).
In the Connection tab, click Validate Connection. This time it will asks you to accept an invalid certificate (since you likely self-signed it on your server). Accept it and the connection should go through.

why does xamarin suddenly not let me deploy to iOS devices

This just started happening today after I got a message from xcode to agree to new t&c's.
I can't put anything on the device, on any of my computers.
Doesn't work on my macbook, doesn't work on my mac mini, doens't work with existing projects that worked fine until yesterday, doesn't even work with completely new projects.
I constantly get the message:
writeDictToFile:1241 open failed for
/Users/georgecook/Desktop/test/iOS/obj/iPhone/Debug/mtouch-cache/install-shadow-directory/339bee33bc83c8e05fbd004dcc732c0b/20715d40747e047ba8a4ce4c1d2672ef90161df5/ManifestCache.plist
: No such file or directory MDMCacheDirectoryManifest:1315
writeDictToFile failed to write to
/Users/georgecook/Desktop/test/iOS/obj/iPhone/Debug/mtouch-cache/install-shadow-directory/339bee33bc83c8e05fbd004dcc732c0b/20715d40747e047ba8a4ce4c1d2672ef90161df5/ManifestCache.plist
: No such file or directory error MT1006: Could not install the
application
'/Users/georgecook/Desktop/test/iOS/bin/iPhone/Debug/test.iOS.app' on
the device Gandalf the white: Your application failed code-signing
checks. Check your certificates, provisioning profiles, and bundle
ids. Probably your device is not part of the selected provisioning
profile (error: 0xe8008015).
No idea why this is suddenly happening - this is really not good - how to resolve this?
I tripped over this one recently too.
The key is this part of the message:
Your application failed code-signing checks. Check your certificates, provisioning profiles, and bundle ids. Probably your device is not part of the selected provisioning profile
Likely, your provisioning profile has expired. The easiest way to solve this is to launch Xcode, create an empty project, and hit Run. This will go over a series of dialog boxes offering you to fix your provisioning profile until it deploys. Once this happens, you can switch back to Visual Studio/Xamarin Studio and deploy.
One reason this can happen is if you have multiple developer accounts set up in XCode. Here are the steps
Verify that your device is on Apple member center
Verify that your device is part of the relevant provisioning profile
Repeat steps 1 and 2 for each account
Create a new project in XCode and run it on the device. XCode may ask you to select the team (if you have multiple accounts)
If you have multiple developer accounts (teams) set up in XCode, the repeat step 4 each time with a new project and select a different team each time.
These steps ensure that XCode clears the way for Xamarin. The idea is that Xamarin does not allow you to decide which "team" to use, so you want to make sure that XCode has done the setup for EVERY team.
I just had this ManifestCache.plist : No such file or directory problem. I checked device logs (View -> Pads -> iOS Device Log) to see why it was happening. Logs said it was rejecting an upgrade. Upgrade, I thought to myself, that doesn't sound right...then I remembered I had an app on my iPhone with the same identifier to.dima.application from a previous version which I forgot to uninstall. Removing the old app cleared up this issue for me. Hope this helps anyone else who has the same problem! :)
It works! I have found the solution.I was facing the same problem. Somehow there was a misconfiguration in Xamarin. The entitlements.plist had a wrong manuel entry. The cert ist checking all the values in it and if you have a manuel entry there it is not working anymore. Apple is searching somehow only for own entry they are needing.
I spent sometime on developer portal to find out the problem, it occurs because of distribution APNS or development. It did not fixed, after restoring all provisioning profiles and certificates, . In my case solution was letting Xamarin choose signing profiles. I did not use info.plist auto signing which did not solve either but changing Project -> iOS Bundle Signing -> Signing identity, Provisioning Profile Auto solved all issues for development and production cases.
I had the same issue, and so I opened Xcode and updated all my profiles, but nothing happened. So I added the device UDID in the developer portal to the team I was developing for, went to Xcode and updated the profiles again, and then it worked. Don't know if the device must be registered to be able to build to device or this triggered some other update to my profiles that suddenly made it work.
Today they published a new revision of the Apple Developer Licence agreement.
The error message was essentially the same as OP's. The true reason only became apparent when creating a new project in XCode on the Mac, where more useful warnings show up in the "Deployment info" section of the "General" tab.
I had to log in to apple.developer.com, there was a red panel asking me to accept the new licence conditions, and as soon as I did that, deploying apps from Xamarin immediately worked again.

Compiling the GKRocket demo without Provisioning and Code Signing

I understand the need to provision apps when you are getting close to deployment; however, right now, I am just trying to play with some sample code. Specifically, the GKRocket demo that ships with iOS 4.2 SDK. I want to compile and run it; however, I get the following error:
Code Sign error: a valid provisioning profile matching the application's Identifier 'com.apple.GKRocket' could not be found
The readme.txt claims "Build the game simply by opening it with Xcode and clicking on Build and Go."
I just read the following thread
Code Sign Error When Building iPhone Application
and the following
http://developer.apple.com/ios/manage/bundles/index.action
Since the app is using the NSNotificationCenter, it leads me to believe that I need an AppID. But shouldn't the demo already be pointing to and AppID setup by Apple for the demo code?
The plist shows
Bundle identifier com.apple.${PRODUCT_NAME:rfc1034identifier}
any ideas on what I should do to compile and run this in the simulator?
Update:
I was able to get it running by code signing, but never could compile without it :(
It appears since the GKRocket Demo is using the NSNotification Center that in fact you need to sign your code. You can sign your code with your/or your team cert. Change the Project -> Project Settings -> Code Signing Identity to use your cert. Note: If you don't have your cert, and you paid the $99 dev license go through the steps here.
Then open the plist file and change the bundle to your domain name.
Also, to get the GKRocket Demo running, make sure you turn on Bluetooth in your network settings.
System Preferences -> Bluetooth. Turn it on and check discoverable. Then go into advanced settings
Install your app on your iPhone with a build and run. Close the debugger. Then start your app in the local iOS simulator. Now manually run your app on your phone.

Resources