I have a simple startup.cmd script which runs some net commands to create a new user and add the user to the administrator group.
I got the script from this blog. I have run the net commands in a elevated CMD session and they work correctly. but running this on my developer machine just sees the role hanging.
Is there some trick i'm missing?
startup.cmd file contents:
net user dataAdmin thepassword /add
net localgroup Administrators dataAdmin /add
the relevant snippet from the servicedefinition file:
the startup.cmd is set to build action = Content and Copy Always for the copy to output directory
I haven't tried this in azure production yet. I will attempt to push it into staging later today.
UPDATE
At BStateham's suggestion I checked the event logs on my machine:
Under 'Windows Azure' there is a error logged:
User program "..\SLC.DataRole\approot\bin\startup.cmd" exited with non-zero exit code 1
Any idea what that is supposed to mean?
Based on your comments it looks like you discovered this but a critical requirement is that the startup cmd file has the correct encoding, and
"Be sure to create it with notepad or another ASCII text editor… batch
files created in Visual Studio seem to have a byte order mark at the
top that makes them fail when executed."
Also this and this this are good references for some other common issues with startup commands.
Related
Can anyone help as I am unable to execute the azure functions and getting this error message everytime.
Indeed, this is an antivirus policy issue. One can confirm this by going to your antivirus logs. I was using Symantec.
Steps to view logs in Symantec -
Open Symantec>View Logs>Client Management>View Logs.
The logs will contain an entry with keyword "BLOCK" with the path of blocked exe (as in snapshot attached in question).
1/27/2020 4:04:05 PM User Event 10 Block [AC1-1.1] List all applications you want to block below, by clicking the Add button. - Target MD5=d028f52957a8759ccbe6845e79090898 - Target Arguments="host start --port 7071 --pause-on-error" Create Process 0 1/27/2020 4:03:04 PM 1/27/2020 4:03:04 PM Block applications from running | [AC1-1.1] Block these applications 10.202.100.23 16776 C:\Users\<username>\AppData\Local\AzureFunctionsTools\Releases\2.43.0\cli_x64\func.exe 200704 Bytes Alert
Once my security team updated the policy, the azure function ran perfectly!
Finally after two days of struggle I got the answer. The Azure core Tools emulator "func.exe" is located in AzureFunctionstools folder which is located in appdata.
Appdata folder is the place for all the applications to install their configrations and helping component like .dlls or so. And, thus Appdata is an important folder which is hidden by default.
In many case changing the visibility of appdata folder from hidden to visible resolves the problem.
I tried to execute a sample exe from inside and outside of appdata folder and the sample exe was not accessible when it was inside appdata. Same scenario happens with "func.exe", it was executing outside of appdata folder. It was a clear indication that something is restricting access. and only an antivirus would do that.
I make changes in the antivirus policy (added the path in Exception) and it started working.
Here are the screenshots for reference:
As a solution: you can perform the following:
Make the appdata visibility from hidden to visible. or,
Right click on the folder, PRoperties > Security and provide the full access rights to the user. or,
Disable the antivirus and retry, it should work. If it is then add the folder path or the application name "func.exe" as an Exception.
One more solution that I figured out today especially when the antivirus is in client mode and linked with its server for policy.
4. You need to whitelist the path in the server policy and after 5 minutes say, Update the Antivirus, restart the Visual Studio and its done.
Same error I also faced due to anti-virus but can't modify anti-virus since it can be changed by IT Security/networking team and process is time-taking & long process. Another workaround is :
Install azure-functions-core-tools via npm
npm install -g azure-functions-core-tools#3
Change Executable & Working Directory in Debug settings for azure Project settings
Working Directory : C:\<Project path>\bin\Debug\netcoreapp3.1
Executable : C:\Users\<username>\AppData\Roaming\npm\node_modules\azure-functions-core-tools\bin\func.exe
Windows 10 has a new sandbox which is based on a very small and fast Hyper-V VM. With every start of the sandbox you get a "fresh" Windows and on every sandbox termination, all changes are discarded.
My question is: Is it possible to define in which state the sandbox starts? E.g. is it possible to start the VM with pre-installed reversing tools or a script that is automatically run, as soon as the system is booted?
Use case: Due to it's fast start-up time and "throw away" characteristics, the Windows 10 sandbox would be a dream for automated malware analysis.
You can somehow change the behavior of the sandbox. For example run a script at start up or disable network. See here for a how to: https://medium.com/#maarten.goet/how-windows-1903-makes-malware-analysis-easier-introducing-windows-sandbox-3ec791c8367
In general, sandbox startup can be controlled by a startup configuration file:
Windows Sandbox supports simple configuration files, which provide a
minimal set of customization parameters for Sandbox. ... Windows Sandbox
configuration files are formatted as XML and are associated with
Sandbox via the .wsb file extension.
The specific ability to execute a script upon sandbox startup is documented here: https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file#logon-command
It says:
Logon command
Specifies a single command that will be invoked automatically after
the sandbox logs on. Apps in the sandbox are run under the container
user account. The container user account should be an administrator
account.
XML
<LogonCommand>
<Command>command to be invoked</Command>
</LogonCommand>
Command: A path to an executable or script inside the container that
will be executed after signing in.
Note
Although very simple commands will work (such as launching an
executable or script), more complicated scenarios involving multiple
steps should be placed into a script file. This script file may be
mapped into the container via a shared folder, and then executed via
the LogonCommand directive.
I'm trying to run a task on the Worker Role. I added a file named Startup.cmd with the following content:
icacls "PDFs" /grant Users:(OI)(CI)F
EXIT /B 0
All this does is give the Users group full control to the PDFs folder. The task does run because the Microsoft Azure Activity Log window shows the message Details: Starting role... Application startup tasks are running. [2015-02-04T23:39:28Z] when the Worker Role is deployed. I then log into the machine using Remote Desktop and the security on the folder is not as expected. I then try to run the command manually and I see this:
The file has some weird characters which is making the command fail: icacls.
Can Azure Publishing be causing this?
It looks like your script is being saved with a byte order marker. Try saving the script as ascii or as UTF-8 without a BOM. That might work out better for you.
I'm currently working on automating a powershell script to make a dump of a small DB.
The database is accessible through a company Sharepoint and I am leveraging an IQY file exported from said Sharepoint to read the database contents.
When I run the script manually (i.e. calling it from the command line), it works with no issues, but when I try and start the script from Task Scheduler, the following exception is raised:
System.Reflection.TargetInvocationException
the line that is generating the exception is:
$iqy = $xl.Workbooks.Open($query, 2, $true)
Where $xl is a new Excel.Application ComObject, created correctly and $query is a string containing the full file path of the iqy file.
As for my configuration, I'm trying to run my script on a Windows Server 2008R2, using a local administrator user (same user that is supposed to launch the scheduled script), which is also authorized to access the Sharepoint. I'm running Powershell 3.0. I'm not loading any Sharepoint-related snapins.
The only answers I found poking around hinted at granting "Trust" to the IQY file location and the Sharepoint itself in Excel. That did not help.
The Exception also seems to point at a sharepoint issue, but since the script runs fine when started manually, I cannot understand how it could be anything to do with Sharepoint.
Am I missing some intricacy of the Task Scheduler?
Any help would be greatly appreciated.
Never mind, I seem to have found an answer.
If anyone is encountering the same issue, it appear the Excel Com Object has a bug that does not allow it to run from the Task Scheduler if you set it to run regardless of whether the user is logged in.
To circumvent that create the following 2 folders on the machine where the script is supposed to run:
(32Bit, always)
C:\Windows\System32\config\systemprofile\Dektop
(64Bit)
C:\Windows\SysWOW64\config\systemprofile\Desktop
After creating the folders, it worked as expected.
Source: http://social.technet.microsoft.com/Forums/windowsserver/en-US/aede572b-4c1f-4729-bc9d-899fed5fad02/run-powershell-script-as-scheduled-task-that-uses-excel-com-object?forum=winserverpowershell
I have a windows application with user Interface that do some stuff...
Now my client wants that, when he pushes the power button MyApplication run before he forced to input the username and password!
comment: the system is multi user on windows XP or Seven.
Is it possible anyway?
I found the way to do this was to create a scheduled task with a trigger for "on startup". This starts the application before windows logon. This is particularly useful in a server type environment if you need to have something run that is not a service.
It is simple. The process is.
Run gpedit.msc
Go to computer Configuration -> Windows Setting -> Scripts(Startup/shutdown)
Go to Startup properties then you will get the new windows.
Now add the program that you want to run before login.
The right way to do this is to implement a Windows service.
I've used this article here as I run a Minecraft server which I need to have the console interactive so I can manage the server and running it as a service is not a good solution in such a case: https://www.tenforums.com/tutorials/138685-turn-off-automatically-restart-apps-after-sign-windows-10-a.html
What I did was edit the registry:
Go to HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Create a new DWORD value (if this DWORD doesn't exist already) and
call it RestartApps with the value of 1
This now starts apps that usually startup before you log in and starts the programs in shell:startup
You can not run an exe without first loading the operating system. You can, however, run the exe without logging in first. Just add copy and paste the shortcut for the exe into C:\Documents and Settings\Administrator[or other user name]\Start Menu\Programs\Startup. Then check msconfig to make sure your exe is checked to run on startup.