I wrote a Windows Service using VS 2005 and C# on WinXP Pro SP3. It starts another program which runs to completion and then exits.
The service is installed using installutil and serviceInstaller. It is built release and put into the C:\Program Files\MyService directory. The serviceProcessInstaller Account is set to LocalSystem in it's Properties.
If I set the Log On to Local system I get an 'Access Denied' error (using a try-catch block), but if I set the Log On to my account with the correct password, it runs perfectly.
What am I doing wrong? Any suggestions will be very welcome.
It will be useful to know where the access denied error comes from. Since you say it is from a try/catch block, I assume it is your code that handles it. That would mean that your service is starting just fine, but has problems doing its job.
It could be environment related problem, since the environment for LocalSystem is different than your user account. Also, it could be that the program it starts is not executing properly and it is returning the error.
Without more info, it is just speculation. What is that other program doing? Where is the error occurring? Why don't you debug it and find which part returns the access denied error?
Agreed, it should be on SO. That aside, check your file/folder permission sand ensure System does in fact have the necessary rights. Do the same for the registry keys. The System event log should give you some clues.
Both answers: thanks for the help.
The error orrurs at the Process.Start() call.
The file and directory security shows Everyone has full access to the directories and the executable.
FOUND IT! I had added a user name and password to the ProcessStartInfo object, thinking that it would be useful when the target program tries to get to the database. Oops! When I took that stuff out, the target runs jult like it should.
Thanks again to all who replied. Mea Culpa!
Related
When working on a project that uses IIS (not IIS Express) for local development, what permissions are actually required under window 8? I don't want to run as admin all the time...the first error message I get when running using the Local User Account (LUA) was about Metabase (probably a misnomer, as changing the permissions on that gave the same error message until the config files in inetsrv/config were also available). Now it builds, but then gives an error message "Unable to start debugging on web server. IIS does not list a web site that matches the launched URL".
The blog https://blogs.msdn.microsoft.com/jaredpar/2005/02/04/myth-creating-web-applications-with-visual-studio-requires-admin-privileges/ while old, at least hints that it should be possible to manually give myself (or a group that I create) the right permissions. Just need to figure out what those permissions are...
To run VS against IIS you need to run VS elevated (the process needs admin permissions).
From a non-admin account you could run VS "As Administrator", you will also need to do this with the tools necessary to configure IIS.
However I've never tried that, rather I run with a non-elevated admin account so any file changes from within an elevated VS are fully accessible to non-elevated processes.
Additional: note, VS really only needs the Debug Any Process privilege, but giving that one privilege gives the ability to gain all others (with some effort) going through the work to limit the VS process to just that one difference seems pointless.
I am trying find a problem with my program that is hooking into a game. This is
vc++. Basically I launch the program and then hook into it using SDL. When I run the code from VS2010, all works fine. But when I try to run from command prompt, my program can launch the game, but after that the game crashes immediately.
I was viewing windows event logs, and it appears that there is an access violation. 0xc000005
How can I log any further details about the program that crashes? I tried "procdump" but that is not useful as I cannot INDIRECTLY target the hooked game from console. Rather it can only target my application that hooks.
Anyway of getting detailed dumps is highly appreciated in this case.
Thanks!
You can perform postmortem debugging by using a combination of the WER registry keys/values to trap any dump that is produced. I’ve used this method to prevent the WER system from collecting the dump file (.dmp). I’ve also written about this in another similar post. To accomplish this, you will need to create a registry key under
Software\Microsoft\Windows\Windows Error Reporting
if one does not already exist. The key should be
LocalDumps\your application.exe
Once that’s done, modify these keys/values to meet your needs:
DumpCount, DumpFolder, DumpType
You’ll need Administrator rights to create and modify the keys, and, you should reset everything you’ve modified when you’re done debugging.
I have recently deployed a fubu mvc application to windows azure. Everything works except when the pipeline tries to find the view to render. This all works correctly on my local machine.
So I am wondering: does the process on the Azure box have rights to read/scan files on disk?
Any suggestions to fix it are welcome though.
EDIT:
As part of the deployment there is a stage that azure goes through called "Preparing files for eployment". I checked on the log and my view was not in there
So I changed copy to output as true and it worked
It depends a bit on where you are trying to read and how you have configured your roles. By default, the code will run as a very low privilege user that only has R/W to the code directory (and any LocalResource(s) defined by the user). However, you can run your code as SYSTEM, in which case you can R/W anywhere (you might still have to take ownership, but you are all powerful as SYSTEM).
If your views are defined as part of your package and uploaded, the code should have permission to view it. I am curious as why you think this is a permission issue right now. Do you see an error that indicates that, or are you guessing it? If I had to guess, my first thought would be your views didn't get packaged correctly and are not on the VM. You can confirm they are there either by RDP or by cracking open the package and snooping around.
I am using WSPBuilder to develop Sharepoint2007 sites, whenever i try to debug using one of the users that are not System Account, the debugger enters to the breakpoint and waits a step (F10), when i press F10, i get the following exception in the debug output window after pressing F10 on the line having the breakpoint:
A first chance exception of type 'System.Threading.ThreadAbortException'
occurred in XXX.dll
An exception of type 'System.Threading.ThreadAbortException'occurred in XXX.dll
but was not handled in user code The thread '<No Name>' (0xfc4) has exited with
code 0 (0x0).
and i am redirected to a page of sharepoint saying:
Go back to site
Error: Access Denied
Current User
You are currently signed in as: SHAREPOINT\ZZZ
Sign in as a different user
When i try to RUN not to DEBUG with the same user, I don't have this problem.
Also when i try to debug using the System Account (MOSS ADMIN), I don't have this problem ?
How to overcome this problem ?
BTW, i am trying to debug a custom ASPX/CS page installed as a feature on the site.
FYI, it's only for this project not for all projects i have, also it's for all pages in this project not only one page.
For those who are interested, I found the solution:
I created a new project and copied my files to it (of course with recreating features), now it works fine. That means that the project itself is the problem not the IDE, perhaps some of its file are corrupted !
You might want to try and add the user SharePoint\zzz to the WSS_WPG and WSS_Admin groups to see if that gets you around the issue. I assume you are doing the debugging on a single, stand alone install so you could also try and make SharePoint\zzz and administrator.
Okay, so I'm running a small test webserver on my private network. I've got a machine running Windows 2000 Pro, and I'm trying to run an ASP.NET app through IIS.
I wrote it so that the webpage would use the registry to store certain settings (connection strings, potentially volatile locations of other web services, paths in the local filesystem where certain information is stored etc...) Of course, it worked fine when testing with VStudio.NET 2005, because the user running the app has elevated privileges. However, running it on IIS I get a "Access to the registry key 'HKEY_LOCAL_MACHINE\Software' is denied.", which suggests the IIS user doesn't have read access to that part of the registry (I only do reads through the website itself, never writes).
I was like "okay, simple enough, I'll just go give that user rights to that part of the registry through regedit." The problem is, I don't see an option anywhere in regedit to change security settings... at all. Which got me thinking... I don't think I've ever actually had to change security settings for registry hives/keys before, and I don't think I know how to do it.
Half an hour of searching the web later, I haven't found any usable information on this subject. What I'm wondering is... how DO you change security rights to portions of the registry? I'm stumped, and it seems my ability to find the answer on Google is failing me utterly... and since I just signed up here, I figured I'd see if anyone here knew. =)
If your having touble with RegEdit in Windows 2000 you can try the following:
Copy the Windows XP RegEdt32.exe to the Windows 2000 Machine
Using a Windows XP Machine, connect to the Windows 2000 registry remotely: File > Connect Network Registry
You can set permissions at the folder level for which you want to grant user permissions read/write access.
In your case, right click on the "Software" folder and select "Permissions".
You'll probably know the rest from there.
EDIT: If you still run into issues, you may want to modify your web.config file and use impersonation to have your web application run as a certain user account. Then you can put a tighter reign on the controls.
RegEdt32.exe will allow you to set permissions to registry keys.
Simply right click on a Key (Folder) and click Permissions, then you can edit the permissions as you would an file system folder.
I did so, assuming that a Security setting would be available. I didn't see any "Security" option when I right-clicked on the Key. =( I triple-checked just to make sure... and I just tried it on my XP machine, and it does indeed have the "Permissions" section... but the Windows 2000 machine doesn't. (how's that for wierd?)
In my searching, I found:
http://www.experts-exchange.com/Programming/Languages/.NET/ASP.NET/Q_21563044.html
Which notes that RegEdit for Windows 2000 doesn't have the Security/Permissions settings... but it proposes no solution to the problem. (Whoever asked the question was using Windows XP so he was okay... but in my case, it's 2000)
Is there any way to make it happen specifically in 2000?
EDIT: Ahhhh... if worse come to worse, I suppose I can do the impersonation as mentioned below... though if I can't set security settings for the registry in 2000, I'm left with making that user have Administrative access (I assume?) to actually get those rights, which sadly defeats the purpose. =(
Oh, let me try that! I didn't realize you could remotely connect to another registry.
(EDIT: I was wrong, it did work... it just took several minutes to respond to my request to change permissions remotely)
The remote connection idea did it! You're good! Thanks so much for your help! I never realized you could remote connect with RegEdit... you learn something new every day, they say! =) Thanks again for your assistance! =)
On another note though, about copying the XP version of RegEdit to Windows 2000... is that safe? I figured they would be coded in such a way as to be incompatible... but I could be assuming too much. =)
Just use RegEdt32.exe instead of Regedit.exe.
Go to the desired key or folder, then open the security menu and click on 'permissions'.