Security :: Cannot Execute The Windows Service As Well As Batch File On Web
Jan 8, 2010
i have made one web site which is generating screensaver(MSI) dynamically.So to generate the MSI file i have to build a WIX project.So i executed using batch file which will use MSBuild.exe and cmd prompt. so its gave me an error "Access is Denied". i have also tried by making a windiws service but still the same error occurs.
If I watch the processes tab in Task Manager on the web server I see "cmd.exe" under the context of 'administrator' but it just hangs. For test purposes c:SendV80s.bat: copy c: oot.ini c:zzz.txt
If I logon onto the webserver's console and execute SendV80s.bat it works and exits without issue. But when I execute the same batch file via the Submit button it gets stuck executing in Task Manager/Process. I believe this has something to do with the fact that cmd is not running in a full environment/desktop context. I just noticed this on the actual console of the webserver (not in my RDP console but console 0 instead)
A pop-up box stating: CMD.exe Application error The application failed to initialize properly (0xc0000142). Click OK to terminate the application. And when I click on the OK button my ASPX page's WaitForExit is satisfied and the continues processing normally.
I have a problem which is a recent development. We used to be able to run a batch file from IIS, but now we can't. I have tried several different approaches to this issue, none of them have worked. I tried to run the batch file under cmd using CreateProcess, CreateProcessWithLoginW, CreateProcessAs User, none of which worked. I now know that CreateProcesswithLogonW won't work on Windows 2003 Server. This is a C++ webservice by the way, running on Windows 2003 server using IIS 5.1. I have also tried running the batch file from a vbs script and calling the script in C++ using system("Scriptname") and that does not work either. I have run out of options, or at least the options that I know about.
I learned that "EXEs in System32, which like CMD.EXE have "special" ACLs that prevent them from being launched remotely from IIS. CMD.EXE has further security checks inside of it to prevent being used to launch batch scripts launched remotely from IIS." So I have abondoned even attempting to run CreateProcess of anykind where I invoke "cmd.exe" to run a batch file. Which was why I tried the vbscript. I know this is a security issue. It has to do with either the NETWORK SERVICE account or the ASPNET account not having permission to do this. I have QA breathing down my neck at this point and I really need to figure out what to do. If it is a security setting that can be set without compromising security on the server then great (although I bet that isn't the case).
I want to execute my asp.net application where Windows XP Service Pack 3 is installed + VS 4.0 framework is installed and IIS 5.1 is installed. The program is not running yet. It shows me an erro message that "Server is unavailable" Is it possible to run the application on this machine. I also tried aspnet_regiis -i and -c command
I need to fetch first 75 data or lines and insert in the sql table. Again next 75 data or lines and insert in the sql table. Again next 75 data or lines and insert in the sql table until it finish all.How i can do it in ASP.NET with C#
I have a batch file on another server on a different domain or network that I need to run from an ASP page. I found a simple enough script that opens a CMD prompt, goes to the location of the batch and runs it. If everything is on the same machine, it runs fine.
The issue I've run into now is that the batch file is on a file server and the ASP page is on a IIS server. The File server is on a internal network (separate domain) and the IIS server is on an external network (or different domain), both servers are hosted here.
When I try it and look at the event logs I can see a failure audit and its trying to login with the machine name.
I have to invoke SSIS packages from web service in the most secure way. I think that windows authentication will be secure but i am not sure. I do not have much knowledge about how to achieve this and the information on the internet is very distributed.
I have a web application that uses a SQL database which contains all the standard asp membership tables.Within my Web application I use the standard asp.net membersip logic for adding new users, roles, etc...The point here is I dont use any custom providers for anything.Now on that same machine that is hosting my web application I am writing a Windows service in c# .net.As part of one of the method calls to the windows service application I was curious if I would be able to use any type of membership classes that would connect to my existing database and perform the same functionality as does the ASP.NET membership classes.
Is it possible to remotly login into Windows using ASP? What I'm trying to accomplish is, that I could remotly call a ASP page on my server (Apache on Win Vista) that logs in a user on that system. For example remotly I start a Wake-On-Lan to start the computer (server). It boots up to the user login screen where I would have to enter my password to login to the desktop. Because the service is already running at that time, I would like to open a ASP page from my client that I could pass the windows user/password and the ASP-service would login the user on the server machine.
I want to access membership and profile objects and wants to access profile properties that I have defined in my web app web.config file, from a windows service. Anyone have any idea on how to do this?
I have a visual studion 2010 solution with two projects
1 . A class libarary
2. A windows service application
The service application is used to convert .dbf files to xml. The convertion is done using the classlibary project wich is called by the windows service application. This class library project has some values hard coded. like the path to look for the .dbf file
I want to make these hard coded values changable. like moving them to an app.config file. To which project I have to add the app.config file (classlibary or windows service)? How can I use the value from configuration file in classlibrary ?
We use Sharepoint to control our websites. We build the sites, then load them into the sharepoint server. My question is if I use windows authentication, how can I get my role security in my web config file to coencide with the asp.net controls that use the Forms authentication. Is there a differenence? Our security uses a session variable for security but there is no where to set up their permissions except in active directory. I hope this makes sense because I would like to implement the LoginView with Role groups but how can I give them the role="administrator"? Do I have to go into active directory and give them these permissions(would take awhile due to the size of the company)? Or do I have to set up priveladges in the web.config file for each user(difficult I think)?
I have asp.net 2.0 site which is calling web services hosted on another server. When i have an xml file from where web service ip for eg. www.mysite/webservice1/myservice.asmx is given. When i call the same server from developer machine using local networkit works fine.But the same is when hosted remotely and from client end when services is called reading xml fiile from client machine it given a message 'remote server not connecting'.
I have a website that occasionally needs to have a handful of the tables in its database updated. The updates come from another system that exports to comma delimited text files. I can then either FTP the text files to the web server, send them in through an admin upload page, or manually log in to Remote Desktop to download the text files. I have all my C# code written to parse the files, check the database contents, and decide what to do.
Should I code the sync logic to be part of a file upload page, protected in the admin section of the site or should I create a Windows Service that constantly looks for files to process in a particular directory that I can drop files in through FTP?
I have used Windows Services in the past and they have worked great, but if I ever have to make a change to the code it can take longer than it would if I just had to modify an ASPX.
Are their security benefits one way or another?
ASPX page wins the "ease of maintenance" category.
Apologies if my question is too broad but I eed pointers on how to tackle the following problem. Currently, I run a batch file that launches a series of automation tests on QTP (a test automation tool). The batch file contains a vbs script path and it takes three parameters. Each time smeone needs to run the automation, I have to do this manually.What I'd like to be able to do is to allow other members of the team to access this functionality via an intranet web page. They would be able to login, choose the tests to run and then run them. My only other requirement is that the solution be based on .net and C# if possible. My current server is 2003 SP2.What is the best way to achiveve what I want? What is the recommended version of IIS and .NET framework to use? How do I configure IIS to be able to run the vbs script? I'm looking for a step-by-step approach if possible. I don't care if I have to convert the batch file into an executable or run the script directly, just as long as it is launched.
I am creating an intranet application which runs a batch file and create an xml file as result. Which i am using for further processing. My problem is when i am running my application from local machine batch file is running fine and creating xml,but when i am running it through iis nohting is happening,
it meance process.start coudn't start command Prompt.
I am using following code. I have given all permission to iis.
Dim ProcessInfo As Diagnostics.ProcessStartInfo ProcessInfo = New Diagnostics.ProcessStartInfo("cmd.exe", "/C " + Server.MapPath("~myScript.bat")) Dim Process As New Diagnostics.Process ProcessInfo.CreateNoWindow = False ProcessInfo.UseShellExecute = False
this is relatively simple, but how would i go about retrieving the windows login name from the class file in the App_Code folder. I have set up my website to run windows authentication, and can use httpcontext to get windows login name from code beihind, but without passing this to the class everytime, is it possible to get the login name from within the class?
I'm using the System.Diagnostics.Process class to run a batch file. I need to be able to take an output from the batch file and then display it on the web-page, basically to know if it succeeded or not, since the batch runs an .exe that doesn't always succeed.
the values returned by the .exe and have the batch run a script depending on the value returned. The script could be a VBscript that sends info to the webpage, but even then I'm not sure how to accomplish this.