Windows permissions and Remote Registry - c++

I'm working on a legacy project that is basically 2 windows PCs on a local network.
PC 1 is running a C++ application that as part of it's start up calls
RegConnectRegistry(l_oAddr, HKEY_LOCAL_MACHINE, &l_hRemoteBaseKey);
On PC2
https://learn.microsoft.com/en-us/windows/win32/api/winreg/nf-winreg-regconnectregistrya
All 3 pcs are using strictly local accounts with admin privileges locally. PC1 is able to make that call successfully to PC2.
I've got PC3 that I'm trying to set up as an Impostor PC1, basically running the same application, with the same static IP on that network. PC3 gets plugged in, PC1 is removed. When I run the code on PC3, I get a Permission denied error.
The PC2 registry permissions for HKEY_LOCAL_MACHINE do not allow anything other than local admins to edit it. allowing all users full control of that key and it's children, also does not work. I'm certain the PCs all talk to each other just fine and no firewall is running on PC2.
Any thoughts on what permissions I am missing?

So, as it turns out, if both PCs have the same user name and password. even if those are local to each pc, this will work fine and PC3 Will have access to PC2s registry.

Related

Google Cloud RDP not Working (User name & Password didn't work)

I just created a VM instance on Google Cloud for the very first time,
4 vCPUs
15GB Ram
Windows Server 2016 Datacenter
SSD 50gb
Access scopes - Allow default access
Firewall - Allowed bot http/https
Created
After that when am trying to connect thru RDP
(downloaded the rdp file and put the created password)
its saying
"The user name and password that were used to connect to the remote PC didn't work. Try a different account."
[am using Microsoft Remote Desktop on Mac]
I already tried creating new account & password... still no good..
Please help what could be the issues or solution.
Am using Google Cloud for the first time..
Thanks in advance
After you create a Windows Instance, you will first need to generate a password. Once you generate the password, paste it to a text editor. From here, you will need to install the RDP client for Mac. From here, you can follow these instructions which will explain how to connect to the Windows Instance using the RDP client you just installed.

Winsock client / server tutorial fails with desktop as client, but works with laptop as client

I have successfully built the client and server modules from the Getting Started with Winsock tutorial.
I have a desktop and a laptop both connected to my wireless router – both running Windows 10.
Running the client module on the laptop, I am able to successfully transmit data back-and-forth to the desktop (running the server module) using the desktop's IP address.
Running the client module on the desktop with the laptop's IP address as the command line argument, I get an "Unable to connect to server!" message after a ten second delay.
If I try to run both modules on the desktop in separate console windows using the "localhost" command line argument, the client console displays "Bytes sent: 14" and hangs waiting for a response from the server – however this works if I use either the desktop name or the desktop IP address in place of "localhost".
I am able to run both modules on the laptop using either "localhost", the laptop name, or the laptop IP address as arguments.
I have gone through the same motions with port 27015 forwarded on the router and incoming and outgoing firewall exceptions added to both the desktop and the laptop – there is no difference either way.
Any assistance would be greatly appreciated as I cannot figure out why this works in one direction but not the other.
Thank you for the suggestions Karsten and Andriy. I first tried getting the two computers to ping each other and neither was successful. After researching online, I was able to get them to ping after turning on "echo requests" in the firewall settings, but my original problem persisted. I then tried turning off both firewalls and I was able to get my server and client programs to work both ways. That wasn't a great long-term solution, so I tried selectively disabling the firewalls and realized it was an issue on the laptop's end. I noticed that my "server.exe" program was in the allowed apps list twice – one instance granting private access and one granting public access – but only one instance was active. I deleted both and added "server.exe" again with both public and private access boxes checked, which solved my issue.

Application Cannot Access Mapped Drive

When the application is executed with run as administrator it fails to find files on a mapped network drive using FindFirstFile. If the executable is run without run as administrator is works. The user is a local administrator on the PC. When FindFirstFile fails the error is 3, ERROR_PATH_NOT_FOUND. Is running as an administrator changing access rights or my access to the mapped drive?
I'm testing on a Windows 10 PC with a domain user that is a local administrator. Application was built using VS 2010 on the Windows 10 PC. Application is a native c++ app. I've turned off the firewall, still fails. Turned off Windows Defender, still fails. Recreated share and mapping, still fails. Ideas?
Network drives are mapped per-user. If you map a drive as your user, but run your application as Administrator, the network drive won't be mapped from the application's perspective. To get around this, you can map the drive as Administrator by opening an admin command prompt (right-click cmd -> run as Administrator) and run net use F: \\path\to\my\share.

Network Access As Local System Running Exe From Network Share

I am running a Dotnet 3.5 executable in Windows 7 Ent, as a GPO computer startup script in a domain. The script resides on a network share. The exe is run as Local System. The exe runs correctly.
I would like to access a web Service in this exe, but it appears that the Local System does not have access to network resources per documentation. However if the same exe is copied to the C Drive and run from there under the same account and same conditions (i.e. GPO startup script) then the Web Service can be accessed.
How is it that the Local System has access to the web service when running from C: drive, but not from the Network Share? Is there anything that can be done to make it work from the network share, without first being copied to the local drive? is Local System same as SYSTEM and same as NTAuthority\system?
I have tried the following so far to make it work. None of these work:
Impersonate a domain user in code.
Give Full Trust to all zones in .Net Security Configuration
Add the network share to Trusted Sites in IE.
Use the netbios name instead of the fully qualified name of the fileserver, i.e. \server\share, rather than \server.domain.com\share
The following things I cannot do to fix this problem:
Change the logon account of the Group Policy Client service to a domain user
Run the exe as logon script. It has to be startup script.
To reproduce this problem I do the following:
Create an simple exe with some network function, i.e. WebClient.DownloadString("http://www.google.com")
Deploy exe to a network share
Run as normal user to show there is no error
Run whoami to show the current user
run psexec -s -i cmd.exe
Cmd will start as SYSTEM (Local System or NT Authority\System)
Run whoami to show the current user
Run exe from network share to show it will fail to download the page.
Copy the exe to C Drive.
Run exe to show the page is downloaded.

Remote management using WMI XP PC's in a work group

Is it not possible to remotely manage XP sp2 PC from another XP sp3 computer using WMI where both of PC are in a work group? I have run wmimgmt.msc right click WMI control the connect to another PC. I have also used WMI Tools which I downloaded. I have Administrative account on the remote computer. I tried everything I found on the net
including:
Remote enabled WMI on the remote computer
It must not be firewall issue as I tried everything including disabling it ( the firewall).
Gave my account all permissions to the root and root\CIMV2 names paces on the remote computer
Created the same administrative account( Same user name and password) on local computer (not remote) as suggested by some people on the net.
and others
But I keep getting error like
Access denied
The RPC server is not available
I set up security event log on the remote computer and I got the clue that the account requesting is not my account . This way I guess that it not possible to manage my PC this way but I should set up my network so that both PC's are in the same domain. But I don't want this to happen now.
Is my guess right? If not what is wrong with me?. I am a newbie in this area.
Sorry everybody. I answer the question my self.
It is possible. The problem I was having was not creating the accounts correctly