Connecting DC Remote HyperV server in c# - wmi

I am trying to connect a hyperV server remotely which is the part of same Domain Controller as the local system is. It works if I give username without AD, but fails every time(with error "invalid parameter") when username is with AD.e.g. AD\administrator.
// This works
Impersonation = ImpersonationLevel.Impersonate;
Authority = "ntlmdomain:" + _domain;
options.Username = "administrator";
options.Password = _authPas;
//But this doesn't work
Impersonation = ImpersonationLevel.Impersonate;
Authority = "ntlmdomain:" + _domain;
options.Username = "testAD\\administrator";
options.Password = _authPas;
Any help will be highly appreciated.

Why you are giving the Domain name in username after you provided the domain name in "Authority"
Already the Domain is mentioned in Authority so the the username should be only Username without domainname
Giving multiple times will not work

Related

Unable to relay recipient in non-accepted domain

All emails with the domain #mycompany.com are sent successfully. But, if MantisBT wants to send an email to anyone else, for example #othercontractor.com, or #gmail.com, etc , the email is not sent.
In addition, a collateral damage of this problematic email is that it will get stuck in "MySqlDatabase/mantis_email_table" and all the emails after this problematic email in that table won't be sent. So, to fix it, I have to manually delete that entry in the table. It is not very convenient when I want to add contractor who has his own email domain in our bug tracker.
This the email configuration in: /path_to_mantis_bt/config/config_inc.php
// Email Configuration
$g_email_send_using_cronjob = ON;
$g_allow_signup = ON; //allows the users to sign up for a new account
$g_enable_email_notification = ON; //enables the email messages
$g_phpMailer_method = PHPMAILER_METHOD_SMTP;
$g_smtp_host = 'edge.mycompany.com';
$g_smtp_connection_mode = '';
$g_smtp_port = 25;
$g_administrator_email = 'myname#mycompany.com';
$g_from_email = 'myname#mycompany.com';
$g_return_path_email = 'myname#mycompany.com';
$g_from_name = 'Mantis Bug Tracker';
I should mention that we are hosting MantisBT on our own server Microsoft Server 2012 R2 and WAMP(latest version).
The error: 2018-01-08 10:24 PST MAIL email_api.php:1379 email_send() ERROR: Message could not be sent - SMTP Error: The following recipients failed: xxx#gmail.com: 5.7.54 SMTP; Unable to relay recipient in non-accepted domain
It's working now, but I used sendmail instead of using the WAMP/SMTP.
To install SENDMAIL on WAMP, I followed these instructions
This the email configuration in: /path_to_mantis_bt/config/config_inc.php
$g_allow_signup = ON; //allows the users to sign up for a new account
$g_enable_email_notification = ON; //enables the email messages
$g_phpMailer_method = PHPMAILER_METHOD_SENDMAIL; //If not using sendmail, use: PHPMAILER_METHOD_SMTP;
$g_smtp_host = 'edge.mycompany.com';
$g_smtp_connection_mode = 'tls';
$g_smtp_port = 587;
$g_smtp_username = 'xxx'; // my username for email myname#mycompany.com
$g_smtp_password = 'xxx'; // my password for email myname#mycompany.com
$g_administrator_email = 'myname#mycompany.com';
$g_webmaster_email = 'myname#mycompany.com';
$g_from_email = 'myname#mycompany.com';
$g_return_path_email = 'myname#mycompany.com';
$g_from_name = 'Mantis Bug Tracker';
// Log configuration
$g_log_level = LOG_EMAIL | LOG_EMAIL_RECIPIENT | LOG_FILTERING | LOG_AJAX;
$g_log_destination = 'file:/wamp64/logs/mantis.log';
?>
IF you follow the link above, you will know how to update php.ini and sendmail.ini . Update these 2 files with the information in config_inc.php.
I had the same issue. In my case, we were sending out emails from an application and there was a user bcced (hardcoded in the code) which was not in the domain and hence it failed
I had same issue once I changed to #newdomain.com.
In my case I found suggestion on the web to clear cache of my browser. I did and all start working.
Basically, you need to reload all config files from scratch with new globals...
At least it worked for me.
Cheers.

Can't decrypt cookie with a custom domain name

I'm using an Windows Azure Cloud Service and when I access to it using my domain name instead of [CLOUDSERVICENAME].cloudapp.net I have problems with authentication cookies.
I'm creating the cookies
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(
1,
serializeModel.Username,
DateTime.Now,
DateTime.Now.AddMinutes(15),
false,
userData);
string encTicket = FormsAuthentication.Encrypt(authTicket);
System.Web.HttpCookie faCookie = new System.Web.HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
Response.Cookies.Add(faCookie);
But when I try to decrypt it I get a null value.
HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null)
{
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
JavaScriptSerializer serializer = new JavaScriptSerializer();
if (!String.IsNullOrEmpty(authTicket.UserData))
{
This is strange since this only happens using my domain name to access it.
I've found that when I use my custom domain (running under a SSL Certificate) the cookie size increase. I believe that this is related with certificate encryption.
To solve this I have to remove some parameters from cookie userdata to guarantee that it doesn't grow to more than 4096 bytes (Browser Cookie Limits: http://browsercookielimits.x64.me/)

WMI: "The RPC Server is unavailable" error only for domain user

I'm trying to execute a program that is on machine B (Part of a domain) from machine A (Not part of domain). I've the following code and throws "The RPC Server is unavailable" when I tried to use a domain user that is part of machine B's Administrators group. When I use the local user "administrator" which is also part of Machine B's Administrators group, the code works fine.
Firewall is disabled on both the machines. I could logon to machine B from machine A using both the users.
Could you help me with it?
ConnectionOptions connectionOptions = new ConnectionOptions();
connectionOptions.Authority = "kerberos:" + domain + #"\" + machine;
connectionOptions.Impersonation = ImpersonationLevel.Impersonate;
connectionOptions.Authentication = AuthenticationLevel.PacketPrivacy;
connectionOptions.Username = username;
connectionOptions.Password = password;
ManagementScope scope = new ManagementScope(#"\\" + machine + "." + domain + #"\root\CIMV2", connectionOptions);
ManagementPath p = new ManagementPath("Win32_Process");
ManagementClass classInstance = new ManagementClass(scope, p, null);
ManagementClass startupSettings = new ManagementClass("Win32_ProcessStartup");
startupSettings.Scope = scope;
startupSettings["CreateFlags"] = 16777216;
I could sort the problem out. The domain controller was not accessible. Also, both public and private IPs were configured to my machine. The private IP was the primary and public was secondary. I needed to use them accordingly when needed.

401 error if I connect from my ASP.NET app. to CrmDiscoveryService.asmx (CRM 2011)

I have to use CrmDiscoveryService.asmx for DYNAMICS CRM 2011 because of the compatability to CRM 4.0. I impemented IFD authentification algorithm and now it doesnt works:
I can connect me successfully to CrmDiscoveryService.asmx from Browser (anonymous connection enabled)
URL: https://internalcrm.organme>.com:444/mscrmservices/2007/spla/crmdiscoveryservice.asmx
But if I try to get connected with the same URL from ASP.NET - i receive 401 error.
Code:
RetrieveCrmTicketRequest crmTicketRequest = new RetrieveCrmTicketRequest();
crmTicketRequest.OrganizationName = OrgUniqueName;
crmTicketRequest.UserId = "bnet"+"\\"+"izz";
crmTicketRequest.Password = "pass";
CrmDiscoveryService discoveryService = serviceHandler.CreateCrmDiscoveryService(crmDiscoveryServiceUrl);
discoveryService.UseDefaultCredentials = true;
RetrieveCrmTicketResponse crmTicketResponse =
(RetrieveCrmTicketResponse)discoveryService.Execute(crmTicketRequest);
//Trust all certificates
System.Net.ServicePointManager.ServerCertificateValidationCallback =
((sender, certificate, chain, sslPolicyErrors) => true);
Might be it make sense to start from retrieving a list of available organizations, like in a sample Using the CrmDiscoveryService Web Service: IFD
// Configure an instance of the CrmDiscoveryService Web service proxy.
CrmDiscoveryService disco = new CrmDiscoveryService();
disco.Url = "https://localhost/MSCRMServices/2007/SPLA/CrmDiscoveryService.asmx";
//Retrieve a list of available organizations from the CrmDiscoveryService Web service.
RetrieveOrganizationsRequest orgRequest = new RetrieveOrganizationsRequest();
// Substitute an appropriate domain, username, and password here.
orgRequest.UserId = domain + "\\" + username;
orgRequest.Password = password;
RetrieveOrganizationsResponse orgResponse = (RetrieveOrganizationsResponse)disco.Execute(orgRequest);
//Find the target organization.
OrganizationDetail orgInfo = null;
foreach (OrganizationDetail orgdetail in orgResponse.OrganizationDetails)
{
if (orgdetail.OrganizationName.Equals("AdventureWorksCycle"))
{
orgInfo = orgdetail;
break;
}
}
// Check whether a matching organization was not found.
if (orgInfo == null)
throw new Exception("The specified organization was not found.");
//Retrieve a CrmTicket from the CrmDiscoveryService Web service.
RetrieveCrmTicketRequest ticketRequest = new RetrieveCrmTicketRequest();
ticketRequest.OrganizationName = orgInfo.OrganizationName;
ticketRequest.UserId = domain + "\\" + username;
ticketRequest.Password = password;
RetrieveCrmTicketResponse ticketResponse =
(RetrieveCrmTicketResponse)disco.Execute(ticketRequest);
As paramosh was saying, try setting the credentials on the discovery service too:
discoveryService.Credentials = new System.Net.NetworkCredential("izz", "password", "bnet");

Where to get the credentials to use for Authentication.asmx?

For one of our FBA enabled SharePoint site, we need to access various web services. I know that we need to invoke Authentication.asmx before we make any other SP web service call.
How do I get the currently logged in user's username & password to pass to the Authentication.asmx service?
Thanks.
Update: I tried Marek's solution with a known username and password and got a 401 for Authentication.asmx. So probably some settings are off. The admin is looking into it.
MembershipUser user = Membership.GetUser();
string username = user.UserName;
string password = user.GetPassword();
Authentication auth = new Authentication();
auth.CookieContainer = new CookieContainer();
LoginResult result = auth.Login(username, password);
if (result.ErrorCode == LoginErrorCode.NoError)
{
CookieCollection cookies = auth.CookieContainer.GetCookies(new Uri(auth.Url));
Cookie authCookie = cookies[result.CookieName];
Lists lists = new Lists();
lists.CookieContainer = new CookieContainer();
lists.CookieContainer.Add(authCookie);
lists.GetListCollection();
}
However, depending on the settings of the membership provider (is password stored in plain text, encrypted or hashed? is it required to pass the security answer to get the password?) retrieving the password may be more difficult or even impossible and you will need to ask the user for it.