When the application is executed with run as administrator it fails to find files on a mapped network drive using FindFirstFile. If the executable is run without run as administrator is works. The user is a local administrator on the PC. When FindFirstFile fails the error is 3, ERROR_PATH_NOT_FOUND. Is running as an administrator changing access rights or my access to the mapped drive?
I'm testing on a Windows 10 PC with a domain user that is a local administrator. Application was built using VS 2010 on the Windows 10 PC. Application is a native c++ app. I've turned off the firewall, still fails. Turned off Windows Defender, still fails. Recreated share and mapping, still fails. Ideas?
Network drives are mapped per-user. If you map a drive as your user, but run your application as Administrator, the network drive won't be mapped from the application's perspective. To get around this, you can map the drive as Administrator by opening an admin command prompt (right-click cmd -> run as Administrator) and run net use F: \\path\to\my\share.
Related
I'm working on a legacy project that is basically 2 windows PCs on a local network.
PC 1 is running a C++ application that as part of it's start up calls
RegConnectRegistry(l_oAddr, HKEY_LOCAL_MACHINE, &l_hRemoteBaseKey);
On PC2
https://learn.microsoft.com/en-us/windows/win32/api/winreg/nf-winreg-regconnectregistrya
All 3 pcs are using strictly local accounts with admin privileges locally. PC1 is able to make that call successfully to PC2.
I've got PC3 that I'm trying to set up as an Impostor PC1, basically running the same application, with the same static IP on that network. PC3 gets plugged in, PC1 is removed. When I run the code on PC3, I get a Permission denied error.
The PC2 registry permissions for HKEY_LOCAL_MACHINE do not allow anything other than local admins to edit it. allowing all users full control of that key and it's children, also does not work. I'm certain the PCs all talk to each other just fine and no firewall is running on PC2.
Any thoughts on what permissions I am missing?
So, as it turns out, if both PCs have the same user name and password. even if those are local to each pc, this will work fine and PC3 Will have access to PC2s registry.
I have a web application on one of the client's machines (a virtual machine running Windows Server 2012R2). The application uses Azure Storage. For testing purposes it was decided to use an Azure Storage Emulator.
My problem is that, when I log out of the remote machine the storage emulator stops. How do I keep the Azure Storage Emulator running even if no user is logged in?
CristisS#, There are two possible solutions i could think off based on your scenario, the first one is to configure the emulator to be part of the startup programs, meaning, if the VM restarts, the application will automatically launch,all you have to do is add the emulator icon to the startup directory:
1- Enable viewing hidden files and folders
2 Navigate to: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Paste the Emulator icon there.
Another solution is by configuring autologon and linking the application to a specific user to allow the emulator to connect automatically: https://learn.microsoft.com/en-us/sysinternals/downloads/autologon
Autologon enables you to easily configure Windows’ built-in autologon mechanism. Instead of waiting for a user to enter their name and password, Windows uses the credentials you enter with Autologon, which are encrypted in the Registry, to log on the specified user automatically.
Autologon is easy enough to use. Just run autologon.exe, fill in the dialog, and hit Enable. To turn off auto-logon, hit Disable. Also, if the shift key is held down before the system performs an autologon, the autologon will be disabled for that logon. You can also pass the username, domain and password as command-line arguments:
autologon user domain password
I am running a Dotnet 3.5 executable in Windows 7 Ent, as a GPO computer startup script in a domain. The script resides on a network share. The exe is run as Local System. The exe runs correctly.
I would like to access a web Service in this exe, but it appears that the Local System does not have access to network resources per documentation. However if the same exe is copied to the C Drive and run from there under the same account and same conditions (i.e. GPO startup script) then the Web Service can be accessed.
How is it that the Local System has access to the web service when running from C: drive, but not from the Network Share? Is there anything that can be done to make it work from the network share, without first being copied to the local drive? is Local System same as SYSTEM and same as NTAuthority\system?
I have tried the following so far to make it work. None of these work:
Impersonate a domain user in code.
Give Full Trust to all zones in .Net Security Configuration
Add the network share to Trusted Sites in IE.
Use the netbios name instead of the fully qualified name of the fileserver, i.e. \server\share, rather than \server.domain.com\share
The following things I cannot do to fix this problem:
Change the logon account of the Group Policy Client service to a domain user
Run the exe as logon script. It has to be startup script.
To reproduce this problem I do the following:
Create an simple exe with some network function, i.e. WebClient.DownloadString("http://www.google.com")
Deploy exe to a network share
Run as normal user to show there is no error
Run whoami to show the current user
run psexec -s -i cmd.exe
Cmd will start as SYSTEM (Local System or NT Authority\System)
Run whoami to show the current user
Run exe from network share to show it will fail to download the page.
Copy the exe to C Drive.
Run exe to show the page is downloaded.
Context
I am migrating an installer for an ActiveX control from Per-Machine to Per-User. I did this by programming the installer write to HKCU\Software\Classes instead of HKLM\Software\Classes.
Problem
On my machine (Windows 7 with UAC Enabled), the ActiveX control successfully loads. On the other windows 7 test machines (one with UAC enabled, one with UAC disabled), the control 'partially' loads.
What is Partially?
When a user visits a page with the ActiveX control, Internet Explorer displays a warning message in a yellow bar on the top of the window. If you click the 'Run add-on' button in the bar, the control becomes visible and begins to run, but Javascript code that tries to access properties of the control return the error:
Library not registered.
Differences between machines
On the dev machine reads from HKCR\CLSID\<GUID> succeed while on the test machines these reads fail. Reads from HKCU succeed on both dev and test machines. Reads from HKLM fail on both test and dev machines. (I collected reads using Sysinternals Process Monitor) Strangely, the keys that Internet Explorer fails to read are clearly visible if I use regedit to view HKCR\CLSID\<GUID> on the test machines.
Question
What can I do to get the per-user control to load on the test machines? What could cause this difference between the dev machine and the test machines? Why can I see the key in HKCR with RegEdit but Internet Explorer cannot see the key?
Any help is appreciated. Thank you.
Is it not possible to remotely manage XP sp2 PC from another XP sp3 computer using WMI where both of PC are in a work group? I have run wmimgmt.msc right click WMI control the connect to another PC. I have also used WMI Tools which I downloaded. I have Administrative account on the remote computer. I tried everything I found on the net
including:
Remote enabled WMI on the remote computer
It must not be firewall issue as I tried everything including disabling it ( the firewall).
Gave my account all permissions to the root and root\CIMV2 names paces on the remote computer
Created the same administrative account( Same user name and password) on local computer (not remote) as suggested by some people on the net.
and others
But I keep getting error like
Access denied
The RPC server is not available
I set up security event log on the remote computer and I got the clue that the account requesting is not my account . This way I guess that it not possible to manage my PC this way but I should set up my network so that both PC's are in the same domain. But I don't want this to happen now.
Is my guess right? If not what is wrong with me?. I am a newbie in this area.
Sorry everybody. I answer the question my self.
It is possible. The problem I was having was not creating the accounts correctly