I am trying to create a single-sign on connection to a System i server using the example published in IBM's iSeries Telnet Enhancements RFC 4777 within a client telnet app written in C++.
The code sample given calls AcquireCredentialsHandle and then a call to InitializeSecurityContext. The call to InitializeSecurityContext returns an error of SEC_E_TARGET_UNKNOWN, presumably because it does not understand the target name I am passing.
The RFC 4777 says this target name should be a string with kbsrv400 then my server name fully qualified in lower case. I interpretted this as "krbsrv400/iseries.domain.com". I've tried a variety of combinations here but can't get anything to work and not yet found any other code samples that use the MS SSPI API to connect to IBM System i.
I know the Kerberos setup on the System i and domain is working OK as IBM's own iSeries Access is able to login OK and perform a telnet 5250 signon using kerberos.
I am running on Windows 7 signed into a domain. The domain is setup under Active Directory in Windows 2008. I'm using MS Visual Studio 2005 to build my telnet app. The System i server OS is V6R1.
Has anyone got this sample code working?
Any advice on what the format of the target name should be when using it to talk to System i?
Thanks!
Additional info: 9/8/2011
Have got this working OK under Windows XP client with a Windows 2003 managed Domain.
There were two errors in the RFC:
1) It said to use a name of "krbsrv400/spi name" but looking at the ticket in kerbtray that was generated when I logged in using iSeries Access, I saw the actual format was "krbsvr400/spi name".
2) The RFC said to pad the ticket length sent to the system i but when I used Wireshark to look at the IBM iSeries access telnet, I found they did not pad it.
Changing the above got single-signon working OK in my app on Windows XP. I am still experiencing problems on Windows 7.
This is a different domain (managed by the company, and on Windows 2008 and Windows 2003 servers across the world) and with a different iSeries.
Strangely, I can use Kerberos login in System i Access OK, but when I look in kerbtray I do not see a kerbsvr400/... ticket for the system i machine like I do on Windows XP. My app does not work and fails with a SEC_E_TARGET_UNKNOWN error.
Related
I found this article at SO that tells how to enable/disable a network adpter using the SetupAPI. This works fine so far. The problem is that I could not find a way to get the device index for network connections (adapters) that have been disabled in Windows XP.
I have:
The list of GUIDs (from HKLM\SOFTWARE\Microsoft\Windows NT\Netcards)
Everything from Win32_NetworkAadapter that is supported in Windows XP
I tried without success:
GetIfTable() - disabled adapters are not present in the table
Win32_NetworkAdapter::InterfaceIndex is not supported in XP
Win32_NetworkAdapter::Enable()/Disable() is not supported in XP
What else can I do to obtain the device index or to get a disabled network adapter re-eabled again?
Based on my experience building my Network Connection Guard tool the easiest way to do this is with the netsh command, not APIs. My example is C# so I used System.Diagnostics.Process but in your case I believe you could use ShellExecute().
Also see this answer on SO Programmatically disable/enable network interface
I've been looking through the poco samples and documentation, but I couldn't find out how to use poco's websockets and SSL combined. I successfully connected a non-SSL websocket (based on the WebSocket class) to a server (the echoserver sample from Qt5.4, running on Ubuntu), but how to add SSL to the client eludes me. Poco's NetSSL_OpenSSL samples aren't all that helpful, because I don't need to know how to download, tweet, mail or write a time server. Also the latter is the only one that uses "SecureStreamSocket" objects at all (which is probably the class I need). But that sample just accesses the socket from the request object, it doesn't show how to create and configure one properly.
I just want an SSL websocket client to send and receive some simple messages, like "Hello World". Can anyone help me please?
I use Windows 7 64 Bit for the client's OS and Ubuntu 64 Bit on VirtualBox for the server's OS, but the server side is no problem. My poco version is 1.6.0 and I compiled it with Visual Studio 2013 Express. Also I use OpenSSL 1.0.1j.
Cheers
Alex
Look at WebSocket testcase. Use HTTPSClientSession (instead of HTTPClientSession).
I'm trying to install a legacy VB6 client on a Windows 7 (64-bit) machine that can talk to a DCOM server written in Visual C++. I know I need to run CLIREG32 and pass it the .VBR file as a parameter. I'm trying it like this:
clireg32 myvbrfilehere.vbr -s <ip address> -d -l
It seems to run without a hitch, but I think I should be able to search the registry and see the IP address i entered as a parameter. So something tells me I'm missing something during this command. (I've also tried adding -t mytypelibrary.tlb but that doesn't help either)
Any thoughts on using this ancient technology? I'm not in a position to rebuild everything right now. I'm starting to get desperate...
Thanks
There is at least limited information in Microsoft article Q155939.
(Archived copy.)
Paraphrasing the useful parts:
Q155939: HOWTO: Use Clireg32.exe for Remote Automation
Article: Q155939
Last Modified: 31-JUL-1999
-------------------------------------------------------------------------------
The information in this article applies to:
- Microsoft Visual FoxPro for Windows, versions 5.0, 6.0
-------------------------------------------------------------------------------
SUMMARY
=======
This article provides an explanation of Clireg32.exe and how it is used for
remote automation.
MORE INFORMATION
================
The Clireg32.exe component allows you to register an OLE server (.exe) remotely.
It differs from the Remote Automation Connection Manager (RacMan) in that the
server does not need to be located on the machine registering it. The Setup
Wizard handles the maintenance of registering remote servers for you.
NOTE: Remote servers and Clireg files are stored in the \Windows\Olesrv\
directory, which is similar to Visual Basic if it is installed via the Setup
Wizard.
The Clireg32.exe program takes a number of parameters. The only required one is
the name of the .vbr file (generated with the server during build):
Clireg32 myexesvr.vbr
In order to fully register a remote server, you must provide the network name,
network protocol, and security access. Clireg32 prompts you with a dialog box if
these options are not passed. For a list of all the parameters, simply execute
Clireg32.exe by itself.
Copyright Microsoft Corporation 1986-2002.
I am getting an EOSError code 5 - Access Denied when the
TServiceApplication attempts to register the service with the
ServiceManager.
I am using XE2 Win7 64 bit. The error occurs for both 32 and 64 bit
targets.
I have a datamodule that uses ADO to connect to a database, and the web
services server code. All the code is used in a WinUI project which
works. I also have an untested ISAPI DLL based on the same core code.
This is the first time I have tried incorporating a Web Services Server
into an NT Service.
I have traced the VCL code that produces the error at line 1027 of
Vcl.SvcMgr but I don't know why I am getting the Access Denied error. I
have written other NT Services that connect to the database through ADO
and have not encountered such an error (although written with XE).
Any pointers would be appreciated.
You are likely encountering a UAC permissions issue that expects you to run the service install process in an elevated state, such as from a cmd.exe instance that was launched via the "Run as administrator" option, but you are not actually doing so. If you are having this problem with only some services and not others, then the affected services likely do not contain a UAC manifest but contain characteristics that are triggering UAC's Installer Detection feature, typically (but not restricted to) having reserved keywords in your service's filename or version resource.
I have installed Adobe ColdFusion builder 2 and was able to set it up, using this tutorial
http://www.adobe.com/devnet/coldfusion/articles/setup_dev.html
After I restarted my computer (for some updates to take effect), I am unable start the server I added using ColdFusion Builder (cfserver). I get the following error -
'starting cfusion' has encountered a problem
Ensure that the server is not already running, or another application is not using the WebServer port.
Does anyone know what to do about this? I am completely lost
EDIT: This is the error the console prints out
[cfusion]:07/13 12:50:14 Error [Thread-13] - Platform, Locale, and Platform Name must not be null
If you are using Vista or Windows 7 I used to have a problem with trying to start the ColdFusion server unless I launched CFB with Administrator privileges and ran it in XP Compatability mode.