Need to query a specific key in the HKLM hive for security permissions. We do not want to change the permissions, just log them to a file. To start I would be satisfied with using WriteLine or a msgbox to display the permissions on the key. I'm new to VB.net. I can't find an example of querying keys only adding them, modifying permissions. Can RegistryRights.FullControl be used to return True or False? If so, can someone provide a link online that has a good example?
I have searched for hours online and have tried to modify the examples here to only perform a query on a key, but I cannot create a query on registry key permissions. https://learn.microsoft.com/en-us/dotnet/api/system.security.accesscontrol.registryrights?view=netframework-4.8
Here is a sample of code to attempt permission changes. But we want to query, not change permissions.
' Prevent the current user from writing or changing the
' permission set of the key. Note that if Delete permission
' were not allowed in the previous access rule, denying
' WriteKey permission would prevent the user from deleting the
' key.
rs.AddAccessRule(New RegistryAccessRule(user,
RegistryRights.WriteKey Or RegistryRights.ChangePermissions,
InheritanceFlags.None, PropagationFlags.None, AccessControlType.Deny))
Expected output would be something like this where the field is True or false or 983103 or some other value:
Console.WriteLine("Regkey rights on HKLM\Software\wow6432node\somekey\ " & RegistryRights.FullControl)
In case someone is trying to do the same thing, I found this Sysinternals Application that does exactly what we need to do.
https://learn.microsoft.com/en-us/sysinternals/downloads/accesschk
We'll include it with our app and call it.
Sample command we'll be using
accesschk.exe -k users hklm\software\wow6432node\somekeyhere
Related
In my VB.NET project I want to save and get a registry value in "HKEY_LOCAL_MACHINE\Software" but I am only able to save and get it in "HKEY_LOCAL_MACHINE" but not software.
Here is my code:
For setting the value
My.Computer.Registry.LocalMachine.SetValue("Study", "1")
For getting the value
Dim RegistryCheck As String = My.Computer.Registry.LocalMachine.GetValue("Study")
You have to verify if you have the permission to write (and also read) from HKEY_LOCAL_MACHINE. If you can't get the required permissions (which is quite possible), opt for HKEY_CURRENT_USER (My.Computer.Registry.CurrentUser). Anyway, you have to specify what kind of permissions you're requiring: Read/ReadWrite. See the overloads of the OpenSubKey() method. Two of them let's you specify these requirements. If/When you are granted the permission, create the subkey (CreateSubKey()) and then set a key value inside it (with SetValue()), specifying a value type with RegistryValueKind.
I'm working in a legacy app for the moment, upgrading Access 2003 to link to SQL Server tables (2008 R2 or later). With tables linked by code, I can insert, but not update or delete. I've tried everything on the web, no dice. Details below.
Being terse so not tl;dr.
Tables first created using upsizing wizard. In use, app has to connect to different ones in same schema, so can't just set and forget. Can't do local DSN's, many installs, though DSN file is possible. But problems there too, DSN not found. Details later.
Before the rest: Soon I'm further updating this app to Access 2016 or so. If this is different enough / easier there, I'll wait a few days. Maybe someone could suggest the best refsite for that.
* problem details follow *
Using a DSN and the UI to link a table, I get an editable table. Hurray.
But when I use the code below (found on every refsite), link is made but only selecting and inserting work. Everything else fails fails fails, no matter what.
Public Function LinkToSqlTable(sqlInstance As String, sqlDb As String,
sqlTableName As String, localTableName As String)
Dim linked As New TableDef
' ***factored-out functionality, known to work: reader can ignore*** '
DeleteTable localTableName
' connection-string steps, placeholders replaced by args '
Dim sCnx As String
sCnx = "ODBC;Driver=SQL Server;Server=_instance_;" & _
"Database=_db_;Integrated Security=SSPI"
sCnx = Replace(sCnx, "_instance_", sqlInstance)
sCnx = Replace(sCnx, "_db_", sqlDb)
' linked-table steps '
Set linked = CurrentDb.CreateTableDef(localTableName)
linked.Connect = sCnx
linked.SourceTableName = sqlTableName
CurrentDb.TableDefs.Append linked
' ui '
RefreshDatabaseWindow
End Function
* ID column or permissions? *
I thought the problem was lack of identity column originally, I added one, but no change. At least now I have a PK field like I should. ;-)
When I manually link table, UI demands to know the ID column. So could it still be it? Fine, but how do I set that in code? Searches revealed nothing.
I assume then it's permissions as sites etc. say. I also took all the steps I could think of to fix that. No dice.
* things I've tried *
Aside from the ID-column stuff I said before, these things (not in order):
Since DSN saved as a file, tried using it as exampled, in cnx string. Fail.
Used DSN contents, carefully winnowed & translated, in cnx string. Fail.
Used connection string from the table that I had connected manually with DSN. Fail.
Changed driver in cnx string across all major options, even omitted it. Fail.
Changed security in cnx to Integrated Security=SSPI and other options, and omitted entirely. Fail.
I added my actual local user as exampled, with and without password. Fail.
(Previous few options tried across earlier options, though not 100% coverage.)
In SQL Server, using SSMS, I tried security power:
Added SQS-authentication login to the instance
Matching user to the default db seen here
Gave that login-user read and write permissions in db here (plus others, sometimes)
Added matching id & pw to the cnx string. Fail.
I tried setting up this db in SQS to have let-everyone-do-everything "security" temporarily. Fail.
This, that, and the other thing. Everything fail!!
So a permissions issue? Some way to use DSN file after all? Mismatched permission settings in my cnx string? Boneheaded oversight? Something else that I've missed? I'm pretty good at both SQL Server and Access, but only at a basic level in their security stuff and connection strings are the devil.
* retrieved table properties *
Just in case they help, I retrieved these (after objects added to TableDefs collection).
** This one, done in UI and with DSN and this-is-ID-field, worked with editing: **
Name = dbo_tblSendTo
Updatable = False
DateCreated = 4/19/2016 11:11:40 AM
LastUpdated = 4/19/2016 11:11:42 AM
Connect = ODBC;Description=SQL Server tables for TeleSales 5;DRIVER=SQL Server Native Client 10.0;SERVER=(local)\sqlexpress;Trusted_Connection=Yes;APP=Microsoft Office 2003;WSID=CMSERVER;DATABASE=TS5_General;
Attributes = 536870912
SourceTableName = dbo.tblSendTo
RecordCount = -1
ValidationRule =
ValidationText =
ConflictTable =
ReplicaFilter =
** And this one, from table linked via code, didn't: **
Name = tblSendTo
Updatable = False
DateCreated = 4/19/2016 11:17:51 AM
LastUpdated = 4/19/2016 11:17:51 AM
Connect = ODBC;Description=SQL Server tables for TeleSales 5;DRIVER=SQL Server Native Client
> 10.0;SERVER=(local)\sqlexpress;Trusted_Connection=Yes;APP=Microsoft Office 2003;WSID=CMSERVER;DATABASE=TS5_General;
Attributes = 536870912
SourceTableName = dbo.tblSendTo
RecordCount = -1
ValidationRule =
ValidationText =
ConflictTable =
ReplicaFilter =
* my plea *
So..... Please someone help me out. I don't like feeling stupid like this, and regrettably I need to do this instead of replacing it with .NET code or similar.
Thanks, anyone who can...
Ed.
Alas, I am able to answer my own question.
edited a little since first posted in reply to HansUp's comments
I had added an identity column to the table that I couldn't edit. However, I had not set it up as a primary key. It turns out that using identity doesn't make something a primary key automatically.
But the latter, making it primary key using either of the 2 possible DDL syntaxes, is crucial. Since I thought I had dealt with the no edits without unique key problem, I focused on permissions.
All of the permissions things here, then, are just a sideshow.
The upshot of this is to be sure to add an identity column and make it a primary key if for some reason your original table schema didn't have that.
If I have the time, I will be trimming the question to reflect what I've discovered.
I am trying to create a document in Reservation form using Domino Data Service(REST api), response is showing document is created but when i am trying to access that reservation(xyz's) using Notes client it is not showing up.
URL : http://server/Conf.nsf/api/data/documents?form=Reservation
Payload: {
"#authors":
["server",""
],
"#form":"Reservation",
"From":"xyz",
"AltFrom":"xyz",
"Chair":"xyz",
"AltChair":"xyz",
"Principal":"xyz",
"SequenceNum":1,
"ORGState":"5",
"ResourceType":"1",
"ResourceName":"BELLA VISTA/Building15",
"Room":"BELLA VISTA/Building15",
"Capacity":2,
"_ViewIcon":133,
"AppointmentType":"3",
"StartTimeZone":"Z=-3005$DO=0$ZN=India",
"EndTimeZone":"Z=-3005$DO=0$ZN=India",
"Topic":"Test Meeting",
"SendTo":"CN=BELLA VISTA/O=Building15",
"Encrypt":"0",
"Categories":"",
"RouteServers":"server",
"StartDate":"2015-03-28T06:30:00Z",
"StartTime":"2015-03-28T07:30:00Z",
"StartDateTime":"2015-03-28T06:30:00Z",
"EndDate":"2015-03-28T07:30:00Z",
"EndTime":"2015-03-28T07:30:00Z",
"EndDateTime":"2015-03-28T07:30:00Z",
"UpdateSeq":1,
"Author":"xyz",
"ResourceOwner":"",
"ReservedFor":"xyz",
"ReservedBy":"xyz",
"RQStatus":"A",
"Purpose":"Test from REST",
"NoticeType":"A",
"Step":3,
"Site":"Building15",
"ReserveDate":"2015-03-28T06:30:00Z"
}
If you're successfully creating the document but unable to see it, that suggests that you have a problem with a Reader Names or Author Names field that is denying you access to the document.
Do you have Manager access to the conf.nsf database, and Full Access Administrator rights on the server? If so, activate your full access rights via Domino Administrator, before opening conf.nsf and see if you can find your document, then check the document properties and examine all fields with SUMMARY READ-ACCESS NAMES or SUMMARY READ/WRITE-ACCESS NAMES types to determine what you've put there. Compare to manually created documents to see what should be there.
(If you lack the necessary permissions for this, either work with an administrator who has the rights, or set up a test server as AFAIK, there's no way to test the Domino Data Service with a local replica.)
I hope someone can help. I'm trying to build a subroutine to launch SAS from VBA. I've been doing so with SAS Workspace Manager. As I'm strolling pretty far from my comfort zone I've followed mostly what I found in these two sources. Here's what I came up with so far in VBA:
Public Sub SubmitSasProg(usrid As String, passid As String, path As String, sasprog As String, varinput As String, Optional logreturn)
Dim obWsMgr As New SASWorkspaceManager.WorkspaceManager
Dim obSAS As SAS.Workspace
Dim xmlInfo As String
Set obSAS = obWsMgr.Workspaces.CreateWorkspaceByServer("Local", VisibilityProcess, Nothing, usrid, passid, xmlInfo)
Dim obStoredProcessService As SAS.StoredProcessService
Set obStoredProcessService = obSAS.LanguageService.StoredProcessService
obStoredProcessService.Repository = "file:" & path
obStoredProcessService.Execute sasprog, varinput
If IsMissing(logreturn) Then logreturn = 100000
MsgBox obSAS.LanguageService.FlushLog(logreturn)
End Sub
And I have myself a little SAS program, let's call it "Test.sas":
%let loopTimes=3;
*ProcessBody;
data a;
do x= 1 to &loopTimes;
y=x*x*x;
output;
end;
run;
Now this line will work juste fine:
Call SubmitSasProg("myuserid", "mypassword", "somepath", "Test", "loopTimes=10")
But whenever I try to execute a SAS proceedure that modifies files/libnames etc. I'll get a either a "Invalid operation for this SAS session" or "User does not have access".
Please note that I'm using SAS locally, not on a server.
So I'm guessing that I'm not correctly logged in with my SAS worksession and lack permission. I thought that the userId and password parameters in CreateWorkspaceByServer are supposed to log me in.
So my question would be how to succesfully start the SAS session with my credentials on my local computer and have all the normal access I'd have by opening the windowed environement.
Just to clarify, this SAS process would work fine in the windowed environement:
Data _NULL_;
*x del C:\WINDOWS;
x mkdir C:\Users\Myname\Desktop\NewFolder;
run;
But it would fail with an "Invalid operation for this SAS session" code if started from VBA.
Something similar happens if I try to write SAS datasets.
I've been looking for some time now but most threads are about SAS server sessions.
Any help would be appreciated.
Well, it looks like most of my problems stem from the fact that I'm not an admin on my system.
I have managed to write datasets with the above technique given that I have write privileges on the directory with my account (duuh). Allas, the x command is stubborn and won't work lest I get myself an admin account. So, two choices to «solve» this problem:
1. Get administrator privileges.
or
2. Forget the workspace manager. Use OleObjects.
While less elegant and perhaps more time consuming upon execution (not tested) OleObject will let me use SAS to its full extent. Here is the VBA code:
Dim OleSAS As Object
Set OleSAS = CreateObject("SAS.Application")
OleSAS.Visible = True
OleSAS.Top = 1
OleSAS.Title = "Automation Server"
OleSAS.Wait = True
OleSAS.Submit(yourSAScode)
OleSAS.Quit
Set OleSAS = Nothing
If you want to run a specific process and change some macro variables as with *ProcessBody; just do OleSAS.Submit("%let "& variable_name & "=" & "yourValue") and OleSAS.Submit("%include" & your_program).
Anyway, I'm pretty sad of loosing the Log report return that I had with the Worspace Manager, it was really great for fast debugging.
Hope this was usefull.
I know that previously I've had experienced issues with SAS/Intrnet not having the required security policies setup. I can't guarantee that this will fix it, but it's somewhere to start looking:
Control Panel->Administrative Tools->Local Security Policy
Security Settings->Local Policies->User Rights Assignments->Log on as a batch job
Make sure that the account that SAS will be using to run the jobs has this right.
Also, are you saying that your test.sas program fails because it tries to write a dataset?
Also, you may be experiencing some of the same issues I've had here:
Using SAS and mkdir to create a directory structure in windows
I am trying to add a registry key in to the file "MyApp" which doesn't yet exist in the registry key directory, when I try and write this key however I get an error from the debug console telling me the "NullReference was unhanded". If I go and manually make this folder it works brilliantly, so can anyone help me as I thought that this code would make the folder as well? If you could show me what code needs to also be there I would be very grateful!
The code I am using is:
My.Computer.Registry.LocalMachine.OpenSubKey("SOFTWARE\MyApp", True).SetValue("AppName", "SerialKey")
OpenSubKey("SOFTWARE\MyApp", True) will open the key for write access only if it already exists. If the key doesn't exist, it will return null. Since you are blindly calling SetValue on a null reference, you will get the null reference exception.
The simplest solution to your requirement is to call CreateSubKey("SOFTWARE\MyApp") instead. This does exactly what you want, i.e. creates a new subkey or opens the existing subkey for write access.
adding and editing LocalMachine registry key needs administrator privilege in win 7, may be you are getting the error because of this