So right now I am trying to see the information that comes out of the following command in to command prompt (cmd):
netsh advfirewall firewall show rule name="TestFirewallUpdateSettings" profile=any
The output I get is:
Rule Name: TestFirewallUpdateSettings
----------------------------------------------------------------------
Enabled: Yes Direction:
In Profiles: Domain,Private,Public
Grouping: LocalIP: Any RemoteIP:
Any Protocol: Any Edge traversal:
No Action: Allow
What I want is to just read the In Profiles section using vb.net and wondering if there is a API that will do what I am asking for?
Yes, there is. You could go and create your own interop assembly in order to access the objects - INetFwPolicy2 in particular - in the system's COM based FirewallApi.dll. Check this SO thread for details. I did this in the past (Windows 7) and it worked like a charm.
Also, there is a WMI name space - ROOT\SecurityCenter2 - which is supposed to provide info about firewall amongst other things. However it wasn't well documented and I failed to enumerate it through C# although I can see it through various WMI browser tools.
You can also check the new Microsoft.TeamFoundation.Build.Common.INetFwPolicy2. It seems to do the same job as the manually created interop assembly.
Related
I am currently using 'connmanctl config' to set static and DHCP settings with a wired connection. I'm curious if anyone has been successful with applying settings with the wire unplugged?
I would typically use 'connmanctl services' for a list of services then perform a string.match(blah, "ethernet_%w+_cable") to use that wired service name. I have been able to find and apply that service name with the ethernet cable unplugged BUT now when using 'connmanctl config':
connmanctl config ethernet_f8dc7a04ea82_cable --ipv4 manual 192.168.91.108 255.255.255.0 192.168.91.1 --nameservers 8.8.8.8
I get this error:
Error ethernet_f8dc7a04ea82_cable: Method "SetProperty" with signature "sv" on interface "net.connman.Service" doesn't exist
As you can see I have the service applied to the command and this is the same service name as when the cable is plugged in. This feature would be nice for equipment that needs to be pre-programmed before reaching the customer. I have also researched this error but can't find it being an issue with others the same as it is with my situation. Have also read many blogs, articles, etc...on trying to achieve this with nothing that jumps out at me.
...Any ideas ?
I had to perform this action via back-end with the code that I am using to configure. Just an example...settings are applied to /var/lib/connman/ethernet_?????cable/settings. I created the adapter name with the MAC address because it does not exist until the network is detected, created the directory /ethernet?????_cable then created an empty settings file on the fly. When programming and saving the settings via the equipment I am using I just insert the settings manually. When a network cable is plugged in and detected the settings you have applied work wonderfully.
I have written the script that accesses the local HTML file and does some job.
^+A::
;Convert HTML TO ASCIIDOC
Send ^c
copied := Clipboard
sleep 30
local := "file:///C:/Users/emre/Desktop/Tools/Note%20Taking%20Tools/Asciidoc%20Tools/HtmlToAsciidoc-master/to-asciidoc.html"
sleep 100
(pwb5 := ComObjCreate("InternetExplorer.Application")).Visible:=False
pwb5.navigate(local)
while pwb5.busy
sleep 15
WinActivate,ahk_class IEFrame
ControlFocus,ahk_class IEFrame
Send, !n
Send, {Enter}
pwb5.document.getElementByID("source").value=copied
pwb5.document.getElementByID("conversion-button").Click()
Sleep 3000
Clipboard=pwb5.document.getElementByID("target").value
Return
When I run this script I get following error:
I have done some research and try following things but neither of these work.Any advice appreciated.
Check 1
I have checked DCOM Server Process Launcher, Remote Procedure Call (RPC) and RPC Endpoint Mapper from services.msc.All their status is Running and their startup is set to Automatic.
Check 2
I have also checked "Remote Assistance" from Firewall
Check 3
I have also checked that "File and Printer Sharing for Microsoft Networks" and "Internet Protocol Version 6 (TCP/IPv6)" are enabled
Check 4
I have also checked "to switch the NIC from the default "NAT" to "Bridged Adapter" from Virtualbox settings.
MAYBE this will help. My issue sounds similar to yours. In my case, I have a vb.net program, part of which does something to the effect of the following:
Function LoadWebPage(i_IE As SHDocVw.InternetExplorer, i_URL As String) As Boolean
i_IE.navigate (i_URL)
Debug.Print (i_IE.ReadyState)
End Function
The navigate method ran fine. But once it got to the point of returning the ReadyState property, I was getting the "RPC Server is unavailable" error. This was only happening on one of the three machines I was using. On the machine with the problem, I ran through the steps (which I saw listed in many other sites as well) you mentioned in your question, with no improvement. But then I came across a suggestion to adjust the "Internet Explorer Options-->Settings-->Security-->Enable Protected Mode". Actually the site that helped me said to make sure that they are checked for all of the zones (i.e., Internet, Local intranet, Trusted sites, Restricted sites). Actually it was unchecking them all that resolved my issue. I went back to one of the other two machines (one of those where the script was running without error), and indeed, they were unchecked on that machine (not sure yet about the 3rd machine).
Fix for RPC Server Error when occuring with attempt at Internet Explorer Automation
In case that post doesn't outlast this response, their stated reason for this issue:
"The basic gist of it is when you cross a security domain (http to
https) the sandboxing system actually creates a new IE COM
object...The basic solution is to set all of the security modes in the
Security tab of Internet Settings to 'protected mode enabled'(sic) to
avoid losing COM objects."
Again, I think that may have been a typo on their part and that they meant that the boxes should be unchecked.
I'm trying to call Apache ActiveMQ NMS Version 1.6.0 from my code ('IntPub') that must run in a sandbox in a .NET 4.0 environment for security reasons. The program that creates the sandbox makes my code 'partially trusted' and therefore 'security-transparent' which seems to mean that it can't create a ConnectionFactory (see error log below) because NMS seems to be 'security-critical'. Here's the code that's causing this error:
connecturi = new Uri("tcp://my.server.com:61616");
var connectionFactory = new ConnectionFactory(connecturi);
I also tried this instead with similar results:
connecturi = new Uri("activemq:tcp://my.server.com:61616");
var connectionFactory = NMSConnectionFactory.CreateConnectionFactory(connecturi);
Since I can't change the security level of my assembly (the sandbox prevents it) is there a way to make NMS run as 'safe-critical' so it can be called by 'security-transparent' code? Would I have to recompile it to do so, or does NMS do some operation that would never be considered 'safe-critical?
I appreciate any help or suggestions...
Assembly 'IntPub, Version=1.0.0.0, Culture=neutral, PublicKeyToken=6fa620743b8dc60a' is partially trusted, which causes the CLR to make it entirely security transparent regardless of any transparency annotations in the assembly itself. In order to access security critical code, this assembly must be fully trusted.Detail:
<OrganizationServiceFault xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/xrm/2011/Contracts">
<ErrorCode>-2147220956</ErrorCode>
<ErrorDetails xmlns:d2p1="http://schemas.datacontract.org/2004/07/System.Collections.Generic" />
<Message>Unexpected exception from plug-in (Execute): Test.Client: System.MethodAccessException: Attempt by security transparent method 'Test.Client.Execute(System.IServiceProvider)' to access security critical method 'Apache.NMS.ActiveMQ.ConnectionFactory..ctor(System.Uri)' failed.
From the error message attributes, it looks like you're running a Dynamics CRM 2011 plugin in sandbox mode, which has some very specific rules about what you can and can't do. In particular, you're only allowed to make network connections via HTTP and HTTPS, so attempting raw TCP sockets will definitely fail.
Take a look at this MSDN page on Plug-in Isolation, Trusts, and Statistics. It looks like there may be a way to relax the network restrictions by modifying a system registry entry to include tcp, etc, in the regex value. Below is an excerpt from the page. Note: I have not done this myself, so can't say for sure it'll work.
Sandboxed plug-ins and custom workflow activities can access the
network through the HTTP and HTTPS protocols. This capability provides
support for accessing popular web resources like social sites, news
feeds, web services, and more. The following web access restrictions
apply to this sandbox capability.
Only the HTTP and HTTPS protocols are allowed.
Access to localhost (loopback) is not permitted.
IP addresses cannot be used. You must use a named web address that requires DNS name resolution.
Anonymous authentication is supported and recommended. There is no provision for prompting the logged on user for credentials or saving those credentials.
These default web access restrictions are defined in a registry key on
the server that is running the Microsoft.Crm.Sandbox.HostService.exe
process. The value of the registry key can be changed by the System
Administrator according to business and security needs. The registry
key path on the server is:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSCRM\SandboxWorkerOutboundUriPattern
The key value is a regular expression string that defines the web access restrictions.
The default key value is:
"^http[s]?://(?!((localhost[:/])|([.])|([0-9]+[:/])|(0x[0-9a-f]+[:/])|(((([0-9]+)|(0x[0-9A-F]+)).){3}(([0-9]+)|(0x[0-9A-F]+))[:/]))).+";*
By changing this registry key value, you can change the web access for sandboxed plug-ins.
Intellij IDEA 12 Public Preview by default is listening to 10001 port for one of its plugins. In our company we use this port for other purposes and there seems to be no easy way to change this... Can anyone suggest any options? Been googling for about an hour to no avail.
IntelliJ IDEA EAP builds come with the YourKit Java Profiler agent enabled by default so that users can take CPU and Memory snapshots out of the box to report performance problems.
The agent is enabled via idea(64.exe).vmoptions file:
-agentlib:yjpagent=disablej2ee,disablealloc,sessionname=IntelliJIdea12
You can remove this line to disable profiler agent that will free up 10001+ ports.
Another solution is to change the default port using agent options:
-agentlib:yjpagent=disablej2ee,disablealloc,sessionname=IntelliJIdea12,port=31337
If you are on Mac, this configuration is done via Info.plist, see the FAQ.
On Linux it's added in idea.sh script:
IS_EAP="true"
if [ "$IS_EAP" = "true" ]; then
OS_NAME=`echo $OS_TYPE | "$TR" '[:upper:]' '[:lower:]'`
AGENT_LIB="yjpagent-$OS_NAME$BITS"
if [ -r "$IDE_BIN_HOME/lib$AGENT_LIB.so" ]; then
AGENT="-agentlib:$AGENT_LIB=disablej2ee,disablealloc,sessionname=IntelliJIdea12"
fi
fi
Just change to IS_EAP="false" or delete the agent .so file to disable it.
Following Vladimir's suggestion I've created a request to use onlylocal option by default, feel free to vote.
As a YourKit developer, I'd like follow-up Serge's answer and recommend to add "onlylocal" to the list of YourKit agent options. This option forces profiler to open port on loopback network interface. Potentially it's more secure and on Windows you will not see security warning.
I'm trying to get WCF to use SSL with ANYTHING for FIVE DAYS now. I've gone through countless walkthroughs, generated more certificates than a mail order diploma company, even tried hot fixes. After working with MS dev tools since VB1, I am now considering flipping burgers as a career option. WCF, as far as I can see, is a complete lemon.
Anyway, to get to my actual question: If I run through this walkthrough:
http://msdn.microsoft.com/en-us/library/ff648840.aspx
I get to step 11 (adding the service reference) and get "There was an error downloading metadata from the address. Please verify that you have entered a valid address".
Details of the error gives: There was an error downloading 'https://localhost/SSL6/Service.svc'.
Unable to connect to the remote server
No connection could be made because the target machine actively refused it 127.0.0.1:443
I'm using VS2008 on Windows 7 with IIS7. I followed the walkthrough exactly (apart from step 5 which was different on IIS7- I went into "SSL Settings" for the VD), so it shows my config (yes I've used httpsGetEnabled and mexHttpsBinding).
Anyone care to save my sanity and job?
EDIT: If I go into IIS, select the VD in content view, right-click on the svc file and browse, I get "Internet Explorer cannot display the webpage". Chrome gives "Google Chrome could not connect to localhost".
IE troubleshooting gives "the remote device or resource won't accept the connection".
If I browse using the IP address rather than using localhost via http, it says that it's secured with https ok. If I browse using the IP and https, I get HTTP error 503. The service is unavailable.
So it looks to me like a DNS issue combined with... something.
When I try to just run the service site project, I get "Unable to start debugging on the web server. Unable to connect to the web server. Verify that the web server is running and that incoming HTTP requests are not blocked by a firewall". I've checked the firewall and it's ok.
Finally cracked it. There were at least three issues at play.
1) A DNS issue of some kind with localhost. It's still unresolved on my machine, but I can work around it by using the IP addy.
2) Another issue may have been that apparently, WCF doesn't work with IIS 7 OOTB. So you need to run command prompt as administrator, and run the following command -
"%windir%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe" -r -y
3) After I got through the certificate stuff I was still getting HTTP error 503, "Service unavailable". That ended up being leftovers from my previous attempts, still listening to ports:
http://blogs.msdn.com/webtopics/archive/2010/02/17/a-not-so-common-root-cause-for-503-service-unavailable.aspx
So to get a hello world level service happening with WCF and SSL took me a whole week, and in my travels I discovered many pilgrims who had taken about the same amount of time. Microsoft: You have failed.
Are you using IIS or self hosting? If you're using IIS, it sounds like it's incorrectly configured, because it seems it's not accepting connections on port 443; I guess you're probably missing a protocol binding (https to port 443). There's a detailed discussion of setting up SSL on IIS7 here that might be useful.
Of course, you could easily verify this using the browser, you should be able to connect to the site using SSL from it.
When I have had this error occur, I have found it very useful to run the service from Visual Studio to get additional information. Right-click on the service, and then select Debug -> Start New Instance from the pop-up menu. VS will launch the service using the WcfTestClient.exe.
WcfTestClient will display all the services and endpoints in your service project. A healthy launch will list your services in the a panel on the left, and provide a Start Page tab in a panel on the right. What will happen in your case, however, is that you'll get a list of services in a panel on the top and an "Additional Information" box along the bottom. Your problem service(s) will have a Status of Error.
Click on a problem service in the upper panel, and the Additional Information box will fill with an error message and stack trace. The message will tell you exactly what that problem mex (metadata exchange) address is. That may be enough of a hint for you to solve the problem. If not, post the Additional Information here and I'll be happy to take a look at it.