Find Client PC name behind Remote Desktop connection - vb.net

This is a bit general question.
I have a Windows application writted on VB (or whatever language) that has a login system. This app use computers registry to save and retrieve last login used, so the next time the user run the application it only needs to type his password. This works just fine.
Now one client wants to install my app in his server instead of clients computers and make all the pcs access the system via Remote desktop. No problem here.
My problem comes with the login system, because if i use the registry to save last login user, it will be only one (the server registry) so I always get last login user independet of wich pc access the system.
So my question is: How can I set a default user for each client PCs? I could use my database instead of the registry to save an retrieve last login user, but for then I'll need to know the PC name behind the remote desktop, and I don't know if thats even possible... Any ideas?
Thanks!
Note regardless duplicated post:
My question is different from the above mention. I don't need to get user name from terminal server. I just need a way to save and retrieve some data on the registry for each terminal service user or client PC.

Related

Batch | Net use Password

Sorry for my bad English, but if you can help my it will be great.
I have couple of file system over my network and every night I need to take one file from another file system to mine.
for that to happen i'm using a Batch script how mapping me the drive with net use command.
my problem is that i don't want the password will go through clear text
( To see my password or to sniff it).
my questions is :
there is any way that i can encrypt my password and still login with the same credentials.
Thank You
If you can set up a Domain controller using either one of your Windows machines, or Samba, then you could use Trusted authentication based on the user executing the scheduled job that executes the batch file.
Alternately, you could encrypt the password and have a program decrypt it and execute the net use, but you're always* going to be faced with the fact that if your computer can send the password out when you don't type it in, then your computer knows your password, and anyone with physical access to that computer can get your password.
*Unless your computer doesn't know the password, and instead relies on an HSM (Hardware Security Module).
I had the same thing but found a nice workaround.
The passwords are not stored in DOS so I went from the run menu and simply typed the name of the path like "\server\files".
When it asked for credentials I ticked the checkbox "Save credentials"
The password will then be stored in your Windows Credential Manager (control panel) and this way your dos batch file fwill always now the password.

Failed to update database because the database is read only

This message appears every time I try to save the data to the DB.
Failed to update database because the database is read only
Note: This error comes only when the application is installed to C drive.
Front End: VB.NET
Back End:SQL Server
Is there any way to overcome this issue?
Or any way to restrict the user from installing the application on C drive?
I would check the file system privileges. I suppose you talk about an SQL server file database. You receive the message because the account trying to access your file database does not have the file system permissions to do so.
In order to confirm my suggestion, you allow everyone to access the specific directory with full permissions.
Then, you have to check what is the account trying to do the actual access. Probably it's a system account (user ASPNET or NETWORK SERVICE). You have to give the respective permissions to the specific account.
Then, restart IIS.
If you want to do this for a distributed stand-alone application. Then these permissions would have to change on each machine where the program would be installed. In order to avoid putting users in such a fuss, the setup program should do it. I am not an expert on setup programs, but even the simplest ones would give you the option to do it, after asking the system adminstrator's approval. I suppose you could build a custom action during the setup program which would change the specific folder's permissions, perhaps by using xcacls.exe.
Hope I helped!

Opening a Non-Password-Protected Access 2000 Database that Asks for a Username and Password

I'm trying to open a Microsoft Access 2000 .MDB file to migrate it, as it is currently being used by somebody's ten-year-old VB app that's fallen by the way side on an NT server and whose author is long gone. Back in September I copied the MDB file over to a nearby XP machine (because that has Access installed), and when it asked for a name and password, was able to open it then using those of the Windows XP account I was logged in as.
However, since I tried again in November, it suddenly will no longer accept that username/password pair and everyone swears noone has touched the machine. I've tried a blank username, the login/pass of the "Administrator" account on the NT server from which I got it, as well as all of those on the XP machine I previously opened it on.
I tried running a couple password-recovery apps on it such as Rixler Access Password Recovery and Nirsoft's "accesspv.exe", and they both say that the file is not password-protected. So it's not a "database" password per se, it just wants some account info and I have no idea even what username it wants.
I've read up on what I could find in the way of MDW files; finding 3 of such on the XP workstation, I tried renaming them all in case that's where it's trying to look for account names, but the result is also the same.
The half-broken VB app that it was built for is apparently still opening and using the database fine; alas I've not found its source code.
Anyone know what Access 2000 wants as far as credentials in a non-password-protected MDB file, and how to get back in?
Thanks.
Solved with MDB Tools. That would have been pretty handy about five months ago.

CAC card login not authenticating random users who must user their windows user and pwd

Having an issue with random individuals trying to access an intranet site with a security certificate. Most users are able to simply select their Smartcard/CAC certificate, enter the pin number and then are granted access to the site's pages.
However, random individuals enter their pin and then are immediately re-prompted by the IE alert dialogue to enter their domain username and password. If they don't enter their network domain username and MS password, then they receive a 401.1 Unauthorized.
I am confused as to why these certain users (who are selecting the same certificates as the successful ones) are being prompted for their domain name/pwd. Furthermore, they're able to access other sites which require a CAC to get past the security certificate.
Possible that a user token is unable to be established via a CAC card for the particular site, but not sure why. Since these users are getting a 401.1, then somehow their identity associated with their CAC credentials is not validating.
In IIS:
Anonymous users are not allowed (unchecked).
128-bit encryption is required with SSL.
Integrated Windows Authentication is checked.
Accepting client certificates
In the site's web.config file all users are allowed and only anonymous are denied.
The exact same setup is present on the development box without any issues at all, indicating to me that the problem resides on the production server's ability to properly receive/handle CAC information from those individuals or that something funky is going on with the way the security certificate is relating to the client's CAC x.509 certificate.
A little more information that may be of use: the browser prompt that initially asks for the CAC has nothing to do with the code of the site, but rather is enabled by applying the security certificate to a site in IIS; thus indicating to me that there is something written into the certificate that looks for client certificates tied to the ActivClient agent via the browser???
Then again, I probably have no idea what i'm talking about, just throwing a bone here to see if anyone has had the same issue or has any ideas.
Thanks in advance for any input, questions, or ideas.
The problem was a stinking DLL that serves to help parse long URL's with many aliases (dots). The faulty DLL had been written into many people's re-image of their computers. The violating computer re-freshes contained an old version of a DLL used by Internet Explorer called URLMON.dll. The version of the DLL you need should end in '21073', but the one included on the faulty images listed above ends in '19.....'.
You can confirm this by going into IE7 and clicking on Help > About Internet Explorer > System Information (btn on bottom) > Internet Settings > Internet Explorer > File Versions > urlmon.dll
Updating this DLL has shown to fix the issue with secure SSL sites having problems validating CAC/pin entry that have long DNS entries (such as https://something.something.something.something.something.something).
There is an IE7 hotfix for this, but it will only install if you don't have ServicePack 3. If you do have SP3, , you cannot run the needed Hotfix, b/c it assumes that SP3 has already put into place the correct DLL.
1. Uninstall SP3
2. Reboot
3. Install the IE7 Hotfix
4. Reboot
5. Run Microsoft Updates via the Window MS updates website
Sucks, but that's what you get with crappy software like IE run on a deficient operating system, then coupled with software that's limited in it's abilities to truly talk to the operating system.
Check the functioning of the card with other applications.
Also check that the certificates are valid (not expired) and otherwise similar - same issuer, PIN not locked etc.
I understand your development environment works as you want and that your production environment is not.
Have you tried to reproduce the error in another environment to confirm which behavior is consistent?
Had a very similar problem that was solved by bypassing the proxy server. Try adding it to the exemption list.
In IE, go to:
Tools | Internet Options | Connections | Lan Settings | Advanced
Add site to exemptions list.
May not work for you, but could be worth a try. Like I said, it worked for me with a very similar issue.

Application/User Settings with Roaming Profiles

Hi Guys any help would be much appreciated.
We have an application that’s installed at several locations but we are having an issue at one particular site. In short the application settings (My.) are not being saved after a reboot. The application is build in VB.Net v3.5 Framework and we are not experiencing any issues elsewhere.
This particular site is using roaming profiles and the network administrator ensures us that the correct permissions are applied to the user account(s) and all application data is being saved to the server. I’ve asked the network admin to check for the existence of the user settings file user.config in the Application Data directory and he says it doesn’t exist.
In our application we store the connection string to the database in the application settings under the user scope. If no connection string is present or if one is present and a connection to the database cannot be made then a form is shown asking the user for the database credentials. Each morning when the users boot the machine and opens the application for the first time they are asked for these credentials but if they close the application and restart it they are not asked for them. This indicates to us that the settings are being saved but once the pc is rebooted and the application is opened for the first time they are asked for the database credentials. This seems like the settings are not persisting after a reboot.
Any thoughts/feedback would be much appreciated.
I'm wondering if it's Code Access Security preventing the file from being written?
If the sysadmin at trouble site has implemented group policy folder redirection, the user's local/roaming profile could be getting stored on a network fileshare. Code Access Security is fairly picky about letting code read/write to/from network resources.
I'm sorry that I don't have more details than this, and I didn't find any sure-fire hits on google, but searching for "code access security", "fulltrust" and any network/fileshare keywords you can think of may get you farther.