I'm trying to write automated test, to ensure that the installer for my program works okay.
The program can be installed for all users (requires admin privs), or for current user (does not require admin privs). The program can also autoupdate itself, which in some cases requires admin privileges, and in some cases doesn't.
I'm looking for a way where I can have an automated test click "Yes, Allow" on the UAC dialogs, so I can write tests for all different scenarios, on many different operating systems, so that I can be confident when I make changes to the installer that I didn't break anything.
Obviously, the installer process itself cannot do this. However, I control the complete machine, and could easily start some sort of daemon process with administrative rights, that the testprogram could make a socket connection to, to request it to "please click ok on the UAC now".
I actually figured out how to do this while looking to answer a similar question about UAC. Here is what you can do:
Write a service that runs as SYSTEM.
Open the process token of the winlogon.exe instance running in your logon session.
Use that token to launch a helper process on the Winlogon desktop via CreateProcessAsUser.
At this point, you have a helper process running as SYSTEM in your logon session on the Winlogon (secure) desktop. From here you can use some kind of IPC mechanism to communicate from your automated test program to the helper process. In the helper process you can EnumDesktopWindows to find the UAC prompt. This is as far as I took it; I didn't actually try to simulate clicking Yes or No, but I don't see any reason why it wouldn't work. Also, I only tested on Windows 7 32-bit; I believe the UAC architecture is identical to Vista, but I didn't test on it.
It took me a while to figure all this out; I can provide some code if you want.
EDIT: Just as a follow up I added code to use FindWindow() to find the "Yes" button and I was able to successfully send it a BM_CLICK message; the UAC prompt went away and the application was allowed to run.
An alternative solution might be to turn UAC off
The least bad solution I've found so far is to run the tests in a VMWare session, and control the mouse/keyboard trough the vmware sdk. Would love to hear about other solutions
Remote Desktop to it or run it as a guest VM (using Virtual PC or whatever, just don't boot to it.) This is also the best way to take a screenshot or video of the UAC prompt.
Related
I'm trying to find a way to start an application when the user logs on. The application must have administrative privileges.
This seems to be easy: just create a new registry key under:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
This works, but the user is asked every time by the User Account Control window. This is annoying, especially at startup. So I'm trying to find a way to launch this applications with elevated privileges but without the UAC prompt.
I've found here a solution: it uses Windows Task Scheduler. However, this Windows utility seems a bit unreliabled: sometimes it works well, sometimes not. On two computer tested, my application is started with a delay average of 46 seconds.
On the link given below, it says that you can recall the Task Scheduler operation with this command (where MyOperationName is the name of the scheduled task):
schtasks /run /tn "MyOperationName"
so, if I try to combine this command to a new key in CurrentVersion\Run I should get what I want. Would this work?
I'm working on VB.NET WinForms, Visual Studio 2013 and I use this library to interoperate with Task Scheduler.
Thanks,
FWhite
I have problem printing reports to PDF through bullzip from Navision Application Server (1) if user is not in Local Admin group (2). Only under both conditions.
In Nav code I'm doing the following: init bullzip automation object (set all parameters to suppress GUI), run report to print document to virtual bullzip printer, catch output file. Thats it. Straight as a rail.
I have two environments: Windows Server 2008 and Windows 7 (different versions of Nav, but this is changing nothing). On Windows 7 it just do nothing (but works if user is admin). On server I can see error in Event Log (translated to English)
Faulting application gui.exe, version 9.8.0.1599, time stamp 0x517126dc, faulting module USER32.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception code 0xc0000142, fault offset 0x0006f52f, the process ID 0x3bc, application start time 0x01ce562238369fa9.
Gui.exe is a part of bullzip.
If I run the same code from Nav Classic Client, or from the same NAS launched in command line, or under local administrator account, or if i put the NAS user in local admin group - it works just fine.
To solve this problem i need to find out one of two and how to fix it:
What is the difference between local admin and regular user that could cause application to crash in non-interactive mode (service) under regular user account.
What is the difference in running NAS as service and as command line that could cause application to crash when run as service.
What I've tried so far: extend non-interactive desktop heap, give user all local privileges that admin have in gpedit. Not works. Don't know direction for further digging.
Any alternative free pdf printers advices are welcome.
This question is still actual. Though I've managed to setup PDF printing with PDFCreator. The tough part was to let several different NAS to print simultaneously. And now the setup have a bottleneck - PDFCreator's printing queue. With bullzip automations it could be avoided.
We've had some cases where third party DLL's have crashed within NAV due to permission restrictions.
The only effective way we could narrow down the files that it was trying to access was through using Process Monitor to try narrow down what was causing permission issues.
We found a folder within System32 to do with the System's Network Profile that some DLLs use. On that note, NAS's and such should be run under a domain account.
I think re-installing the application will do that,
Just make sure you are uninstalling each bullzip and ghost script,
Now Ghost script is tricky thing, if you are installing 32 bit over 64 then you are having problem,
refer this download link download appropriate version, install it,
and then install bullzip, after downloading new version from here
this will do..
then also if any problem(if you are using application for automation, you require new com object..) refer Forum, that explains most of application interface problems..
where you need to use public class PdfSettings with namespace bioPdf.
I hope this will help ..
I am attempting to write a small, lightweight client, using vb.net winforms, that can install without needing elevated privileges. Before I ask my questions, let me give you a bit of an idea of what it is supposed to do.
The app will start when Windows loads, set like this from the install, with a system/notification tray icon that can be clicked on to load up specific functionality. The application install from a website, or possibly a file share, haven't quite decided yet. This client will initially request user credentials for one of our web programs, and it will talk to an already built web service to determine what functionalities of our services they have licensed access to. After this, credentials will be encrypted and saved to the users pc locally. Every five minutes, the client will pass the credentials to the websites they have access to and check to see the status of jobs that are being processed, and download available reports if needed.
So, here is what I am trying to understand. If I configure this app as a ClickOnce application, once it installs from the url or shared drive, the user will not need to do anything else, correct? Or do they have to visit that url every time they boot up to reinstall/run the client?
Another thing, I wanted to get some opinions on the best ways to do some of the things this app will be doing. I have a good idea of where I am going with it, but I have no idea of which solution to go with yet.
For instance, what is the best way to store user passed credentials on their system for a "remember me"?
Also, is the best way to have the client install with automatically starting on windows startup to configure it to create a shortcut of itself in the windows startup folder?
I am trying to keep this as lightweight as possible, and using a very small GUI, so it shouldn't be too intrusive, so any ideas on how to ensure that, while keeping it from needing admin privs to install, will also help.
If I configure this app as a ClickOnce application, once it installs
from the url or shared drive, the user will not need to do anything
else, correct? Or do they have to visit that url every time they boot
up to reinstall/run the client?
Well if they need to reinstall it, they would have to download the setup.exe file again, but why would users need to do that? CilckOnce supports automatic updates. Visiting url is certainly not needed for running the program.
what is the best way to store user passed credentials on their system
for a "remember me"?
Probably storing them as application settings. Haven't used visual studio 2012, but in visual studio 2010 you have to right-click on project in solutions explorer, go to project propeties and then create variables in Settings tab. Then you can access those variables in code using My.Settings.variableName. Not sure about security though, if you need any.
As for privileges, I think you just need a privilege to install a program. Maybe you should publish a primitive clickOnce application and experiment with it and that will answer all your other questions about clickOnce.
Do you know any way to forcing restart an Mac OS computer from code? I tried an small applescript code without result. Applications ask for shutdown to the user so the user could stop the restarting procedure.
Regards
The official way is to send a system event to the login window process. Apple's Technical QA1134 even includes a code example.
It's an usual thing to want to force. If the user is willing to type in their password and are an administrator of the computer; perhaps you can run
sudo reboot
from your application.
Try using AppleScript/ScriptingBridge from your app to tell application "Finder" to restart.
I want to keep a log with the attempted log-in to a machine. The OS is Windows Embbeded Standard. Is it possible to make Windows execute an application or a script after every login attempt to enable me to save that information in my database?
EDIT:
Extract from Superuser:
"Here, you can set auditing to all types of events. I believe the one you want is "Audit logon events", Set it to Failure (or Success as well if you want).
All events will now get sent to Event Viewer. ..."
Is it possible to access the Event Viewer info via WMI?
From a security viewpoint, I would assume this would not be possible. But it is possible to write your specialized GINA library which would replace the standard login system of Windows. This was done to support fingerprint readers and smart card readers, and many other alternative login methods.
But out of curiosity, what kind of problem are you trying to solve here? Windows already has plenty of build-in functionality which can be analysed by anyone who can log in.
Follow this link to see how it's done in Windows 2003. I've checked with Windows XP on a virtual machine and it works exactly the same there. So I assume it also works in embedded XP versions.For reading the event log, this link from MSDN will be practical too. This will require .NET though, which is optional on Windows XP.
WMI might be a good place to start. You could use WMI (or another method) to query the security event log for sucessful/failed logon events, too.
http://www.computerperformance.co.uk/vbscript/wmi_event_log_administrator.htm