I'm using neo4j v3.5. Is there a way to run neo4j as a Windows service under a less-privileged service account? I'm currently using the "neo4j.bat install-service" command to install the service on Windows. This command runs the service under the predefined SYSTEM/LocalSystem account available in Windows. The "LocalSystem" account has extensive privileges, however, so I would like to create a less privileged Windows account to run the neo4j service. Has anyone done this before using automated commands or batch/Powershell scripts?
I used this 3rd party tool called psexec: https://ss64.com/nt/psexec.html. I can run batch files from a local machine (or even remote) using a different id/password. Give it a try.
For example:
psexec \\workstation64 -c "<full_path_here>\neo4j.bat install-service" -u LESS_PRIV_USER -p LESS_PRIV_USER_PASSWORD
Related
I have built a working application that communicates with IBM Doors through console commands like this one:
"C:\Program Files\IBM\Rational\DOORS\9.7\\bin\doors.exe" -dxl "string parameter = \"PARAMETER\";#include <file.dxl>" -f "%TEMP%" -b "doNothing.dxl" -d PORT#HOST -user USER -password PASSWORD
The problem is that I need to containerize this application. My plan is to containerize the application and use the IBM Doors client that is installed inside the Container Host Machine, since I don't know how to containerize IBM Doors for Windows which is the one I have the licence for.
I had no problem containerizing the applicaton but I dont know how to make the container interact with IBM Doors without altering the application source code.
The application needs to use console commands, like the one above, to communicate with the IBM Doors Client and Database. IBM Doors needs to be able to access the container file system to write and read files.
I know for sure that I need to use Volumes but I dont know how to make that configuration and I didn't find any similar cases to mine.
Is this even possible? If not, how should I tackle this problem?
Thank you for your time.
My working machine in the office is Ubuntu 18.04, and I have installed a Docker container in this machine. Everything works fine, and I can use Graphic User Interface (GUI) programs such as Firefox and PyCharm in the Docker container. When I works at home, I use my Windows 10 notebook, and in order to connect my working machine in the office, I use X2Go program. With this program, I can remotely connect the machine in my office with GUI. I can also run GUI programs remotely. However, when installed Docker container once again remotely, I cannot use GUI programs in the Docker container. The reason is because in order to let the Docker container access host machine's GUI, I use xhost + command. However, when running this command remotely, I received the following error:
# xhost: must be on local machine to enable or disable access control.
If I ignore this error message, I cannot launch any GUI programs on the Docker container. Any ideas? Thanks.
This article may help:
https://www.ibm.com/support/pages/remote-install-websphere-application-server-unix-host
In the article:
If the remote host is not authorized to connect, you can add it to the
list of authorized clients using the following command:
xhost +
xhost: must be on local machine to enable or disable access control.
This indicates that this command is only authorized from a local
console (For example, not within a telnet session).
Next, you must export the display so that GUI screens generated on the
remote host will be displayed on the local host. To do this, run the
following command on the remote host while logged in through the
telnet session from the local host:
export DISPLAY=
Also your Remote Desktop protocol could be an issue.
X2Go uses NX protocol with SSH for security.
NX protocol uses a caching technology which may be part of the the problem. Remote desktop technologies can vary the experience and may not work with docker GUI remotely.
I have had similar issues with remote desktop technologies (RDP, VNC etc) where some or all of the desktop experience is not visible.
I suggest to try a VNC (RFB protocol) software and see if that works. RDP is another solution.
Be aware VNC and RDP are not by default very secure unless you use a tunneling solution (VPN etc) and encryption. There are VNCs with built in encryption (via SSH) and RDP has security solutions also, but if you are accessing it from home to work you should make sure your security manager is aware of the technology you choose that works for you.
I can start already two different Neo4j instances on my Windows machine on the console, but how can I now start them automatically as a Windows Service? I was just able to install one with the powershell scripts.
Many Thanks
When you install Neo4j as a service, Neo4j takes the configuration dbms.windows_service_name as a service name.
So to install two Neo4j as a service, you need to change one.
I recommend you to uninstall all neo4j services, and then to reinstall them with ta diffrent name.
I am working on DevOps with VSTS. I created the simple windows service application using VS2015 for that I configured the release definition in VSTS by adding this tasks through this Windows Service Release Tasks.
I configured the Start Windows Services, Install (TopShelf) Windows Service and Stop Windows Services tasks successfully.
Configuration of Install (TopShelf) Windows Service
During release the above Stop and Install tasks are run successfully but Start task failed with the following error.
The running command stopped because the preference variable "ErrorActionPreference" or common parameter is set to Stop: No such services: FirstService
Because the Install(TopShelf) Windows Service task will not be installed an windows service in machine. But it simply succeded.
I have the few questions like
what is the difference between Install(TopShelf) Windows Service and Install and Start Windows Service VSTS release tasks.
If I used the Install(TopShelf) Windows Service task, It works only if you have already existing windows service is running in virtual machine otherwise it will failed. But if I used the Install and Start Windows Service task, It will be installed new windows service in virtual machine. But I am unable to give Displayname and Description of the installed windows service.
They are two extensions created by 3rd party. So you can search them in the VSTS Marketplace and get the detailed information for them.
For your question:
Install(TopShelf) Windows Service
This is used to install Topshelf service which created with Topshelf framework.
Install and Start Windows Service
This is used to install the general Windows Service via Power-Shell or InstallUtli.
So if you just create a general Windows Service from VS. You should use the second one.
And usually, to set the Display Name and Description for a Windows Service, you need to do it in your code. Please refer to this question for details: What's the best way to set a windows service description in .net.
Copdenvy's shellinabox runner allows you to start a shell in the browser in which you can compile and run your code. This is fine for applications that are console based. Is it possible to run an X Windows application in the cloud and see the graphical window?
Setting the DISPLAY variable in the shell to that of your Linux workstation could work, though it relies on you being in control of the local network for things like NAT and firewall settings. The attraction of the cloud IDE is that you only need a browser and an https connection.
Can you ssh -X into the Docker container from an X capable source? Where would you find the URL? How would you manage the ssh keys?
If you look at the Java/Swing "VNC + Java 7" runner for example you'll see that you're able to run an application which is using X DISPLAY through VNC. Codenvy supplies a web based X Windows environment that you can access by clicking on the hyperlink that is shown underneath the Console window, to the left of the Timeout counter. You can then look at the Docker recipe used to start this sample.
SSH in the docker container could be managed in Codenvy 3.x if you install inside the VM the sshd daemon and export the ssh/22 port. In upcoming Codenvy SaaS 4.x ssh will be enabled without any configuration.