Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
I must use several Citrix desktops, where "COPY/PASTE" from the local machine to the server is disabled. Are there workarounds or tricks to bypass this limitation?
I've encountered the same problem and have a partial somewhat contrived solution. It allows me to get a little more than 1kb of text from sandboxed Internet Explorer instance.
I use http://goqr.me/ to create a QR-code from the text. Create it in greatest possible resolution and open it. Take a screenshot of the window on the clipboard by pressing Alt-PrtScr. Then I use a small utility (see https://github.com/thoraage/qrscanner) to extract text from the picture on the clipboard.
It is a sick world!
The earlier suggestions and "work-arounds" were useful, but in 2020, there is a better way :)
Microsoft developed a "Relay Service" called Azure Relay. This same service is what's used behind the scenes to power what Microsoft refers to as "Live Code Sharing".
This service runs as an extension with several products, but for developers, this would likely be their IDE and code editor: Visual Studio and VS Code.
The extension is Live Share and it works flawlessly (at least on my machine 😉)
Like other suggestions, this isn't going to let you copy/paste from one machine to another, but in a way, it allows for much more. Instead, this alternative will let you host a project/workspace/notes...etc on your local machine, start a live-share session, then join that live share session from the remote.
Whether you work from the local or the remote, the changes persist and are shared on each machine.
Thanks the other commenters for their suggestions. I may not have thought of this as an option without the prior suggestions to spark this idea.
Best solution for this, I used just open one note app in local machine.
Open citrix and Restore (resize the window []).
Snip the entire text as image and paste it in one note.
Right click on the image and copy the text.
Paste it in TXT doc you got that.
I just open two gmails and sent the info through chat.
Example:
Local computer open GMAIL 1
Remote Citrix Computer open GMAIL 2
Copy from local computer and paste into google hangout with Gmail 2
Send
Done! it will be ready to be copy on Gmail 2 in remote citrix computer!
Cheers
I was running on a similar situation but in my case I was trying to copy files from remote (Windows) to local.
To solve that issue I killed the rdpclip.exe on remote and started it again.
You would need to defined it in the Citrix policy to only restricted or not restrict based on certain conditions.
The answer would also depend on the direction you are coming from? As a user trying to circumvent the system, or a tech trying to have a select group of users approved to do so.
I'm not aware of any tricks, to circumvent.
jezr
If it is just about a picture/ screenshot I suggest the following workaround:
1. open the picture/ file in citrix
2. change to your local machine, open Snipping Tool (Windows)
3. make a screenshot of the citrix content
Solution for this problem:
Open IE explorer and open internet options and open security tab then open trusted sites add your Citrix website which you want to access.
Restore advanced settings in in advanced tab.
Clear your temporary files.
Download Citrix receiver then check for copy paste
Related
For a "hack it yourself" workshop I am giving I would like to show the (not to technical) audience how easy it is to hack. I'm going to use a simple W7 VM with a vulnerable application to spawn a reverse shell on my Kali machine.
I then have full system privileges on the machine, but as these are not technical people I want to show some sparkle etc. So what I want to do is either:
Open browser navigate to a youtube "you got hacked!" video (this might be difficult)
Open a video that I already put on the machine
Open calc.exe in the foreground.
So my problem here is that I don't know how to open an application that shows in the foreground of the victim machine. So that it actually shows up on the screen!
Can anyone help me with this?
So to answer the question (just for clarity instead in the comments).
Thanks to Maximilian Gerhardt who gave the answer (I will set you as best answer if you want but I can't just from the comments!).
There are two ways that are good for this:
Download psexec.exe onto the "victim" pc and use that with psexec.exe -s -d -i [here the session token "1" works for me] calc.exe
If using a meterpreter shell you can use incognito mode (offensive-security.com/metasploit-unleashed/fun-incognito). And then use the impersonate_token method. This works great, but I cannot go back to being SYSTEM (getsystem doesn't work as there are no privilege escalation vulnerabilities present). So I have to exit and reuse the exploit. But for the workshop this works beautifully!
For those interested I use SLMail 5.5 on a W7 machine to show how easy "hacking" can be and what a hacker then can do with a computer. This for an awareness workshop, which is bigger then just this "show and tell" part.
steps:
nmap scan on port 110 with version detection to see "hey what is this? SLMail?"
google SLMail to find "Oh noes a buffer overflow, hmmmmm let's look into that!"
this is metasploit a tool hackers can use to exploit know systems (I have the manually made exploit with more explanation for interested people after the workshop with buffer overflow explained)
search in metasploit for SLMail, we find it and say use
"it works how cool! What can we do with it?" show webcam capture! (that is scary stuff :D).
Go to shell and show with whoami for the tech people that we are indeed system. then go to incognito mode and steal the token from the user that we see on the screen.
open up youtube with "hackerman" video (well had to choose one :D)
explain a bit that it is that easy for a script kiddy to get in if you don't update etc. etc. etc.
let awareness kick in and next time they do something dumb they might think: "o wait let's not do that!"
Cheers!
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
The community reviewed whether to reopen this question 1 year ago and left it closed:
Original close reason(s) were not resolved
Improve this question
I have a windows service running on my local machine. It's configured to run under NT AUTHORITY\NETWORK SERVICE. The program access a network shared drive on a computer in the same subnet. That shared directory has Everyone set to Full control.
I'm getting False on File.Exists, but the file exists. I'm certain this is a permission issue. Am I forgetting anything? Note, the computer with the shared drive is not on a domain.
Solution was found here:
https://serverfault.com/questions/177139/windows-service-cant-access-network-share
The fact that the machine with the shared drive is not on a domain is where your main problem is. In order to get this to work you will have to configure the Windows Service to run as a specific user, and then you'll have to create an identical user on the remote system with the same password. It might work then.
The problem stems from the fact that in order to log in to a machine not in a domain, you have to log into that machine using an account that exists on that machine. The machine account for something else definitely won't exist on that local machine. By creating an identical user with an identical password, you might be able get the login to work."
-sysadmin1138
I created identical accounts on both machines and the service account was able to access the shared drive. Having the servers on the same domain is a better solution, so I'm working towards that, but this will work in the mean time.
Brian T was correct. But I would like to add something. We had this problem even though the service was running on the same DOMAIN\User. Our service was trying to write a file to a shared folder/drive and it was configured in the config.xml like so:
I:/path/to/the/file/to/write.
But when we changed the config to use IP-address of the network instead of drive letter, we managed to fix the issue. However the syntax changed a bit:
\\xxx.xxx.xx.xx\path\to\the\folder\to\write
Hope this helps anyone who still haven't solved the problem
Setting the share permissions is not enough. Also set the NTFS permissions adequately, then it'll work. Everyone Full Control on the share means, everyone can get through the network to the root of the share but from then on NTFS rights are used to determine what is allowed and what not.
My question is: How you can create same basic functionality with the remote computer, like using the same mouse, so when i take move on my computer that will appear at same moment on remote computer, like on the team viewer. Can anyone explain what is the philosophy behind all remote desktop shared programs, how i can see what I'm done on the remote computer...
Codes & link's will be appriciate too... :)
You could take a look at the code of mRemote, a remote connection manager for a number of protocols (RDP, VNC, ssh and more). Maybe that will answer some of your questions?
Cheers,
Sebastiaan
The situation is simple. I've created a complex Delphi application which uses several different techniques. The main application is a WIN32 module but a few parts are developed as .NET assemblies. It also communicates with a web service or retrieves data from a specific website. It keeps most of it's user-data inside an MS Access database with some additional settings inside the Registry. In-memory, all data is converted inside an XML document, which is occasionally saved to disk as backup in case the system crashes. (Thus allowing the user to recover his data.) There's also some data in XML files for read-only purposes. The application also executes other applications and wants for those to finish. All in al, it's a pretty complex application.
We don't support Citrix with this application, although a few users do use this application on a Citrix server. (Basically, it allows those users to be more mobile.) But even though we keep telling them that we don't support Citrix, those customers are trying to push us to help them with some occasional problems that they tend to have.
The main problem seems to be an occasional random exception that seems to pop up on Citrix systems. Never at the same location and often it looks related to some memory problems. We've p[lenty of error reports already and there are just too many different errors. So I know solving all those will be complex.
So I would like to go a bit more generic and just want to know about the possible issues a Delphi (2007) can have when it's run on a Citrix system. Especially when this application is not designed to be Citrix-aware in any way. We don't want to support Citrix officially but it would be nice if we can help those customers. Not that they're going to pay us more, but still...
So does anyone know some common issues a Delphi application can have on a Citrix system?
Does anyone know about common issues with Citrix in general?
Is there some Silver Bullet or Golden Hammer solution somewhere for Citrix problems?
Btw. My knowledge about Citrix is limited to this Wikipedia entry and this website... And a bit I've Googled...
There were some issues in the past with Published Delphi Applications on Citrix having no icon in the taskbar. I think this was resolved by the MainFormOnTaskbar (available in D2007 and higher). Apart from that there's not much difference between Terminal Server and Citrix (from the Application's perspective), the most important things you need to account for are:
Users are NEVER administrator on a Terminal or Citrix Server, so they no rights in the Local Machine part of the registry, the C drive, Program Folder and so on.
It must be possible for multiple users on the same system to start your application concurrently.
Certain folders such as the Windows folder are redirected to prevent possible application issues, this is also means that API's like GetWindowsFolder do not return the real windows folder but the redirected one. Note that this behaviour can be disabled by setting a particular flag in the PE header (see delphi-and-terminal-server-aware).
Sometimes multiple servers are used in a farm which means your application can run on any of these servers, the user is redirected to the least busy server at login (load balancing). Thefore do not use any local database to store things.
If you use an external database or middleware or application server note that multiple users will connect with the same computername and ip address (certain Citrix versions can use Virtual IP addresses to address this).
Many of our customers use our Delphi applications on Citrix. Generally speaking, it works fine. We had printing problems with older versions of Delphi, but this was fixed in a more recent version of Delphi (certainly more recent than Delphi 2007). However, because you are now running under terminal services, there are certain things which will not work, with or without Citrix. For example, you cannot make a local connection to older versions of InterBase, which use a named pipe without the GLOBAL modifier. Using DoubleBuffered would also be a really bad idea. And so on. My suggestion is to look for advice concerning Win32 apps and Terminal Services, rather than looking for advice on Delphi and Citrix in particular. The one issue which is particular to Citrix that I'm aware of is that you can't count on having a C drive available. Hopefully you haven't hard-coded any drive letters into your code, but if you have you can get in trouble.
Generally speaking, your application needs to be compatible with MS Terminal Services in order to work with XenApp. My understanding is that .NET applications are Terminal Services-compatible, and so by extension should also work in a Citrix environment. Obviously, as you're suffering some problems, it's not quite that simple, however.
There's a testing and verification kit available from http://community.citrix.com/citrixready that you may find helpful. I would imagine the Test Kit and Virtual Lab tools will be of most use to you. The kit is free to use, but requires sign-up.
Security can be an issue. If sensitive folders are not "sandboxed" (See Remko's discussion about redirection), the user can break out of your app and run things that they shouldn't. You should probe your app to see what happens when they "shell out" of your app. Common attack points are CHM Help, any content that uses IE to display HTML, and File Open/Save dialogs.
ex: If you show .chm help, the user can right-click within a help topic, View Source. That typically opens Notepad. From there, they can navigate the directory structure. If they are not properly contained, they may be able to do some mischief.
ex: If they normally don't have a way to run Internet Explorer, and your app has a clickable URL in the about box or a "visit our web site" in the Help menu, voila! they have access to the web browser. If unrestrained, they can open a command shell by navigating to the windows directory.
We're using TFS Build Server to ensure that all files checked in by developers are going to compile to a working source tree, cuz there's nothing worse than a broken build!
Anyway we've having some problems with the drop location that Build Server wants to use, we keep getting this error:
TFS209011: Could not create drop location \build-server\drops\project\BuildNumber. No more connections can be mades to this remote computer at this time because there are already as many connections as the computer can accept
Since this is being used in a pilot program at the moment we only have 2 projects which are using the Build Server. I've checked the network share and the allowed number of connections is about 100 so I don't really get what the problem is.
Only occationally does the problem raise it's head, quite often we'll not have one for days, and then we'll have a bunch in a row.
I can't seem to find much info on this either.
I'm pretty good with TFS - but a dev not a network guy. I would GUESS that while the NETWORK SHARE itself allows 100 connections, is it possible the underlying server it is running on doesn't have some sort of limitation?
Have you checked event logs?
This problem seems specific enough I would encourage you to post to the official Microsoft forums.
It looks like the problem is to do with our install of Windows 2003, we have "Web Edition" installed and it is limited to just 10 connections.
I ended up with a post of the MSDN forums in which I got this answer: http://forums.microsoft.com/msdn/ShowPost.aspx?PostID=3967598&SiteID=1&mode=1