I've been trying to get my .msi to install a service on my machine. I used exe4j to make my Java code, archived in .jar file, for it to be held in a .exe file. The service needs to have privileges to read and write across networks. I managed to get it all working except that the service hasn't got read and write privileges when account is set to 'NT AUTHORITY\NetworkService' in the ServiceInstall element.
public static void main(String[] args)
{
try
{
MainService instance = new MainService();
instance.processArgs(args);
watcher.run();
}
catch(Exception e)
{
error(e.getMessage());
e.printStackTrace();
}
System.exit(1); // only get here after an exception
}
This is some of my WiX code
<File Name="tService.exe" Source="tService.exe" KeyPath="yes" />
<ServiceInstall Id="ServiceID" Description="Copies assets" ErrorControl="normal" Name="tService" Start="demand" Interactive="no" Type="ownProcess" Account="NT AUTHORITY\NetworkService" />
<ServiceControl Id="StartService" Stop="both" Remove="uninstall" Name="InterConnectService" Wait="yes" />
What Account do I need or how could I get Read and Write privileges with my service? I want the .msi file to install the service with these read and write privileges. I don't want to start creating accounts manually.
Update:
'NetworkService' just fails at installation time with the msi "Service ... could not be installed. verify that you have sufficient privileges to install system services". When I use 'NT AUTHORITY\NetworkService' the installation process works fine. However with 'NT AUTHORITY\NetworkService' I cannot read or write across networks.
Any ideas how I could read and write across networks? Your responses are much appreciated.
As Rob asked, it will be helpful to know whether your installation fails or just doesn't set the permissions. However, you can anyway try this: in #Account attribute put just 'NetworkService', not the full 'domain\account' value. 'NetworkService' is one of the aliases provided by WiX toolset for well-known accounts - it will be mapped to the proper account correctly.
The name of the service account is wrong, it needs to be NT AUTHORITY\Network Service.
Related
I'm trying to build a TDS project the TFS hosted server. The project uses the HedgehogDevelopment.TDS package, but when build time comes, a license exception occurs.
I am passing the owner and key information to visual studio in this way:
/p:TDS_Owner="$(TDSOwner)" /p:TDS_Key="$(TDSKey)"
Where the variables are the owner and key. I have verified that the values are correct, yet I still get a license exception, indicating that TDS cannot find these values.
Is there a flaw in how I am giving visual studio these parameters? How can I get a TDS project to build using the HedgehogDevelopment.TDS package?
First, please make sure you have installed TDS on the build server.
You can actually include the License info with a config file by following below steps.
Add this file manually here: xxx(TDSFilesFolder)\HedgehogDevelopment\xxxProject\vx.0
Call the file TDSLicense.config
Save the following (with your license information in) in the file: <?xml version="1.0" encoding="utf-8" ?> <license Owner="CompanyName" Key="aaaa-bbb-ccc-dddd" />
If it's a permissions issue with reading the license from the registry - this should sort it out. More detail info you can take a look a this blog.
I have created MSI package using advanced Installer. It contains App Config to which i have to pass the siteURL which varies depending on location. I need to pass the siteurl to app config when msi is installed . Please help me with it. I am new to Advanced Installer
You can check the online user guide for Advanced Installer, it has a lot of useful info. For example the article on importing and editing XML config files.
Or how to add a custom dialog and write in the system the values captured from the end users.
EDIT: additional answer regarding command line
You can run the installation silently from the command line but you will still see the message box saying the package is built with a trial. You will not see the standard MSI dialogs. And the trial messages will be gone once you purchase license for Advanced Installer.
Please note that your command prompt window (cmd.exe) must be launched as administrator, if your installation is installing per-machine (i.e. you write in Program Files or HKLM registry hive). Otherwise the installation will fail silently and you will not know why, because on silent installation the OS will not show an error message.
Here is a command line example:
msiexec.exe /i C:\setup\installer.msi /qn ID="235424" SiteURL="www.example.com"
Please note that it is not recommended to use private properties, i.e. properties with lower case letters in their name, we recommend public properties, for example: SITE_URL.
I need help with using keycloak in an Errai app. I am getting an error about "unknown authentication method" for "KEYCLOAK" ? I have the keycloak-appliance running (on a different port though), and the Errai app has a with KEYCLOAK in the web.xml file inside WEB-INF
When I run the Errai app with mvn gwt:run, I get : RuntimeException caused by "Unknown authentication mechanism KEYCLOAK". I have no idea how to go around this issue .
Just wanted to add a little more detail to #cfsnyder's answer. In order for your application server to recognize a definition in the web.xml that looks like this:
<login-config>
<auth-method>KEYCLOAK</auth-method>
<realm-name>internal</realm-name>
</login-config>
you'll need to tell jboss (in this instance) how to interpret that particular auth method. At the time of my answer, this is in section 8.2 of the Keycloak docs.
First, download the keycloak adapter (remember, this is not the same as the Keycloak Server). Next, unzip the download in the wildfly home directory. With your application server running, just use the following command to install the Keycloak configuration into the appropriate files:
jboss-cli.sh -c --file=adapter-install.cli
When this script completes, your configuration file will have the new entry added to accommodate the KEYCLOAK entry in your web.xml. The script will add something like this to either a domain.xml or standalone.xml:
<security-domain name="keycloak">
<authentication>
<login-module code="org.keycloak.adapters.jboss.KeycloakLoginModule" flag="required"/>
</authentication>
</security-domain>
Once you have the Keycloak module files provided by the adapter + the security domain configuration to link the KEYCLOAK method to the appropriate LoginModule, you should be all set.
You will need to install and configure the Wildfly adapter in order for your Errai app to recognize the "KEYCLOAK" authentication method. See section 7.2 of the Keycloak documentation.
To add to #josh-cain's answer, you might also need following additions in your domain.xml or standalone.xml:
To <extensions></extensions>, add:
<extension module="org.keycloak.keycloak-adapter-subsystem"/>
To <profile></profile>, add:
<subsystem xmlns="urn:jboss:domain:keycloak:1.1"/>
The adapter installation cli scripts can fail for various reasons so you might need to add these entries manually.
I keep getting the TF60024 error "Unable to create the intermediate database required by VSS Converter on Microsoft SQL Server .\SQLEXPRESS. CREATE DATABASE permission denied in database 'master'." When I run the VSSConverter with "Migrate" and my xml file.
Here is my XML file:
<?xml version="1.0" encoding="utf-8"?>
<SourceControlConverter>
<ConverterSpecificSetting>
<Source name="VSS">
<VSSDatabase name="z:\CHS_SourceSafe"></VSSDatabase>
</Source>
<ProjectMap>
<Project Source="$/Account Automation SQL" Destination="$/Account Automation SQL"></Project>
<!--Other projects excluded-->
</ProjectMap>
</ConverterSpecificSetting>
<Settings>
<TeamFoundationServer name="CHS-TFS" port="8080" protocol="http" collection="tfs/DefaultCollection"></TeamFoundationServer></Settings>
</SourceControlConverter>
My network guy told me to mention:
I am a local admin on the Server (CHS-TFS)
I am a sys adm on both TFS 2010 64 bit and SQL Server (2008 R2 64 bit).
I'm running this from the (win 7): "c:\program files (x86)\Microsoft Visual Studio 10.0\Common7\IDE" folder.
The ANALYZE function returned 0 errors.
I've tried adding the ".root" to the end of the Source, that didn't help.
We also tried NT AUTHORITY\NETWORK SERVICE full access (thinking that maybe it was using that as a default login)
Any suggestions?
EDIT:
I found this one blog post:
http://blogs.msdn.com/b/dparys/archive/2009/09/17/create-database-permission-denied-in-database-master-my-fix.aspx
that seemed to deal with the issue, I worked though it, and still I'm getting the same error.
I finally figured out how to do this a different way. I watched this video:
You Tube video that explains other way of doing this
And downloaded this tool:
File to download
And it was much easier to do.
I have a NetBeans Project and tried to creat an Web Service client with the following WSDL from WSO2 ESB 4.6.0 like in this example:
https://localhost:9443/services/AuthenticationAdmin?wsdl
But when NetBeans tries to create the client I get an error:
Why is this happening? I created other Web Service Clients, they are working, but this isn't working and I don't know why...
If I try it with eclipse I also get an error:
IWAB0399E Error in generating Java from WSDL: java.io.IOException: ERROR: Missing <soap:fault> element inFault "AuthenticationAdminAuthenticationException" in operation "AuthenticationAdminAuthenticationException", in binding logout
java.io.IOException: ERROR: Missing <soap:fault> element inFault "AuthenticationAdminAuthenticationException" in operation "AuthenticationAdminAuthenticationException", in binding logout
at org.apache.axis.wsdl.symbolTable.SymbolTable.faultsFromSOAPFault(SymbolTable.java:2858)
at org.apache.axis.wsdl.symbolTable.SymbolTable.populateBindings(SymbolTable.java:2549)
at org.apache.axis.wsdl.symbolTable.SymbolTable.populate(SymbolTable.java:744)
at org.apache.axis.wsdl.symbolTable.SymbolTable.add(SymbolTable.java:543)
at org.apache.axis.wsdl.symbolTable.SymbolTable.populate(SymbolTable.java:518)
at org.apache.axis.wsdl.symbolTable.SymbolTable.populate(SymbolTable.java:495)
at org.apache.axis.wsdl.gen.Parser$WSDLRunnable.run(Parser.java:361)
at java.lang.Thread.run(Thread.java:722)
Maybe the WSDL has an error?
The AuthenticationAdmin WSDL file is correct.
The logout operation is defined as a "One-way" operation. If you look at AuthenticationAdmin.java implementation, you can see logout method has following signature.
public void logout() throws AuthenticationException
Note that the return type is "void", which means there is no output.
WSO2 uses Apache Axis2 and there are no problems generating the client with Axis2.
I just tried creating a client with Eclipse & Apache Axis2. I could successfully create the stub.
WSO2 also uses the Service Stub created using AuthenticationAdmin WSDL. See pom.xml for more information about generating the client.
<java classname="org.apache.axis2.wsdl.WSDL2Java" fork="true">
<arg line="-uri src/main/resources/AuthenticationAdmin.wsdl
-u -uw -o target/generated-code
-ns2p http://common.core.carbon.wso2.org/xsd=org.wso2.carbon.authenticator.stub.authentication,http://authentication.services.core.carbon.wso2.org=org.wso2.carbon.authenticator.stub,http://authentication.services.core.carbon.wso2.org/xsd=org.wso2.carbon.authenticator.stub"/>
<classpath refid="wsdl2java.classpath"/>
</java>
I'm getting the same error as you have shown, when I try to generate the client using Apache Axis. Therefore please make sure to use Apache Axis2 as the web service runtime. Also make sure you point Axis2 directory in Eclipse Preferences -> Web Services -> Axis2 Preferences.
I also see NetBeans try to use wsimport utility. May be it doesn't support one-way operations properly.
I recommend you to use Apache Axis2 to generate the client.