If I try to terminate the Borland SocketServer application for Delphi 2009 the message above appears.
The application window remains open and I can only terminate the application in the task manager.
Operating system is Windows 2000 Professional SP4
The same error also occurs with the Delphi 2007 version of scktsrvr
scktsrvr attempts to store its settings under HKEY_LOCAL_MACHINE\SOFTWARE\Borland\Socket Server registry key which probably fails under a limited user account. Try running it as administrator, or as a service.
Edit: you can also modify it to use HKEY_CURRENT_USER, for example. It comes with source code.
Run the socketserver as a service, and add the proper permission to the registry key the service user needs to set. Remember that the user you use to run the SocketServer is important. The server acts like a proxy, and in turn call the DCOM server that implements the remote server. Unless changed, the user of the connecting process is used for DCOM security, thereby you have to ensure the right user is used, or you may lead to big vulnerabilities.
Related
I have a small test application, made with Delphi 10.3.1 as an Stand Alone HTTPSYS Intraweb service. It has an ADOConnection and a ADOTable and in FormShow of unit1, I open the connection, and the table and reads the first 10 rows and add them to a listbox. Just to see that it works and is possible.
When running the application as a Stand Alone HTTPSYS, vith visual GUI, it's working nicely, but when I compile it as a service, and install it, on the sql server, or on the development machine, it fails with access Violation, trying to open the table. I suppose it is an Authentication problem.
I have tried to open connection with both Windows Auth, and with a specific SQL login, and I have tried running the service with both local system (default) and with the specific SQL account.
What am I missing ?
The Specific SQL login, works in SSMS. I'm able to use it to login and access my tables.
Also, if I create the application as a DLL and put it on my IIS10, it works fine.
You are right. It has nothing to do with authentication.
For the IntraWeb HttpSys Stand Alone program to run as a service, the ServerController.ComInitialization property must be set to ciMultiThreaded.
Thanks for your comment which lead me to look elsewhere. You do deserve the credit.
Regards
Soren
I am building a Windows service app using Delphi , RAD Studio 10
Upon my investigation I came across with a Eset Windows service which wonderfully was protecting itself from being Stopped or terminated.
On stopping the service using (windows service manager) or (end process button)
or (end task button) following error messages occurs :
The operation couldn't be completed.
access denied.
same thing is true with its registry keys . The error message is :
Can not delete info: Error while deleting key
I tested Administrator access and system access. in both cases i was not successful.
I want to build such self-defense mechanism for my own application protecting my service and registry key.
Any idea would be helpful.
Thank you for your time.
update :
I want to know how i can do it in Delphi ... that's why it is tagged Delphi
and If someone wants to stop the service or uninstall it ....
he or she can just use my own applications UI to do it.
edit 2 :
As Remko mentioned I thnk DACL and ACL is better way to handle it , I couldn't find any good reference for it. Is there any good reference for Delphi language?
Protecting from SCM stop is very easy. Assuming you are using TService, you can handle the TService.OnStop event and set its Stopped parameter to False. And assign an error code to the TService.ErrCode or TService.Win32ErrCode property.
Unless you are writing security software, you really should not protect from TaskManager termination. Admins should be allowed to kill misbehaving processes. That being said, you can use SetSecurityInfo() to assign a DACL to your service process that grants/denies access to particular users and/or groups as needed.
You can also use ChangeServiceConfig2() to configure your service's "failure actions" to restart the service if it terminates unexpectedly.
To protect your Registry key, you can use the lpSecurityAttributes parameter of RegCreateKeyEx(), or use the RegSetKeySecurity() function, to assign a SECURITY_DESCRIPTOR to your key that contains a DACL that grants/denies access to particular users and/or groups as needed.
It's a Delphi XE2 app. Pretty simple. Just calls CreateOleObject('Outlook.Application') and assigns the result to a Variant.
If the program is run as administrator it fails with "Server execution failed", but it works fine and I can get the version number back if I run as the logged in user (without elevated permissions).
Why is this? What is it about running as administrator that stops it from creating the object?
This error is due to a mismatch between the security contexts. Outlook is a singleton, so CreateOleObject will connect to the running instance of Outlook if it is available. COM system refuses to marshal calls between processes with different security contexts.
Either make sure Outlook is not running when calling CreateOleObject or make sure both processes run in the same security context.
You can also switch to Extended MAPI (which is a set of dlls loaded in-proc) used directly or through a wrapper (such as Redemption (I am its author) - its RDO family of objects roughly corresponds to the Namespace object in the Outlook Object Model.).
I have an application named “LeafTest” which has Server Edition and Client Edition. The server Service is “Mss.exe” which is running under account “stepup” account which I checked from “services.msc” and system configuration is 2003 server 32bit standard edition with SP2. But yesterday means November 20 it suddenly stopped , I don’t know what is the reason behind it.
When I checked my application logs I can see these errors just before it reported service stopped
The entries in event log are
Following error also i can see somewhere
Event ID ( 8500 ) in Source ( LeafTest)
cannot be found. The local computer may not have the necessary registry
information or message DLL files to display messages from a remote computer.
When I go0gled somewhere its mentioning my application may not be installed properly or registered or I need to work with registry. Can any body tell me what will be the reason behind the service stpped by reading logs which i have posted
A service may halt if there is an unhandled exception. Check that you are handling all exceptions. Also, if the service uses any COM objects I have, in the past, had exceptions that could not be caught in my .NET 2.0 applications.
I have a set of legacy Delphi 6 aplications that are out of process COM servers. In attempting to run these programs as a normal domain user on Windows I see them when running up (without any command line arguments or switches) attempting to update chunks of HKEY_CURRENT_CLASSES. this fails due to lac of permission to the HKCR hive. It appears that the act of running a Delphi 6 COM server causes it to attempt to register its embedded COM types with the system registry.
I do not want this behavior normally. We would do this once during install under and adminatrative account to initalise the COM registry, but would not want to do this under normal running conditions of a non adminastrative account. (if you moniroy the system with sys internals process monitor you can see the failed registry key access attempts).
Is there a command line switch I can pass to a Delphi 6 COM server to prevent this automatic COM registrtion logic?
I don't think you're actually seeing what you think you are...
Delphi only tries to install COM servers if they haven't already been installed. I suspect what you're seeing is your application checking to see if it's registered yet or not. The reason you're seeing the failures is because back in Delphi 6 the registry key would have been opened with ALL_ACCESS rights (D6 was prior to XP/Vista/Win7), and I think that's what's causing your failed registry access attempts.
In answer to your question, though: No, there's no command line switch to prevent the automatic registration logic.
It will always try to register the server from TComServer.Initialize unless the startup parameter is /UNREGSERVER which will remove the registry settings. If the startup parameter is /REGSERVER you will get an exception if the registration failed otherwise it will just swallow the exception. Automatic registration of out-proc COM servers has been removed in later version of Delphi. The only option you have to remove this behavior in Delphi 6 is to modify TComServer.Inititalize to only register the server when FStartMode is smRegServer or smUnregServer.