I'm using CreateService to install a windows service on Windows XPE. I'd like to set things up so that only the Administrator can start/stop/pause/resume the service.
Right now I'm using the following to install the service:
schService = CreateService(schSCManager,
ServiceName,
ServiceDisplayName, // service name to display
SERVICE_ALL_ACCESS, // desired access
SERVICE_WIN32_OWN_PROCESS, // service type
SERVICE_AUTO_START, // start type
SERVICE_ERROR_NORMAL, // error control type
binaryPathName, // service's binary (this program)
NULL, // no load ordering group
NULL, // no tag identifier
NULL, // no dependencies
NULL, // LocalSystem account
NULL); // no password
And the service ends up with security such that members of the PowerUsers group can start and stop the service. I've figured out that I can use sc sdshow to examine the security descriptor, and I've worked out an SDDL line that would do the right thing for us.
I've also learned that our Win XPE install doesn't have the sc.exe binary on it, so we can't really use that to setup this particular system.
So, what I need to know is: What are the APIs I need to use, to set the security descriptor on this service around the time I do the CreateService call. I'm completely unfamiliar with the Windows security APIs, so I just don't know where to start.
UPDATE: The answer is SetServiceObjectSecurity (below). Next question: What's the best way to setup the SecurityDescriptor? Is it best to get the default descriptor, then modify it? Or should I just create a completely new descriptor?
I'm not really familiar with Windows XP Embedded, but normally you would achieve what you are after using the SetServiceObjectSecurity function. Use the handle you get from CreateService and build a security descriptor that matches what you want.
Related
I have a situation where I want to import my graph data to database.I am having janusgraph(latest version) running with cassandra(version 3) and elasticsearch(version 6.6.0) using Docker.I have been suggested to use gryo format.So I have tried this command
graph.io(IoCore.gryo()).reader().create().readGraph(ToInputStream.from("my_graph.kryo"), graph);
but ended up with an error
No such property: ToInputStream for class: Script4
The documentation I am following is here.Please take a look and put me in a right procedure. Thanks in advance!
ToInputStream is not a function of Gremlin or JanusGraph. I believe that it is only a function of IBM Compose so unless you are running JanusGraph on that specific platform, this command will not work.
Versions of JanusGraph that utilize TinkerPop 3.4.x will support the io() step and this is the preferred manner in which to load gryo (as well as graphson and graphml) files.
Graph graph = ... // setup JanusGraph instance
GraphTraversalSource g = traversal().withGraph(graph); // might use withRemote() here instead depending on how you are connecting I suppose
g.io("graph.kryo").read().iterate()
Note that if you are connecting remotely - it seems you are sending scripts to the Docker instance given your error - then be sure that that "graph.kryo" file path is accessible to Docker. That's what's nice about ToInputStream from Compose as it allows you to access remote sources.
I installed Service Control(V1.20.0) recently to my QA server, I install it using ServiceControl Management Utility , I didn’t change the default values, I didn’t move DB location.
I was able to browse to the RavenDB when I am in maintenance mode.
The particular endpoints are created, I also have non-expired license.
This is what i found in the db log file
Microsoft.Isam.Esent.Interop.EsentInvalidInstanceException: Invalid
instance handle at Microsoft.Isam.Esent.Interop.Api.Check(Int32
err) in
C:\Work\ravendb\SharedLibs\Sources\managedesent-61618\EsentInterop\Api.cs:line
2739 at
Microsoft.Isam.Esent.Interop.Api.JetBeginSession(JET_INSTANCE
instance, JET_SESID& sesid, String username, String password) in
C:\Work\ravendb\SharedLibs\Sources\managedesent-61618\EsentInterop\Api.cs:line
823 at
Raven.Storage.Esent.StorageActions.DocumentStorageActions..ctor(JET_INSTANCE
instance, String database, TableColumnsCache tableColumnsCache,
OrderedPartCollection`1 documentCodecs, IUuidGenerator uuidGenerator,
IDocumentCacher cacher, EsentTransactionContext transactionContext,
TransactionalStorage transactionalStorage) in
c:\Builds\RavenDB-Stable-2.5\Raven.Database\Storage\Esent\StorageActions\General.cs:line
76
With the amazing help of Particular team, I was able to solve the issue. In my case the problem was I have created the Particular.ServiceControl queue manually. And it needs to be transnational, this was the error i was getting in event viewer:
Queue must be transactional if you configure your endpoint to be
transactional
Deleting the queue, and let Service Control Management tool take care of creating all necessary queues.
I have a problem with changing the standard options used by an Axis 1.4 generated web service client code.
We consume a certain web service of a partner who is using the old RPC/Encoded style, which basically means we're not able to go for Axis 2 but are limited to Axis 1.4.
The service client is retrieving data from the remote server through our proxy which actually runs quite nicely.
Our application is deployed as a servlet. The retrieved response of the foreign web service is inserted into a (XML) document we provide to our internal systems/CMS.
But if the external service is not responding - which didn't happen yet but might happen at anytime - we want to degrade nicely and return our produced XML document without the calculated web service information within a resonable time.
The data retrieved is optional (if this specific calculation is missing it isn't a big issue at all).
So I tried to change the timeout settings. I did apply/use all methods and keys I could find in the documentation of axis to alter the connection and socket timeouts by searching the web.
None of these seems to influence the connection timeouts.
Can anyone give me advice how to alter the settings for an axis stub/service/port based on version 1.4?
Here's an example for the several configurations I tried:
MyService service = new MyServiceLocator();
MyServicePort port = null;
try {
port = service.getMyServicePort();
javax.xml.rpc.Stub stub = (javax.xml.rpc.Stub) port;
stub._setProperty("axis.connection.timeout", 10);
stub._setProperty(org.apache.axis.client.Call.CONNECTION_TIMEOUT_PROPERTY, 10);
stub._setProperty(org.apache.axis.components.net.DefaultCommonsHTTPClientProperties.CONNECTION_DEFAULT_CONNECTION_TIMEOUT_KEY, 10);
stub._setProperty(org.apache.axis.components.net.DefaultCommonsHTTPClientProperties.CONNECTION_DEFAULT_SO_TIMEOUT_KEY, 10);
AxisProperties.setProperty("axis.connection.timeout", "10");
AxisProperties.setProperty(org.apache.axis.client.Call.CONNECTION_TIMEOUT_PROPERTY, "10");
AxisProperties.setProperty(org.apache.axis.components.net.DefaultCommonsHTTPClientProperties.CONNECTION_DEFAULT_CONNECTION_TIMEOUT_KEY, "10");
AxisProperties.setProperty(org.apache.axis.components.net.DefaultCommonsHTTPClientProperties.CONNECTION_DEFAULT_SO_TIMEOUT_KEY, "10");
logger.error(AxisProperties.getProperties());
service = new MyClimateServiceLocator();
port = service.getMyServicePort();
}
I assigned the property changes before the generation of the service and after, I set the properties during initialisation, I tried several other timeout keys I found, ...
I think I'm getting mad about that and start to forget what I tried already!
What am I doing wrong? I mean there must be an option, mustn't it?
If I don't find a proper solution I thought about setting up a synchronized thread with a timeout within our code which actually feels quite awkward and somehow silly.
Can you imagine anything else?
Thanks in advance
Jens
axis1.4 java client soap wsdl2java rpc/encoded xml servlet generated alter change setup stub timeout connection socket keys methods
I think it may be a bug, as indicated here:
https://issues.apache.org/jira/browse/AXIS-2493?jql=text%20~%20%22CONNECTION_DEFAULT_CONNECTION_TIMEOUT_KEY%22
Typecast service port object to org.apache.axis.client.Stub.
(i.e)
org.apache.axis.client.Stub stub = (org.apache.axis.client.Stub) port;
Then set all the properties:
stub._setProperty(org.apache.axis.client.Call.CONNECTION_TIMEOUT_PROPERTY, 10);
stub._setProperty(org.apache.axis.components.net.DefaultCommonsHTTPClientProperties.CONNECTION_DEFAULT_CONNECTION_TIMEOUT_KEY, 10);
stub._setProperty(org.apache.axis.components.net.DefaultCommonsHTTPClientProperties.CONNECTION_DEFAULT_SO_TIMEOUT_KEY, 10);
I have this line of code in my Delphi app:
sh := CoShellWindows.Create;
When run through a Citrix session, this raises an exception "Not enough storage is available to complete this operation."
Can someone confirm my suspicion that I can't access this through Citrix? I'm running in Seamless mode if that makes any difference. Maybe there's something I need to change on the published icon to make it work?
I am guessing that there is no "Shell" in Citrix to create.
Thanks
EDIT
The CoShellWindows is simply a class which creates an object which implements the IShellWindows interface. This interface is then used to iterate through it's items looking for an instance of Internet Explorer (or more specifically, an item which implements the IWebBrowser2 interface).
There are a few other use case scenarios using the CoShellWindows, but all ultimately are used to interact with the IWebBrowser2 interface (Internet Explorer 8). My requirement is to obtain this IWebBrowser2 object.
The call, behind the scenes is calling the Windows API CoCreateInstance with the following parameters:
rclsid = {9BA05972-F6A8-11CF-A442-00A0C90A8F39} (CLSID of
IShellWindows)
pUnkOuter = null (nil)
dwClsContext = CLSCTX_ALL (I've tried various combinations of these
flags)
riid = {85CB6900-4D95-11CF-960C-0080C7F4EE85} (IID of IShellWindows)
ppv = a variable declared as type IShellWindows
eg:CoCreateInstance(CLASS_ShellWindows, nil, CLSCTX_ALL, IID_IShellWindows, sh)
Your exception "Not enough storage is available to complete this operation." should really read "Shell does not exist so no instance can be created"
Basically you are correct in your assumption that there is no shell to create in Citrix.
What are you using the shell for? as if you provide more information we may well be able to offer a full work around.
I have a Windows Service that I inherited from a departed developer. The Windows Service is running just fine in the QA environment. When I install the service and run it locally, I receive this error:
Service cannot be started. System.InvalidOperationException: The requested Performance Counter is not a custom counter, it has to be initialized as ReadOnly.
Here is the code:
ExternalDataExchangeService exchangeService = new ExternalDataExchangeService();
workflowRuntime.AddService(exchangeService);
workflowRuntime.AddService(new SqlTrackingService(AppContext.SqlConnectionImportLog));
ChallengerWorkflowService challengerWorkflowService = new ChallengerWorkflowService();
challengerWorkflowService.SendDataEvent += new EventHandler<SendDataEventArgs>(challengerWorkflowService_SendDataEvent);
workflowRuntime.AddService(challengerWorkflowService);
workflowRuntime.StartRuntime(); <---- Exception is thrown here.
Check for installer code. Often you will find counters are created within an installation (which is going to of been run under admin privledges on client site) and the code then uses them as though they exist - but will not try create them because they do not expect to have the permissions.
If you just get the source and then try run it, the counters / counter classes do not exist so you fall over immediately. (Alternatively check whether the counter exists / you have local admin if they wrote the code to create it in the service.)
Seen it before so mentioned it.
Attach Debugger and break on InvalidOperationException (first-chance, i.e. when thrown)?