Windows Server 2008 R2: Using PowerShell to send a MSI file to all workstations
Hello!
We are currently using Windows Server 2008 R2. In the upcoming months, we are releasing new software. Instead of touching all the machines with gpupdate /force, we would like to know if we could somehow use Windows PowerShell and send that
command to all the computers in our organization? We are currently in the process of using Group Policy Management to set up the new GPO. After we create them, we would like to send the MSI file to all workstations. I know it is SUPER easy to do within Windows
Server 2012... as I have read articles and seen screenshots. I am just having a hard time figuring out how to make it work with Windows Server 2008 R2.
Thanks!
Megan
New-PSSession -computername Computer
where Computer is one of your remote computers. If that succeeds, great! But I'm guessing it won't and enabling that on all of your computers would require more effort than what you're trying to accomplish in the first place.
Psexec is free to download and you don't have to deploy it:
http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx
As far as identifying your target computers, it really depends on your environment. Get-ADComputer is effective, but the example I provided above would get literally every computer in your active directory - is this something you want to deploy to
any and all servers, workstations, etc? How big and complex is your AD? Is this something you need to coordinate with all your systems around about the same time, or can it be staggered? Do you expect your target computers not to reboot between
now and then? I know that's a lot of questions, but your question is loaded and not easy to answer without knowing more about your environment.
What about this?
http://technet.microsoft.com/en-us/library/jj134201.aspx
There is a requirement to have certain firewall exceptions on your target systems, but hopefully they are because that is the best approach.
I hope this post has helped!
Similar Messages
-
SChannel Fails Authentication on Windows Server 2008 R2 Using TLS1
I am trying to use SChannel to secure a socket connection. I modified the example at
https://msdn.microsoft.com/en-us/library/windows/desktop/aa380537(v=vs.85).aspx, converting it from Negotiate to SChannel. Following the specs for the SSPI APIs I was able the get a Client & Server connection authenticated on Windows 7.
However, when I try running the same programs on Windows Server 2008 R2, either the Client side or Server side fails, depending on how I select the security protocol.
Here is the modified example code, details about my results follow the code.
Client.cpp
// Client-side program to establish an SSPI socket connection
// with a server and exchange messages.
// Define macros and constants.
#include "StdAfx.h"
#include <windows.h>
#include <winsock.h>
#include <stdio.h>
#include <stdlib.h>
#include "SspiExample.h"
#include <string>
#include <iostream>
CredHandle g_hCred;
SecHandle g_hCtext;
#define SSPI_CLIENT "SChannelClient:" __FUNCTION__
void main(int argc, char * argv[])
SOCKET Client_Socket;
BYTE Data[BIG_BUFF];
PCHAR pMessage;
WSADATA wsaData;
SECURITY_STATUS ss;
DWORD cbRead;
ULONG cbHeader;
ULONG cbMaxMessage;
ULONG cbTrailer;
SecPkgContext_StreamSizes SecPkgSizes;
SecPkgContext_PackageInfo SecPkgPkgInfo;
SecPkgContext_ConnectionInfo ConnectionInfo;
BOOL DoAuthentication (SOCKET s, WCHAR * pCertName);
char Server[512] = {0};
WCHAR CertName[512] = {0};
// Validate cmd line parameters
if ( argc != 3 )
LOGA ( ( __log_buf, SSPI_CLIENT " required parameters ServerName & CertName not entered.\n"));
LOGA( ( __log_buf, SSPI_CLIENT " Abort and start over with required parameters.\n") );
std::cin.get();
else
// argv[1] - ServerName - the name of the computer running the server sample.
// argv[2] - TargetName the common name of the certificate provided
// by the target server program.
memcpy(Server, argv[1], strlen(argv[1]));
size_t sizCN;
mbstowcs_s(&sizCN, CertName, strlen(argv[2])+1, argv[2], _TRUNCATE);
LOGA ( ( __log_buf, SSPI_CLIENT " input parameters - ServerName %s CertName %ls.\n", Server, CertName ));
// Initialize the socket and the SSP security package.
if(WSAStartup (0x0101, &wsaData))
MyHandleError( __FUNCTION__ " Could not initialize winsock ");
// Connect to a server.
SecInvalidateHandle( &g_hCtext );
if (!ConnectAuthSocket (
&Client_Socket,
&g_hCred,
&g_hCtext,
Server,
CertName))
MyHandleError( __FUNCTION__ " Authenticated server connection ");
LOGA ( ( __log_buf, SSPI_CLIENT " connection authenticated.\n"));
// An authenticated session with a server has been established.
// Receive and manage a message from the server.
// First, find and display the name of the SSP,
// the transport protocol supported by the SSP,
// and the size of the header, maximum message, and
// trailer blocks for this SSP.
ss = QueryContextAttributes(
&g_hCtext,
SECPKG_ATTR_PACKAGE_INFO,
&SecPkgPkgInfo );
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_CLIENT "QueryContextAttributes failed: 0x%08x\n", ss));
MyHandleError( __FUNCTION__ " QueryContextAttributes failed.\n");
else
LOGA ( ( __log_buf, SSPI_CLIENT " Package Name: %ls\n", SecPkgPkgInfo.PackageInfo->Name));
// Free the allocated buffer.
FreeContextBuffer(SecPkgPkgInfo.PackageInfo);
ss = QueryContextAttributes(
&g_hCtext,
SECPKG_ATTR_STREAM_SIZES,
&SecPkgSizes );
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_CLIENT " QueryContextAttributes failed: 0x%08x\n", ss));
MyHandleError( __FUNCTION__ " Query context ");
cbHeader = SecPkgSizes.cbHeader;
cbMaxMessage = SecPkgSizes.cbMaximumMessage;
cbTrailer = SecPkgSizes.cbTrailer;
LOGA ( ( __log_buf, SSPI_CLIENT " cbHeader %u, cbMaxMessage %u, cbTrailer %u\n", cbHeader, cbMaxMessage, cbTrailer ));
ss = QueryContextAttributes(
&g_hCtext,
SECPKG_ATTR_CONNECTION_INFO,
&ConnectionInfo );
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_CLIENT " QueryContextAttributes failed: 0x%08x\n", ss));
MyHandleError( __FUNCTION__ " Query context ");
switch(ConnectionInfo.dwProtocol)
case SP_PROT_TLS1_CLIENT:
LOGA ( ( __log_buf, SSPI_CLIENT " Protocol: TLS1\n"));
break;
case SP_PROT_SSL3_CLIENT:
LOGA ( ( __log_buf, SSPI_CLIENT " Protocol: SSL3\n"));
break;
case SP_PROT_PCT1_CLIENT:
LOGA ( ( __log_buf, SSPI_CLIENT " Protocol: PCT\n"));
break;
case SP_PROT_SSL2_CLIENT:
LOGA ( ( __log_buf, SSPI_CLIENT " Protocol: SSL2\n"));
break;
default:
LOGA ( ( __log_buf, SSPI_CLIENT " Unknown Protocol: 0x%x\n", ConnectionInfo.dwProtocol));
switch(ConnectionInfo.aiCipher)
case CALG_RC4:
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher: RC4\n");)
break;
case CALG_3DES:
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher: Triple DES\n"));
break;
case CALG_RC2:
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher: RC2\n"));
break;
case CALG_DES:
case CALG_CYLINK_MEK:
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher: DES\n"));
break;
case CALG_SKIPJACK:
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher: Skipjack\n"));
break;
case CALG_AES_256:
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher: AES 256\n"));
break;
default:
LOGA ( ( __log_buf, SSPI_CLIENT " Unknown Cipher: 0x%x\n", ConnectionInfo.aiCipher));
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher strength: %d\n", ConnectionInfo.dwCipherStrength));
switch(ConnectionInfo.aiHash)
case CALG_MD5:
LOGA ( ( __log_buf, SSPI_CLIENT " Hash: MD5\n"));
break;
case CALG_SHA:
LOGA ( ( __log_buf, SSPI_CLIENT " Hash: SHA\n"));
break;
default:
LOGA ( ( __log_buf, SSPI_CLIENT " Unknown Hash: 0x%x\n", ConnectionInfo.aiHash));
LOGA ( ( __log_buf, SSPI_CLIENT " Hash strength: %d\n", ConnectionInfo.dwHashStrength));
switch(ConnectionInfo.aiExch)
case CALG_RSA_KEYX:
case CALG_RSA_SIGN:
LOGA ( ( __log_buf, SSPI_CLIENT " Key exchange: RSA\n"));
break;
case CALG_KEA_KEYX:
LOGA ( ( __log_buf, SSPI_CLIENT " Key exchange: KEA\n"));
break;
case CALG_DH_EPHEM:
LOGA ( ( __log_buf, SSPI_CLIENT " Key exchange: DH Ephemeral\n"));
break;
default:
LOGA ( ( __log_buf, SSPI_CLIENT " Unknown Key exchange: 0x%x\n", ConnectionInfo.aiExch));
LOGA ( ( __log_buf, SSPI_CLIENT " Key exchange strength: %d\n", ConnectionInfo.dwExchStrength));
// Decrypt and display the message from the server.
if (!ReceiveBytes(
Client_Socket,
Data,
BIG_BUFF,
&cbRead))
MyHandleError( __FUNCTION__ " No response from server\n");
if (0 == cbRead)
MyHandleError(__FUNCTION__ " Zero bytes received.\n");
pMessage = (PCHAR) DecryptThis(
Data,
&cbRead,
&g_hCtext);
// Skip the header to get the decrypted message
pMessage += cbHeader;
ULONG cbMessage = cbRead-cbHeader-cbTrailer;
if ((cbMessage == strlen(TEST_MSG)) &&
!strncmp(pMessage, TEST_MSG, strlen(TEST_MSG)) )
LOGA ( ( __log_buf, SSPI_CLIENT " SUCCESS!! The message from the server is \n -> %.*s \n",
cbMessage, pMessage ))
else
LOGA ( ( __log_buf, SSPI_CLIENT " UNEXPECTED message from the server: \n -> %.*s \n",
cbMessage, pMessage ));
LOGA ( ( __log_buf, SSPI_CLIENT " rcvd msg size %u, exp size %u\n", cbMessage, strlen(TEST_MSG) ));
// Terminate socket and security package.
DeleteSecurityContext (&g_hCtext);
FreeCredentialHandle (&g_hCred);
shutdown (Client_Socket, 2);
closesocket (Client_Socket);
if (SOCKET_ERROR == WSACleanup ())
MyHandleError( __FUNCTION__ " Problem with socket cleanup ");
exit (EXIT_SUCCESS);
} // end main
// ConnectAuthSocket establishes an authenticated socket connection
// with a server and initializes needed security package resources.
BOOL ConnectAuthSocket (
SOCKET *s,
CredHandle *g_hCred,
PSecHandle phCtext,
char * pServer,
WCHAR * pCertName)
unsigned long ulAddress;
struct hostent *pHost;
SOCKADDR_IN sin;
// Lookup the server's address.
LOGA ( ( __log_buf, SSPI_CLIENT " entry.\n"));
ulAddress = inet_addr (pServer);
if (INADDR_NONE == ulAddress)
LOGA ( ( __log_buf, SSPI_CLIENT " calling gethostbyname with %s.\n", pServer ));
pHost = gethostbyname (pServer);
if (NULL == pHost)
MyHandleError(__FUNCTION__ " Unable to resolve host name ");
memcpy((char FAR *)&ulAddress, pHost->h_addr, pHost->h_length);
std::string ipAddrStr;
ipAddrStr = inet_ntoa( *(struct in_addr*)*pHost->h_addr_list);
LOGA ( ( __log_buf, __FUNCTION__ " gethostbyname - ipAddress %s, name %s.\n", ipAddrStr.c_str(), pHost->h_name ) );
// Create the socket.
*s = socket (
PF_INET,
SOCK_STREAM,
0);
if (INVALID_SOCKET == *s)
MyHandleError(__FUNCTION__ " Unable to create socket");
else
LOGA ( ( __log_buf, SSPI_CLIENT " Socket created.\n"));
sin.sin_family = AF_INET;
sin.sin_addr.s_addr = ulAddress;
sin.sin_port = htons (g_usPort);
// Connect to the server.
if (connect (*s, (LPSOCKADDR) &sin, sizeof (sin)))
closesocket (*s);
MyHandleError( __FUNCTION__ " Connect failed ");
LOGA ( ( __log_buf, SSPI_CLIENT " Connection established.\n"));
// Authenticate the connection.
if (!DoAuthentication (*s, pCertName))
closesocket (*s);
MyHandleError( __FUNCTION__ " Authentication ");
LOGA ( ( __log_buf, SSPI_CLIENT " success.\n"));
return(TRUE);
} // end ConnectAuthSocket
BOOL DoAuthentication (SOCKET s, WCHAR * pCertName)
BOOL fDone = FALSE;
DWORD cbOut = 0;
DWORD cbIn = 0;
PBYTE pInBuf;
PBYTE pOutBuf;
if(!(pInBuf = (PBYTE) malloc(MAXMESSAGE)))
MyHandleError( __FUNCTION__ " Memory allocation ");
if(!(pOutBuf = (PBYTE) malloc(MAXMESSAGE)))
MyHandleError( __FUNCTION__ " Memory allocation ");
cbOut = MAXMESSAGE;
LOGA ( ( __log_buf, SSPI_CLIENT " 1st message.\n"));
if (!GenClientContext (
NULL,
0,
pOutBuf,
&cbOut,
&fDone,
pCertName,
&g_hCred,
&g_hCtext
LOGA ( ( __log_buf, SSPI_CLIENT " GenClientContext failed\n"));
return(FALSE);
if (!SendMsg (s, pOutBuf, cbOut ))
MyHandleError(__FUNCTION__ " Send message failed ");
while (!fDone)
if (!ReceiveMsg (
s,
pInBuf,
MAXMESSAGE,
&cbIn))
MyHandleError( __FUNCTION__ " Receive message failed ");
cbOut = MAXMESSAGE;
LOGA ( ( __log_buf, SSPI_CLIENT " Message loop.\n"));
if (!GenClientContext (
pInBuf,
cbIn,
pOutBuf,
&cbOut,
&fDone,
pCertName,
&g_hCred,
&g_hCtext))
MyHandleError( __FUNCTION__ " GenClientContext failed");
if (!SendMsg (
s,
pOutBuf,
cbOut))
MyHandleError( __FUNCTION__ " Send message failed");
LOGA ( ( __log_buf, SSPI_CLIENT " fDone %s.\n", fDone ? "Yes" : "No" ));
if (NULL != pInBuf)
free(pInBuf);
pInBuf = NULL;
if (NULL != pOutBuf)
free(pOutBuf);
pOutBuf = NULL;
LOGA ( ( __log_buf, SSPI_CLIENT " exit.\n"));
return(TRUE);
BOOL GenClientContext (
BYTE *pIn,
DWORD cbIn,
BYTE *pOut,
DWORD *pcbOut,
BOOL *pfDone,
WCHAR *pCertName,
CredHandle *g_hCred,
struct _SecHandle *g_hCtext)
SECURITY_STATUS ss;
TimeStamp Lifetime;
SecBufferDesc OutBuffDesc;
SecBuffer OutSecBuff;
SecBufferDesc InBuffDesc;
SecBuffer InSecBuff[2];
ULONG ContextAttributes;
static TCHAR lpPackageName[1024];
if( NULL == pIn )
wcscpy_s(lpPackageName, 1024 * sizeof(TCHAR), UNISP_NAME );
ss = AcquireCredentialsHandle (
NULL,
lpPackageName,
SECPKG_CRED_OUTBOUND,
NULL,
NULL,
NULL,
NULL,
g_hCred,
&Lifetime);
if (!(SEC_SUCCESS (ss)))
MyHandleError( __FUNCTION__ " AcquireCreds failed ");
// Prepare the buffers.
OutBuffDesc.ulVersion = 0;
OutBuffDesc.cBuffers = 1;
OutBuffDesc.pBuffers = &OutSecBuff;
OutSecBuff.cbBuffer = *pcbOut;
OutSecBuff.BufferType = SECBUFFER_TOKEN;
OutSecBuff.pvBuffer = pOut;
// The input buffer is created only if a message has been received
// from the server.
if (pIn)
LOGA ( ( __log_buf, SSPI_CLIENT " Call InitializeSecurityContext with pIn supplied.\n"));
InBuffDesc.ulVersion = 0;
InBuffDesc.cBuffers = 1;
InBuffDesc.pBuffers = InSecBuff;
InSecBuff[0].cbBuffer = cbIn;
InSecBuff[0].BufferType = SECBUFFER_TOKEN;
InSecBuff[0].pvBuffer = pIn;
InSecBuff[1].pvBuffer = NULL;
InSecBuff[1].cbBuffer = 0;
InSecBuff[1].BufferType = SECBUFFER_EMPTY;
ss = InitializeSecurityContext (
g_hCred,
g_hCtext,
pCertName,
MessageAttribute,
0,
0,
&InBuffDesc,
0,
g_hCtext,
&OutBuffDesc,
&ContextAttributes,
&Lifetime);
else
LOGA ( ( __log_buf, SSPI_CLIENT " Call InitializeSecurityContext with NULL pIn.\n"));
ss = InitializeSecurityContext (
g_hCred,
NULL,
pCertName,
MessageAttribute,
0,
0,
NULL,
0,
g_hCtext,
&OutBuffDesc,
&ContextAttributes,
&Lifetime);
if (!SEC_SUCCESS (ss))
LOGA ( ( __log_buf, SSPI_CLIENT " InitializeSecurityContext failed with error 0x%08x\n", ss));
MyHandleError ( __FUNCTION__ " InitializeSecurityContext failed " );
LOGA ( ( __log_buf, SSPI_CLIENT " InitializeSecurityContext returned 0x%08x\n", ss));
// If necessary, complete the token.
if ((SEC_I_COMPLETE_NEEDED == ss)
|| (SEC_I_COMPLETE_AND_CONTINUE == ss))
ss = CompleteAuthToken (g_hCtext, &OutBuffDesc);
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_CLIENT " complete failed: 0x%08x\n", ss));
return FALSE;
*pcbOut = OutSecBuff.cbBuffer;
*pfDone = !((SEC_I_CONTINUE_NEEDED == ss) ||
(SEC_I_COMPLETE_AND_CONTINUE == ss));
LOGA ( ( __log_buf, SSPI_CLIENT " Token buffer generated (%lu bytes):\n", OutSecBuff.cbBuffer));
PrintHexDump (OutSecBuff.cbBuffer, (PBYTE)OutSecBuff.pvBuffer);
return TRUE;
PBYTE DecryptThis(
PBYTE pBuffer,
LPDWORD pcbMessage,
struct _SecHandle *hCtxt)
SECURITY_STATUS ss;
SecBufferDesc BuffDesc;
SecBuffer SecBuff[4];
ULONG ulQop = 0;
// By agreement, the server encrypted the message and set the size
// of the trailer block to be just what it needed. DecryptMessage
// needs the size of the trailer block.
// The size of the trailer is in the first DWORD of the
// message received.
LOGA ( ( __log_buf, SSPI_CLIENT " data before decryption including trailer (%lu bytes):\n",
*pcbMessage));
PrintHexDump (*pcbMessage, (PBYTE) pBuffer);
// Prepare the buffers to be passed to the DecryptMessage function.
BuffDesc.ulVersion = 0;
BuffDesc.cBuffers = 4;
BuffDesc.pBuffers = SecBuff;
SecBuff[0].cbBuffer = *pcbMessage;
SecBuff[0].BufferType = SECBUFFER_DATA;
SecBuff[0].pvBuffer = pBuffer;
SecBuff[1].cbBuffer = 0;
SecBuff[1].BufferType = SECBUFFER_EMPTY;
SecBuff[1].pvBuffer = NULL;
SecBuff[2].cbBuffer = 0;
SecBuff[2].BufferType = SECBUFFER_EMPTY;
SecBuff[2].pvBuffer = NULL;
SecBuff[3].cbBuffer = 0;
SecBuff[3].BufferType = SECBUFFER_EMPTY;
SecBuff[3].pvBuffer = NULL;
ss = DecryptMessage(
hCtxt,
&BuffDesc,
0,
&ulQop);
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_CLIENT " DecryptMessage failed with error 0x%08x\n", ss))
else
LOGA ( ( __log_buf, SSPI_CLIENT " DecryptMessage success? Status: 0x%08x\n", ss));
// Return a pointer to the decrypted data. The trailer data
// is discarded.
return pBuffer;
PBYTE VerifyThis(
PBYTE pBuffer,
LPDWORD pcbMessage,
struct _SecHandle *hCtxt,
ULONG cbMaxSignature)
SECURITY_STATUS ss;
SecBufferDesc BuffDesc;
SecBuffer SecBuff[2];
ULONG ulQop = 0;
PBYTE pSigBuffer;
PBYTE pDataBuffer;
// The global cbMaxSignature is the size of the signature
// in the message received.
LOGA ( ( __log_buf, SSPI_CLIENT " data before verifying (including signature):\n"));
PrintHexDump (*pcbMessage, pBuffer);
// By agreement with the server,
// the signature is at the beginning of the message received,
// and the data that was signed comes after the signature.
pSigBuffer = pBuffer;
pDataBuffer = pBuffer + cbMaxSignature;
// The size of the message is reset to the size of the data only.
*pcbMessage = *pcbMessage - (cbMaxSignature);
// Prepare the buffers to be passed to the signature verification
// function.
BuffDesc.ulVersion = 0;
BuffDesc.cBuffers = 2;
BuffDesc.pBuffers = SecBuff;
SecBuff[0].cbBuffer = cbMaxSignature;
SecBuff[0].BufferType = SECBUFFER_TOKEN;
SecBuff[0].pvBuffer = pSigBuffer;
SecBuff[1].cbBuffer = *pcbMessage;
SecBuff[1].BufferType = SECBUFFER_DATA;
SecBuff[1].pvBuffer = pDataBuffer;
ss = VerifySignature(
hCtxt,
&BuffDesc,
0,
&ulQop
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_CLIENT " VerifyMessage failed with error 0x%08x\n", ss));
else
LOGA ( ( __log_buf, SSPI_CLIENT " Message was properly signed.\n"));
return pDataBuffer;
} // end VerifyThis
void PrintHexDump(
DWORD length,
PBYTE buffer)
DWORD i,count,index;
CHAR rgbDigits[]="0123456789abcdef";
CHAR rgbLine[100];
char cbLine;
for(index = 0; length;
length -= count, buffer += count, index += count)
count = (length > 16) ? 16:length;
sprintf_s(rgbLine, 100, "%4.4x ",index);
cbLine = 6;
for(i=0;i<count;i++)
rgbLine[cbLine++] = rgbDigits[buffer[i] >> 4];
rgbLine[cbLine++] = rgbDigits[buffer[i] & 0x0f];
if(i == 7)
rgbLine[cbLine++] = ':';
else
rgbLine[cbLine++] = ' ';
for(; i < 16; i++)
rgbLine[cbLine++] = ' ';
rgbLine[cbLine++] = ' ';
rgbLine[cbLine++] = ' ';
rgbLine[cbLine++] = ' ';
for(i = 0; i < count; i++)
if(buffer[i] < 32 || buffer[i] > 126)
rgbLine[cbLine++] = '.';
else
rgbLine[cbLine++] = buffer[i];
rgbLine[cbLine++] = 0;
LOGA ( ( __log_buf, SSPI_CLIENT " %s\n", rgbLine));
BOOL SendMsg (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf)
if (0 == cbBuf)
return(TRUE);
// Send the size of the message.
LOGA ( ( __log_buf, SSPI_CLIENT " %lu bytes\n", cbBuf ));
if (!SendBytes (s, (PBYTE)&cbBuf, sizeof (cbBuf)))
LOGA ( ( __log_buf, SSPI_CLIENT " size failed.\n" ) );
return(FALSE);
// Send the body of the message.
if (!SendBytes (
s,
pBuf,
cbBuf))
LOGA ( ( __log_buf, SSPI_CLIENT " body failed.\n" ) );
return(FALSE);
LOGA ( ( __log_buf, SSPI_CLIENT " success\n" ) );
return(TRUE);
BOOL ReceiveMsg (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf,
DWORD *pcbRead)
DWORD cbRead;
DWORD cbData;
// Receive the number of bytes in the message.
LOGA ( ( __log_buf, SSPI_CLIENT " entry.\n" ));
if (!ReceiveBytes (
s,
(PBYTE)&cbData,
sizeof (cbData),
&cbRead))
return(FALSE);
if (sizeof (cbData) != cbRead)
LOGA ( ( __log_buf, SSPI_CLIENT " failed: size of cbData %lu, bytes %lu\n", sizeof (cbData), cbRead));
return(FALSE);
// Read the full message.
if (!ReceiveBytes (
s,
pBuf,
cbData,
&cbRead))
return(FALSE);
if (cbRead != cbData)
return(FALSE);
*pcbRead = cbRead;
return(TRUE);
} // end ReceiveMessage
BOOL SendBytes (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf)
PBYTE pTemp = pBuf;
int cbSent;
int cbRemaining = cbBuf;
if (0 == cbBuf)
return(TRUE);
while (cbRemaining)
LOGA ( ( __log_buf, SSPI_CLIENT " %lu bytes.\n", cbRemaining ));
cbSent = send (
s,
(const char *)pTemp,
cbRemaining,
0);
if (SOCKET_ERROR == cbSent)
LOGA ( ( __log_buf, SSPI_CLIENT " send failed: 0x%08.8X\n", GetLastError ()));
return FALSE;
pTemp += cbSent;
cbRemaining -= cbSent;
LOGA ( ( __log_buf, SSPI_CLIENT " success\n" ) );
return TRUE;
BOOL ReceiveBytes (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf,
DWORD *pcbRead)
PBYTE pTemp = pBuf;
int cbRead, cbRemaining = cbBuf;
LOGA ( ( __log_buf, SSPI_CLIENT " Entry: %lu bytes.\n", cbRemaining ));
while (cbRemaining)
cbRead = recv (
s,
(char *)pTemp,
cbRemaining,
0);
LOGA ( ( __log_buf, SSPI_CLIENT " %lu bytes remaining.\n", cbRemaining ));
if (0 == cbRead)
break;
if (SOCKET_ERROR == cbRead)
LOGA ( ( __log_buf, SSPI_CLIENT " recv failed: 0x%08.8X\n", GetLastError ()));
return FALSE;
cbRemaining -= cbRead;
pTemp += cbRead;
*pcbRead = cbBuf - cbRemaining;
LOGA ( ( __log_buf, SSPI_CLIENT " success.\n" ));
return TRUE;
} // end ReceiveBytes
void MyHandleError(char *s)
DWORD err = GetLastError();
if (err)
LOGA ( ( __log_buf, SSPI_CLIENT " %s error (0x%08.8X). Exiting.\n",s, err ))
else
LOGA ( ( __log_buf, SSPI_CLIENT " %s error (no error info). Exiting.\n",s ));
exit (EXIT_FAILURE);
Server.cpp
// This is a server-side SSPI Windows Sockets program.
#include "StdAfx.h"
#include <windows.h>
#include <winsock.h>
#include <stdio.h>
#include <stdlib.h>
#include "Sspiexample.h"
#include <iostream>
CredHandle g_hcred;
struct _SecHandle g_hctxt;
static PBYTE g_pInBuf = NULL;
static PBYTE g_pOutBuf = NULL;
static DWORD g_cbMaxMessage;
static TCHAR g_lpPackageName[1024];
BOOL AcceptAuthSocket (SOCKET *ServerSocket, std::string certThumb );
#define SSPI_SERVER "SChannelServer:" __FUNCTION__
void main (int argc, char * argv[])
CHAR pMessage[200];
DWORD cbMessage;
PBYTE pDataToClient = NULL;
DWORD cbDataToClient = 0;
PWCHAR pUserName = NULL;
DWORD cbUserName = 0;
SOCKET Server_Socket;
WSADATA wsaData;
SECURITY_STATUS ss;
PSecPkgInfo pkgInfo;
SecPkgContext_StreamSizes SecPkgSizes;
SecPkgContext_PackageInfo SecPkgPkgInfo;
ULONG cbMaxMessage;
ULONG cbHeader;
ULONG cbTrailer;
std::string certThumb;
// Create a certificate if no thumbprint is supplied. Otherwise, use the provided
// thumbprint to find the certificate.
if ( (argc > 1) && (strlen( argv[1]) > 0) )
certThumb.assign(argv[1]);
else
LOGA( ( __log_buf, SSPI_SERVER " : No certificate thumbprint supplied.\n") );
LOGA( ( __log_buf, SSPI_SERVER " : Press ENTER to create a certificate, or abort and start over with a thumbprint.\n") );
std::cin.get();
certThumb.clear();
Insert code to find or create X.509 certificate.
// Set the default package to SChannel.
wcscpy_s(g_lpPackageName, 1024 * sizeof(TCHAR), UNISP_NAME);
// Initialize the socket interface and the security package.
if( WSAStartup (0x0101, &wsaData))
LOGA ( ( __log_buf, SSPI_SERVER " Could not initialize winsock: \n") );
cleanup();
ss = QuerySecurityPackageInfo (
g_lpPackageName,
&pkgInfo);
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_SERVER " Could not query package info for %s, error 0x%08x\n",
g_lpPackageName, ss) );
cleanup();
g_cbMaxMessage = pkgInfo->cbMaxToken;
FreeContextBuffer(pkgInfo);
g_pInBuf = (PBYTE) malloc (g_cbMaxMessage);
g_pOutBuf = (PBYTE) malloc (g_cbMaxMessage);
if (NULL == g_pInBuf || NULL == g_pOutBuf)
LOGA ( ( __log_buf, SSPI_SERVER " Memory allocation error.\n"));
cleanup();
// Start looping for clients.
while(TRUE)
LOGA ( ( __log_buf, SSPI_SERVER " Waiting for client to connect...\n"));
// Make an authenticated connection with client.
if (!AcceptAuthSocket (&Server_Socket, certThumb ))
LOGA ( ( __log_buf, SSPI_SERVER " Could not authenticate the socket.\n"));
cleanup();
ss = QueryContextAttributes(
&g_hctxt,
SECPKG_ATTR_STREAM_SIZES,
&SecPkgSizes );
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_SERVER " failed: 0x%08x\n", ss));
exit(1);
// The following values are used for encryption and signing.
cbMaxMessage = SecPkgSizes.cbMaximumMessage;
cbHeader = SecPkgSizes.cbHeader;
cbTrailer = SecPkgSizes.cbTrailer;
LOGA ( ( __log_buf, SSPI_SERVER " cbHeader %u, cbMaxMessage %u, cbTrailer %u\n", cbHeader, cbMaxMessage, cbTrailer ));
ss = QueryContextAttributes(
&g_hctxt,
SECPKG_ATTR_PACKAGE_INFO,
&SecPkgPkgInfo );
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_SERVER " failed: 0x%08x\n", ss));
exit(1);
else
LOGA ( ( __log_buf, SSPI_SERVER " Package Name: %ls\n", SecPkgPkgInfo.PackageInfo->Name));
// Free the allocated buffer.
FreeContextBuffer(SecPkgPkgInfo.PackageInfo);
// Send the client an encrypted message.
strcpy_s(pMessage, sizeof(pMessage),
TEST_MSG);
cbMessage = (DWORD)strlen(pMessage);
EncryptThis (
(PBYTE) pMessage,
cbMessage,
&pDataToClient,
&cbDataToClient,
cbHeader,
cbTrailer);
// Send the encrypted data to client.
if (!SendBytes(
Server_Socket,
pDataToClient,
cbDataToClient))
LOGA ( ( __log_buf, SSPI_SERVER " send message failed. \n"));
cleanup();
LOGA ( ( __log_buf, SSPI_SERVER " %d encrypted bytes sent. \n", cbDataToClient));
if (Server_Socket)
DeleteSecurityContext (&g_hctxt);
FreeCredentialHandle (&g_hcred);
shutdown (Server_Socket, 2) ;
closesocket (Server_Socket);
Server_Socket = 0;
if (pUserName)
free (pUserName);
pUserName = NULL;
cbUserName = 0;
if(pDataToClient)
free (pDataToClient);
pDataToClient = NULL;
cbDataToClient = 0;
} // end while loop
LOGA ( ( __log_buf, SSPI_SERVER " Server ran to completion without error.\n"));
cleanup();
} // end main
BOOL AcceptAuthSocket (SOCKET *ServerSocket, std::string certThumb )
SOCKET sockListen;
SOCKET sockClient;
SOCKADDR_IN sockIn;
// Create listening socket.
sockListen = socket (
PF_INET,
SOCK_STREAM,
0);
if (INVALID_SOCKET == sockListen)
LOGA ( ( __log_buf, SSPI_SERVER " Failed to create socket: %u\n", GetLastError ()));
return(FALSE);
// Bind to local port.
sockIn.sin_family = AF_INET;
sockIn.sin_addr.s_addr = 0;
sockIn.sin_port = htons(usPort);
if (SOCKET_ERROR == bind (
sockListen,
(LPSOCKADDR) &sockIn,
sizeof (sockIn)))
LOGA ( ( __log_buf, SSPI_SERVER " bind failed: %u\n", GetLastError ()));
return(FALSE);
// Listen for client.
if (SOCKET_ERROR == listen (sockListen, 1))
LOGA ( ( __log_buf, SSPI_SERVER " Listen failed: %u\n", GetLastError ()));
return(FALSE);
else
LOGA ( ( __log_buf, SSPI_SERVER " Listening ! \n"));
// Accept client.
sockClient = accept (
sockListen,
NULL,
NULL);
if (INVALID_SOCKET == sockClient)
LOGA ( ( __log_buf, SSPI_SERVER " accept failed: %u\n",GetLastError() ) );
return(FALSE);
closesocket (sockListen);
*ServerSocket = sockClient;
return(DoAuthentication (sockClient, certThumb ));
} // end AcceptAuthSocket
BOOL DoAuthentication (SOCKET AuthSocket, std::string certThumb )
SECURITY_STATUS ss;
DWORD cbIn, cbOut;
BOOL done = FALSE;
TimeStamp Lifetime;
BOOL fNewConversation;
fNewConversation = TRUE;
PCCERT_CONTEXT pCertCtxt;
Insert code to retrieve pCertCtxt
// Build SCHANNEL_CRED structure to hold CERT_CONTEXT for call to AcquireCredentialsHandle
SCHANNEL_CRED credSchannel = {0};
credSchannel.dwVersion = SCHANNEL_CRED_VERSION;
credSchannel.grbitEnabledProtocols = SP_PROT_SSL2_SERVER | SP_PROT_TLS1_SERVER;
credSchannel.cCreds = 1;
credSchannel.paCred = &pCertCtxt;
ss = AcquireCredentialsHandle (
NULL, //pszPrincipal
g_lpPackageName, //pszPackage
SECPKG_CRED_INBOUND, //fCredentialuse
NULL, //pvLogonID
&credSchannel, //pAuthData - need SCHANNEL_CRED structure that indicates the protocol to use and the settings for various customizable channel features.
NULL, //pGetKeyFn
NULL, //pvGetKeyArgument
&g_hcred, //phCredential
&Lifetime); //ptsExpiry
if (!SEC_SUCCESS (ss))
LOGA ( ( __log_buf, SSPI_SERVER " AcquireCreds failed: 0x%08x\n", ss));
return(FALSE);
while(!done)
if (!ReceiveMsg (
AuthSocket,
g_pInBuf,
g_cbMaxMessage,
&cbIn))
return(FALSE);
cbOut = g_cbMaxMessage;
if (!GenServerContext (
g_pInBuf,
cbIn,
g_pOutBuf,
&cbOut,
&done,
fNewConversation))
LOGA ( ( __log_buf, SSPI_SERVER " GenServerContext failed.\n"));
return(FALSE);
fNewConversation = FALSE;
if (!SendMsg (
AuthSocket,
g_pOutBuf,
cbOut))
LOGA ( ( __log_buf, SSPI_SERVER " Send message failed.\n"));
return(FALSE);
return(TRUE);
} // end DoAuthentication
BOOL GenServerContext (
BYTE *pIn,
DWORD cbIn,
BYTE *pOut,
DWORD *pcbOut,
BOOL *pfDone,
BOOL fNewConversation)
SECURITY_STATUS ss;
TimeStamp Lifetime;
SecBufferDesc OutBuffDesc;
SecBuffer OutSecBuff;
SecBufferDesc InBuffDesc;
SecBuffer InSecBuff;
ULONG Attribs = 0;
// Prepare output buffers.
OutBuffDesc.ulVersion = 0;
OutBuffDesc.cBuffers = 1;
OutBuffDesc.pBuffers = &OutSecBuff;
OutSecBuff.cbBuffer = *pcbOut;
OutSecBuff.BufferType = SECBUFFER_TOKEN;
OutSecBuff.pvBuffer = pOut;
// Prepare input buffers.
InBuffDesc.ulVersion = 0;
InBuffDesc.cBuffers = 1;
InBuffDesc.pBuffers = &InSecBuff;
InSecBuff.cbBuffer = cbIn;
InSecBuff.BufferType = SECBUFFER_TOKEN;
InSecBuff.pvBuffer = pIn;
LOGA ( ( __log_buf, SSPI_SERVER " Token buffer received (%lu bytes):\n", InSecBuff.cbBuffer));
PrintHexDump (InSecBuff.cbBuffer, (PBYTE)InSecBuff.pvBuffer);
ss = AcceptSecurityContext (
&g_hcred,
fNewConversation ? NULL : &g_hctxt,
&InBuffDesc,
Attribs,
SECURITY_NATIVE_DREP,
&g_hctxt,
&OutBuffDesc,
&Attribs,
&Lifetime);
if (!SEC_SUCCESS (ss))
LOGA ( ( __log_buf, SSPI_SERVER " AcceptSecurityContext failed: 0x%08x\n", ss));
OutputDebugStringA( "." );
return FALSE;
// Complete token if applicable.
if ((SEC_I_COMPLETE_NEEDED == ss)
|| (SEC_I_COMPLETE_AND_CONTINUE == ss))
ss = CompleteAuthToken (&g_hctxt, &OutBuffDesc);
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_SERVER " complete failed: 0x%08x\n", ss));
OutputDebugStringA( "." );
return FALSE;
*pcbOut = OutSecBuff.cbBuffer;
// fNewConversation equals FALSE.
LOGA ( ( __log_buf, SSPI_SERVER " Token buffer generated (%lu bytes):\n",
OutSecBuff.cbBuffer));
PrintHexDump (
OutSecBuff.cbBuffer,
(PBYTE)OutSecBuff.pvBuffer);
*pfDone = !((SEC_I_CONTINUE_NEEDED == ss)
|| (SEC_I_COMPLETE_AND_CONTINUE == ss));
LOGA ( ( __log_buf, SSPI_SERVER " AcceptSecurityContext result = 0x%08x\n", ss));
return TRUE;
} // end GenServerContext
BOOL EncryptThis (
PBYTE pMessage,
ULONG cbMessage,
BYTE ** ppOutput,
ULONG * pcbOutput,
ULONG cbHeader,
ULONG cbTrailer)
SECURITY_STATUS ss;
SecBufferDesc BuffDesc;
SecBuffer SecBuff[4];
ULONG ulQop = 0;
// The size of the trailer (signature + padding) block is
// determined from the global cbSecurityTrailer.
LOGA ( ( __log_buf, SSPI_SERVER " Data before encryption: %s\n", pMessage));
LOGA ( ( __log_buf, SSPI_SERVER " Length of data before encryption: %d \n",cbMessage));
// Prepare buffers.
BuffDesc.ulVersion = 0;
BuffDesc.cBuffers = 4;
BuffDesc.pBuffers = SecBuff;
PBYTE pHeader;
pHeader = (PBYTE) malloc (cbHeader);
SecBuff[0].cbBuffer = cbHeader;
SecBuff[0].BufferType = SECBUFFER_STREAM_HEADER;
SecBuff[0].pvBuffer = pHeader;
SecBuff[1].cbBuffer = cbMessage;
SecBuff[1].BufferType = SECBUFFER_DATA;
SecBuff[1].pvBuffer = pMessage;
PBYTE pTrailer;
pTrailer = (PBYTE) malloc (cbTrailer);
SecBuff[2].cbBuffer = cbTrailer;
SecBuff[2].BufferType = SECBUFFER_STREAM_TRAILER;
SecBuff[2].pvBuffer = pTrailer;
SecBuff[3].cbBuffer = 0;
SecBuff[3].BufferType = SECBUFFER_EMPTY;
SecBuff[3].pvBuffer = NULL;
ss = EncryptMessage(
&g_hctxt,
ulQop,
&BuffDesc,
0);
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_SERVER " EncryptMessage failed: 0x%08x\n", ss));
return(FALSE);
else
LOGA ( ( __log_buf, SSPI_SERVER " The message has been encrypted. \n"));
// Allocate a buffer to hold the encrypted data constructed from the 3 buffers.
*pcbOutput = cbHeader + cbMessage + cbTrailer;
* ppOutput = (PBYTE) malloc (*pcbOutput);
memset (*ppOutput, 0, *pcbOutput);
memcpy (*ppOutput, pHeader, cbHeader);
memcpy (*ppOutput + cbHeader, pMessage, cbMessage);
memcpy (*ppOutput + cbHeader + cbMessage, pTrailer, cbTrailer);
LOGA ( ( __log_buf, SSPI_SERVER " data after encryption including trailer (%lu bytes):\n",
*pcbOutput));
PrintHexDump (*pcbOutput, *ppOutput);
return TRUE;
} // end EncryptThis
void PrintHexDump(DWORD length, PBYTE buffer)
DWORD i,count,index;
CHAR rgbDigits[]="0123456789abcdef";
CHAR rgbLine[100];
char cbLine;
for(index = 0; length;
length -= count, buffer += count, index += count)
count = (length > 16) ? 16:length;
sprintf_s(rgbLine, 100, "%4.4x ",index);
cbLine = 6;
for(i=0;i<count;i++)
rgbLine[cbLine++] = rgbDigits[buffer[i] >> 4];
rgbLine[cbLine++] = rgbDigits[buffer[i] & 0x0f];
if(i == 7)
rgbLine[cbLine++] = ':';
else
rgbLine[cbLine++] = ' ';
for(; i < 16; i++)
rgbLine[cbLine++] = ' ';
rgbLine[cbLine++] = ' ';
rgbLine[cbLine++] = ' ';
rgbLine[cbLine++] = ' ';
for(i = 0; i < count; i++)
if(buffer[i] < 32 || buffer[i] > 126)
rgbLine[cbLine++] = '.';
else
rgbLine[cbLine++] = buffer[i];
rgbLine[cbLine++] = 0;
LOGA ( ( __log_buf, SSPI_SERVER " %s\n", rgbLine));
} // end PrintHexDump
BOOL SendMsg (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf)
LOGA ( ( __log_buf, SSPI_SERVER " %lu bytes\n", cbBuf ));
if (0 == cbBuf)
return(TRUE);
// Send the size of the message.
if (!SendBytes (
s,
(PBYTE)&cbBuf,
sizeof (cbBuf)))
return(FALSE);
// Send the body of the message.
if (!SendBytes (
s,
pBuf,
cbBuf))
return(FALSE);
return(TRUE);
} // end SendMsg
BOOL ReceiveMsg (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf,
DWORD *pcbRead)
DWORD cbRead;
DWORD cbData;
LOGA ( ( __log_buf, SSPI_SERVER " %lu bytes\n", cbBuf ));
// Retrieve the number of bytes in the message.
if (!ReceiveBytes (
s,
(PBYTE)&cbData,
sizeof (cbData),
&cbRead))
LOGA ( ( __log_buf, SSPI_SERVER " ReceiveBytes failed retrieving byte count.\n", cbBuf ));
return(FALSE);
if (sizeof (cbData) != cbRead)
LOGA ( ( __log_buf, SSPI_SERVER " Error: buffer size (%lu) differs from reported size (%lu)\n", sizeof(cbData), cbRead ));
return(FALSE);
// Read the full message.
if (!ReceiveBytes (
s,
pBuf,
cbData,
&cbRead))
LOGA ( ( __log_buf, SSPI_SERVER " ReceiveBytes failed.\n", cbBuf ));
return(FALSE);
if (cbRead != cbData)
LOGA ( ( __log_buf, SSPI_SERVER " Error: buffer bytes (%lu) differs from reported bytes (%lu)\n", cbData, cbRead ));
return(FALSE);
*pcbRead = cbRead;
return(TRUE);
} // end ReceiveMsg
BOOL SendBytes (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf)
PBYTE pTemp = pBuf;
int cbSent, cbRemaining = cbBuf;
LOGA ( ( __log_buf, SSPI_SERVER " %lu bytes\n", cbBuf ));
if (0 == cbBuf)
return(TRUE);
while (cbRemaining)
cbSent = send (
s,
(const char *)pTemp,
cbRemaining,
0);
if (SOCKET_ERROR == cbSent)
LOGA ( ( __log_buf, SSPI_SERVER " send failed: %u\n", GetLastError ()));
return FALSE;
LOGA ( ( __log_buf, SSPI_SERVER " %lu bytes sent\n", cbSent ));
pTemp += cbSent;
cbRemaining -= cbSent;
return TRUE;
} // end SendBytes
BOOL ReceiveBytes (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf,
DWORD *pcbRead)
PBYTE pTemp = pBuf;
int cbRead, cbRemaining = cbBuf;
LOGA ( ( __log_buf, SSPI_SERVER " %lu bytes\n", cbBuf ));
while (cbRemaining)
cbRead = recv (
s,
(char *)pTemp,
cbRemaining,
0);
if (0 == cbRead)
break;
if (SOCKET_ERROR == cbRead)
LOGA ( ( __log_buf, SSPI_SERVER " recv failed: %u\n", GetLastError () ) );
return FALSE;
cbRemaining -= cbRead;
pTemp += cbRead;
*pcbRead = cbBuf - cbRemaining;
return TRUE;
} // end ReceivesBytes
void cleanup()
if (g_pInBuf)
free (g_pInBuf);
g_pInBuf = NULL;
if (g_pOutBuf)
free (g_pOutBuf);
g_pOutBuf = NULL;
WSACleanup ();
exit(0);
SspiExample.h
// SspiExample.h
#include <schnlsp.h>
#include <sspi.h>
#include <windows.h>
#include <string>
BOOL SendMsg (SOCKET s, PBYTE pBuf, DWORD cbBuf);
BOOL ReceiveMsg (SOCKET s, PBYTE pBuf, DWORD cbBuf, DWORD *pcbRead);
BOOL SendBytes (SOCKET s, PBYTE pBuf, DWORD cbBuf);
BOOL ReceiveBytes (SOCKET s, PBYTE pBuf, DWORD cbBuf, DWORD *pcbRead);
void cleanup();
BOOL GenClientContext (
BYTE *pIn,
DWORD cbIn,
BYTE *pOut,
DWORD *pcbOut,
BOOL *pfDone,
WCHAR *pCertName,
CredHandle *hCred,
PSecHandle phCtext
BOOL GenServerContext (
BYTE *pIn,
DWORD cbIn,
BYTE *pOut,
DWORD *pcbOut,
BOOL *pfDone,
BOOL fNewCredential
BOOL EncryptThis (
PBYTE pMessage,
ULONG cbMessage,
BYTE ** ppOutput,
LPDWORD pcbOutput,
ULONG cbHeader,
ULONG cbTrailer
PBYTE DecryptThis(
PBYTE achData,
LPDWORD pcbMessage,
struct _SecHandle *hCtxt
BOOL
SignThis (
PBYTE pMessage,
ULONG cbMessage,
BYTE ** ppOutput,
LPDWORD pcbOutput
PBYTE VerifyThis(
PBYTE pBuffer,
LPDWORD pcbMessage,
struct _SecHandle *hCtxt,
ULONG cbMaxSignature
void PrintHexDump(DWORD length, PBYTE buffer);
BOOL ConnectAuthSocket (
SOCKET *s,
CredHandle *hCred,
PSecHandle phCtext,
char * pServer,
WCHAR * pCertName
BOOL CloseAuthSocket (SOCKET s);
BOOL DoAuthentication (SOCKET s, WCHAR * pCertName );
BOOL DoAuthentication (SOCKET s, std::string certThumb );
void MyHandleError(char *s);
#define DBG_SIZE 1024
int OutputDebug( char buff[DBG_SIZE] )
int retval;
char debugstring[DBG_SIZE+32];
retval = _snprintf_s( debugstring, DBG_SIZE+32, _TRUNCATE, " %s", buff );
OutputDebugStringA( debugstring );
return retval;
int DbgBufCopy( char *buff, const char *format, ...)
int iLen;
va_list args;
/// Call va_start to start the variable list
va_start(args, format);
/// Call _vsnprintf_s to copy debug information to the buffer
iLen = _vsnprintf_s(buff, DBG_SIZE, _TRUNCATE, format, args);
/// Call va_end to end the variable list
va_end(args);
return iLen;
#define LOGA(_format_and_args_)\
{ char __log_buf[DBG_SIZE];\
DbgBufCopy _format_and_args_;\
printf("%s", __log_buf );\
OutputDebug(__log_buf);\
#define TEST_MSG "This is your server speaking"
My initial attempt built an SCHANNEL_CRED structure following the documentation to set
grbitEnabledProtocols to 0, and let SChannel select the protocol. This worked on Windows 7, selecting TLS1. When I ran the same exe-s on 2008 R2, the Client program failed, with InitializeSecurityContext returning SEC_E_DECRYPT_FAILURE.
The failure occurred on the 2nd call, using phNewContext returned on the first call.
My next attempt set grbitEnabledProtocols to SP_PROT_TLS1_SERVER. This also worked on Win 7, but 2008R2 failed again, this time on the Server side. AcceptSecurityContext failed, returning SEC_E_ALGORITHM_MISMATCH.
TLS is a requirement for my project, but to try getting the sample to run, I next set grbitEnabledProtocols to SP_PROT_SSL2_SERVER. This did work for 2008R2, selecting SSL2, but now the Server failed on Win7 with AcceptSecurityContext returning
SEC_E_ALGORITHM_MISMATCH.
My final try was to set grbitEnabledProtocols to SP_PROT_TLS1_SERVER | SP_PROT_SSL2_SERVER, but that failed identically to the first case, with the Client on 2008R2 returning SEC_E_DECRYPT_FAILURE.
So my question is - What is required to get SChannel to select TLS regardless of the Windows version on which the programs are running?Thank you for the reference. That did provide the information I needed to get TLS working. However, the documentation is not accurate with regard to setting the registry keys and values.
The tables all show DisabledByDefault as a subkey under the protocol. They also describe a DWORD value, Enabled, as the mechanism to enable/disable a protocol.
What I found is DisabledByDefault is a DWORD value under Client/Server and it appears to be the determining factor to whether a protocol is enabled/disabled.
The only way I was able to get TLS 1.1 working is with the following path present:
HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client
Under Client, I must have DisabledByDefault set to 0. With that, the Enabled value does not need to be present.
This held true for any level of TLS.
I also found the setting of grbitEnabledProtocols in the SCHANNEL_CRED structure to be misleading. From the description at
https://msdn.microsoft.com/en-us/library/windows/desktop/aa379810(v=vs.85).aspx, I thought my Server program could set this field to 0, and SChannel would select the protocol as directed by the registry. What I found is that the structure flag must
agree with the registry setting for TLS to work. That is with the resgistry key above for TLS 1.1, I must set grbitEnabledProtocols to SP_PROT_TLS1_1.
Can you confirm the relationship between the SCHANNEL_CRED contents and registry state? -
Client can not connect to Server installed window server 2008 and using 8.8
HI all!
I have a problem when Client log in to server that installed window server 2008.It can not connect to this server even when restart and key in IP or Server name,...
I try disable Firewall of window 2008 in server machine and client can connect to server. But when i disable firewall, it's mean i can not use Remote desktop or terminal service..
Now, how i can do in order to solve this problem.
Thanks!Hi,
Take a look at the admin guide (Page 75, 119, 159):
[http://service.sap.com/~sapidb/011000358700000150922010E.zip]
If you installed a firewall on the license service computer, make sure that the firewall is not set to port 30000; otherwise, the license service cannot work.
If you are using Port X, make sure that you open Port X and Port (X+1) in the firewall. For example, if you are using port 10000, make sure to also open port 10001.
The default communication port is 1143.
The default port of the SAP Business One license server is 30000 for license communication and 30001 for the license naming service -
This server (Windows Server 2008 R2 Standard with SP1) is used to host thin clients as well as RDP sessions. One morning the office is fine, they come back from lunch and all of the sudden they can't load certain web pages, such as adobe.com
and pandora.com to name a couple. This was roughly 3 days ago.
1.) I have tried machines that are not connected to this server (not thin client or RDP), but are on the same network, they can load up any web page fine with no issues.
2.) On the server I have tried Opera, Chrome, IE and Firefox, all have the same exact problem.
3.) Tried different DNS servers just to be sure, even though it only effects the server and no one else.
Based on these facts I know that it is something wrong with the server, but not tied to a specific brower. In all browsers when you load up a page in question it just sits there with a blank screen trying to load, it never generates any errors.
The Event Viewer is also clean, no errors. So with no errors I have had trouble trying to find a starting place for this. Things I have tried:
1.) ipconfig /flushdns to try and clear out any DNS issues
2.) Changing the DNS servers for the server to 8.8.8.8 and 4.2.2.2
3.) Scanning for Viruses and Malware/Spyware
4.) Checking proxy settings on the server
5.) Updating and then removing Adobe Flash (thought it was tied to flash at first). Problem persists even with no flash player installed.
6.) Completed a failed update of .net, no effect
7.) Loading up browsers in debug mode to try and find anything in the site code that I could relate between failed sites. I found nothing I could identify
Of all issues to finally be stumped on this seems like an easy one, but I can't even begin to come up with an idea at this point.
I have tried to lay out all of the facts that I know as plainly as I can. I am hoping that someone has seen this before as this issue is effecting a number of differnt users and keeping them from doing portions of their job.
Help is most appreciated, thank you!I was able to figure out a solution.
CAUSE:
It appears that the Internet isn’t fully up to date and ready to use EDns -- which is enabled on Windows Server 2008 R2 by default. The solution for this is to disable Edns. Note that this isn’t
a problem for most Windows Server 2008 R2 member servers. It’s only a problem for DNS *servers* that do recursive lookups. i.e. likely only your domain controller will be affected if that is where your DNS Server role exists.
SOLUTION:
To disable EDns, you can do it from the command prompt, or by editing the registry.
Create a DWORD called EnableEDNSProbes and set to 0 in HKLM\SYSTEM\CurrentControlSet\services\DNS\Parameters
Restart the DNS Server service for it to take effect. -
I already have Win 7 on an internal Bootcamp drive. It so far has worked well, Bootcamp performance drag is minimal, if at all. Now I want to install Win Server 2008 R2 and load a bunch of virtuals using Hyper-V Manager. The virtuals are already created. This is to practice for a certification test....
Running Mountain Lion, 2010 MP 2 X 2.4 (8 core) 24 GB RAM, all HDD slots full.Works like a charm. Apple Supports says you can have multiple instances of Bootcamp. Win Server 2008 R2 is up and running, drivers installed (except issues with Bluetooth) and accepting Windows Updates and Service Packs.
-
How do i install mysql on windows server 2012 r2 using powershell(automate)??
i have a requirement of installing the mysql server with one click deployment using power shell by passing the parameters needed into the mysql console. can i achieve that ?
can anyone help me in doing that?
thanks in advance.
Suresh GaddamHi Suresh,
This forum is for SCOM related questions, it seems like that you are asking for powershell script to install Mysql. From my point of view, I don't think that using powershell to install Mysql is an easy way, as it is hard to say whether Powershell can get
information from Mysql install console with some API.
In addition, for further assistance, please contact MySQL forum and Powershell forum.
Thanks for your understanding!
Regards,
Yan Li
Regards, Yan Li -
Hi,
I am working on a validation script to get the list of hotfixes installed on Domain Controllers every month as part of our monthly DC patching process. I have been successful in getting these details for DC's with (Windows Server 2008
R2 SP1, Powershell v2.0) using the below command.
Get-HotFix -cn $computer | Select-Object PSComputerName,HotFixID,Description,InstalledBy,InstalledOn | where InstalledOn -ge (Get-Date -Day 1 -Format d) | FT -AutoSize
I execute the above from a jump box with powershell v4.0 (Server 2008 R2)
However, when I try the same command from the jump box to query DC's with (Server 2008 SP2, powershell v2.0). It doesn't return the InstalledOn date and time. It was giving error for the InstalledOn property and hence I renamed it to $_.InstalledOn. Now
I don't get error but still no details displayed for InstalledOn property.
I tried using the below, as could see on few forums that this might resolve the issue. I also tried removing the "where" part but still no installation date returned.
Get-HotFix -cn $computer | Select-Object HotFixID, Description, InstalledBy, @{l="InstalledOn";e={[DateTime]::Parse($_.psbase.properties["installedon"].value,$([System.Globalization.CultureInfo]::GetCultureInfo("en-US")))}}
| where {$_.InstalledOn -ge (Get-Date -Day 1 -Format d)} | FT -AutoSize
Have tried this locally on the 2008 SP2 DC but still not working. Please advise what is going wrong?
Note: If I execute the below command locally on the 2008 SP2 DC, I am getting the InstalledOn output. However, when executed from the jump box with powershell v4.0 (Server 2008 R2) to query
the same 2008 SP2 DC, it just gives the prompt again without any error or output. This behavior is consistent for other 2008 SP2 DC's in the environment.
Get-HotFix -cn $computer | Select-Object HotfixID,Description,InstalledBy,InstalledOn | where {$_.InstalledOn -ge (Get-Date -Day 1 -Format d)} | FT -AutoSizeHi jrv, I have already tried the Win32_QuickFixEngineering option, which doesn't work either. Apologies for not mentioning the workarounds that I have already tried.
Get-Hotfix seems to be just a wrapper for Win32_QuickFixEngineering as per the below article. (http://technet.microsoft.com/en-us/library/hh849836.aspx)
I have seen a mention of using the WU ActiveX control on few forums, but was too lazy to read it through.
After rigorous testing, it makes me realize that somewhere the Get-Hotfix dates formatting\comparison isn't working. -
Active-Passive Failover cluster in Windows Server 2008 R2
Hi,
As per the client requirements, I build an active-passive Oracle 11g R2 database cluster in Windows Server 2008 R2.
(Used Microsoft cluster as Client don't have Fail Safe licence)
As per the configuration, I follow the below mentioned steps:
a)OS vendor configured Active-Passive Windows Cluster
b)Installed Oracle 11g R2 on both the nodes with same ORACLE_HOME name
c)Create Listener and configured it with cluster IP in Node1
d)Create Database from Node1. Physical files location are all in Storage
e)Create Oracle Service with the same name in the 2nd node and copy all the files like spfile,tnsnames.ora,listener.ora,password file to Node2
f)Configure Listener with the same Oracle SID.
g)Test database failover from Node2 with Listener registration
h)Open the Windows Failover Manager to configure the Oracle Database and Listener Service in the Cluster Group
Now I am facing problem by moving Cluster Group movement. Whenever trying to moving the group, Listerner service is not getting up by Cluster Manager as quorum is not included in the group and that quorum disk is not moving in the failover node with the Oracle Cluster Group. As per my understanding Quorum having information of Cluster IP which has been configured with Listener.
But when I am shutdown one node, then in the other node all the resources successfully moving and cluster able to online all the resources. I guess at that time Quorum is also moving and thus cluster can able to make Listener online.
Please suggest how to resolve this issue. Means how can I make Listener up instead having any dependencies with Quorum in the fail over node?
Thanks a lot for your help.hello
I was going through your post and i am also doing the same thing here at our organisation for Oracle 10g R2
Can you pls send me any docs u r having for configuration of Oracle in windows clusters .
And, can you pls elaborate on this point
e)Create Oracle Service with the same name in the 2nd node and copy all the files like spfile,tnsnames.ora,listener.ora,password file to Node2.
Pls send me the details at [email protected] or you can contact me at 08054641476.
Thanks in advance. -
Unable to install SQL server 2008 r2 standard edition on windows server 2008 r2 sp1
I am unable to install sql server 2008 r2 standard edition on windows server 2008 r2 sp1.
On the Setup Support Files page, choose Install this step I don't get any other window i.e. nothing happens I waited for 5-10 min. Then I checked the log file.
Final result: Failed: see details below
Exit code (Decimal): -2068053929
Exit facility code: 1212
Exit error code: 87
Exit message: Failed: see details below
Start time: 2014-03-18 14:59:31
End time: 2014-03-18 15:00:25
=== Verbose logging started: 3/19/2014 9:45:47 Build type: SHIP UNICODE 5.00.7601.00 Calling process: E:\SQL Server 2008 R2 Standard\x64\setup100.exe ===
MSI (c) (10:34) [09:45:47:496]: Note: 1: 2203 2: E:\SQL Server 2008 R2 Standard\x64\redist\watson\dw20sharedamd64.msi 3: -2147287038
MSI (c) (10:34) [09:45:47:496]: MsiOpenPackageEx is returning 2.
=== Verbose logging stopped: 3/19/2014 9:45:47 ===
Please help As i am running out of time as i have to upgrade TFS for that first step is to install SQL server.Hello,
The following are a few things you can try:
Copy the media to the local disk drive, unzip it (in case you are installing from an ISO file, and run SQL Server setup from there.
Try to unregister and register the Windows Installer with the following two commands:
msiexec /unregister
msiexec /regserver
Try to use Process Monitor to log the detailed error produced when the installation of dw20sharedamd64.msi fails. You can download Process Monitor from the following link:
http://technet.microsoft.com/en-us/sysinternals/bb896645
Share with us the error captured by Process Monitor.
Hope this helps.
Regards,
Alberto Morillo
SQLCoffee.com -
I have a problem with starting the Excel Application under a particular user (service account).
I try to schedule this C# script through an application X (not Windows Task Scheduler. And this
application will always use a service account to run services on the server). If I run the C# script in
command prompt under the same user, it runs. Under the application X, which uses the exact same
user, to initiate the C# script, it fails to open the Excel application (not sufficient permission?).
This script calls application.Workbooks.Open(<ExcelFileName>,0,false,Type.missing....). At this line
of code, it gives the following error:
Microsoft Excel cannot access the file "...". There are several possible reasons:
-The file name or path does not exist.
-The file is being used by another program.
-The workbook you are trying to save has the same name as a currently open workbook.
I tried all the methods that I found online as follow:
Create directory "C:\Windows\SysWOW64\config\systemprofile\Desktop" (for 64 bit Windows) or "C:\Windows\System32\config\systemprofile\Desktop" (for 32 bit Windows).
Changed the DCOM config for the Microsoft Excel application to include this user for Local/Remote Launch and Access.
Enabled all macros in Excel application and set the Trust Center.
Add the user to have full control on all folders that contain the Excel file.
Under DCOM
config, Microsoft Excel Application, if I modify the Identity tab to check on "This User" and enter the username/password to let Excel always run under that user. Then the application runs perfectly. However, other users can't run the excel application
on their own with the following error: "Cannot use object linking and embedding". If I check "Use the launching user", then Excel can't be launched. No errors in the logs or events anywhere to check.
Yet, still the same error. I think it's permission but I am not sure where and what to do for this to work.
Now, normally, when I run this excel report, I can double-click on the file and it'd automatically run,
save the new parameters into the current file and generate a new excel file (with date attached to the
file name). That means there is a change (save) to the original file.
Environment: Windows Server 2008 R2 and running Microsoft Excel 2010.
I appreciate all your help!I am wondering if this has anything to do with having the user log into Excel.
In point #5 above: Under DCOM config, Microsoft Excel Application, if I modify the Identity tab to check on "This User" and enter the username/password to let Excel always run under that user. Then the application runs perfectly. However, other
users can't run the excel application on their own with the following error: "Cannot use object linking and embedding". If I check "Use the launching user", then Excel can't be launched. No errors in the logs or events anywhere to check.
Because running with the launching user proposes an user to run the Excel application. However, I do not think there is any where that we can pass in the password for this user to Excel. However, this Excel has all the permissions to Excel application as
well as the folders that have the Excel files.
Please help!
Thank you! -
Backed up files partially disappear after restore (Windows Server 2008 R2 - Windows Server Backup)
Dear all,
I am experiencing a problem with "Windows Server 2008 R2", using Windows Server Backup.
Here's my setup:
Server: RAID 5 Disk setup
Backup:
By using Windows Server Backup (within Windows Server 2008 R2), C: and D: were fully backed up, with "System State" and "Baremetal Recovery" options selected. Backup went okay without any errors.
Restore:
By using Windows Recovery Environment (booted from Windows Server DVD), C: and D: were fully restored to the original partitions with "System Recovery" option found within Windows RE (without re-formatting partitions during restore). Restore
went OK without any errors. Rebooted, and system has been running fine.
Problem:
After the restore, the system itself seems running OK; no BSOD, no crash, no visible errors.
However, our client insisted some files (around 6 to 7) which are related to the propriety software has "disappeared" right after System Recovery.
Question:
Since Windows Server Backup is using "Volume Shadow Copy" technology which enables "live backup" of the running system, is it possible that some files will disappear (=restore error) after
System Recovery?
I cannot really find any errors or warnings related to Windows Server Backup in the event log, through. No Windows-backup errors. No VSS errors, too.
Do anybody have experienced this kind of problem in the past? Any suggestion will be greatly appreciated.Thank you for your reply, Ms. Mandy.
To make things clear, let me explain to you briefly:
1. The "missing data" was backed up with "full system backup".
2. After a system restore from the above backup image, as you mentioned, partitions has been overwritten with the partions' backup data in the Backup Data Set taken by Windows Server Backup. No error with backup. No error after restore, and reboot - system
has been running fine.
3. Although there was a report that the affected files(about 7 java exectables) were missing after the above restore operation, other aspect of system was running fine at the time of the report.
4. I have checked the original backup data set - and voila, there ARE files which seems to gone after restore.
5. When I used Windows Server Backup "on" Windows Server 2008 R2 normal environment (= NOT Recovery environment from DVD) and selectd ONLY these affected files to restore, these files could be RESTORED successfully, without any errors. SO... data
was property backed up.
> The recovery will overwrite the partitions so files created after the backup point will be missing.
I understand, and this is not the case this time, because the affected files are already present in the backup data set (= I have mounted the backup data as VHD, and I could clearly see them present in the mounted VHD file)
Plus, these files are completely restoreable via "selective file restore" in Windows Server Backup.
Things I want to know/confirm:
> The recovery will overwrite the partitions
If I understand this correctly, in case that the files in question are already present in the backup data set, these files SHOULD be restored after full system restore, right? (If these files could not be restored, Windows Server Backup SHOULD show some errors.)
What do you think, Ms. Mandy? :)
Jo -
IDM 7.2 under Windows Server 2008 R2 (SQL Server ): Which NTW ? Which JVM ?
Hello,
We are installing IDM 7.2 under Windows Server 2008 R2 using the database SQL Server 2008 R2.
1/ Which NetWeaver should we use to install the Java Application Server (NTW 7.3 or NTW 7.2)?
Using install guides 7.2rev8, we tried NTW 7.3 but it comes with JVM 1.6 that isn't supported, according to the PAM.
Should we install the AS Java with NTW 7.2 that comes with JVM 1.5 (JVM 1.5 being supported)?
2/ Has someone installed IDM 7.2 under Windows Server 2008 R2 (SQL Server)?
If yes, which NTW was used (7.2 or 7.3)? Which JVM was used (1.5 or 1.6)? Which JDBC drivers (1.2 or 3)?
Thanks a lot for your replies,
Regards.{quote)For the Java RE are you using 32 or 64 bytes ?{quote)
C:\Users\Administrator>java -version
java version "1.6.0_30"
Java(TM) SE Runtime Environment (build 1.6.0_30-b12)
Java HotSpot(TM) 64-Bit Server VM (build 20.5-b03, mixed mode)
{quote)Which JDBC driver do you use (1.2 or 3.0) ?{quote)
{quote)In the IDM Identity Center, for the dispatchers option tools, how do you fill it ?
We are using :
Path to java exe: E:\usr\sap\ID1\J00\exe\sapjvm_6\bin\java.exe{quote)
C:\Program Files\Java\jre6\bin\java.exe
{quote)Path to jvm.dll: E:\usr\sap\ID1\J00\j2ee\JSPM\sapjvm\jre\bin\server\jvm.dll{quote)
C:\Program Files\Java\jre6\bin\server\jvm.dll
{quote)JDBC driver jar: D:\Microsoft SQL Server JDBC Driver 3.0\sqljdbc_3.0\enu\sqljdbc4.jar{quote)
C:\sqljdbc\sqljdbc4.jar
{quote)JDBC driver names: xxxxxxxxx (can you write us what you use){quote)
com.microsoft.sqlserver.jdbc.SQLServerDriver
{quote)CLASSPATH extension: D:\Microsoft SQL Server JDBC Driver 3.0\sqljdbc_3.0\enu\sqljdbc4.jar{quote)
No Classpath specified -
IMacs running slow off Windows Server 2008
Currently the Creative Director and I are the only ones at our company working on Macs. We both are running OSX 10.6.8 on iMacs and we are having major slow loading time in Finder and very, very slow loading time working with Adobe files (PSDs/AIs/INDDs).
The company I work for has been bought out by another company and they had their tech guys come in to install a server.. I have recently found out that it is a Windows Server 2008. We were told to transfer our files to this server and ever since have been having problems. I have tried to communicate with some of the techs and they either complain about Macs or are not that familiar with Macs. They don't have any other designers at their company, so I am not sure how to get them to understand the issue.
I have done some research and found others with similar problems, but I am not really finding a solution or a discussion that is very recent. I think this is a problem that has been around for awhile, but we are new to it. The problem seems to be with the SMB sharing.
We would be grateful if anyone had any insight or infomation regarding working off a Windows Server 2008 from a Mac or whether we should recommend us working off a Mac Server which is backed up to the main server.
Thanks!
AaAppreciate it Ed.
I let our boss know about Extreme ZIP and forwarded the link to our IT team. Although we haven't gotten a response back yet, I am thinking that a mac server would be a cheaper purchase overall since it wouldn't be a reoccuring monthly charge.
If we were to convert one an extra Mac Pros to a Lion Server, is it possible to have that backed up or connected to the Windows Server 2008? Or would we need to do that the Mac Pro. Not sure how to word this, my lack of experience in servers shines through here.
Really trying to save us from switching to PCs, thinking if we can convert the Mac Pro to a Lion Server it would be our least expenseive route.
Thanks again,
Aaron -
Create a child or subdomain in a field or domain in Windows Server 2008 R2 SP1 using Powershell
I am trying to create a child or subdomain in a field or domain in Windows Server 2008 R2 SP1 using Powershell.
ps>powershell.exe -noprofile -command "&{ start-process powershell -ArgumentList '-noprofile -file C:\Users\Administrator\Documents\Powershell\psfile.ps1' -verb RunAs}"
psfile.ps1
([WMIClass]"\\sandpit\root\MicrosoftDNS:MicrosoftDNS_Zone").CreateZone("subdomain.domain.com", 0, $False)This is a duplicate of a duplicate of a duplicate.
I think this is the current:
http://social.technet.microsoft.com/Forums/scriptcenter/en-US/734be028-438d-433c-b3f7-676c0490b61d/create-a-child-or-subdomain-in-a-field-or-domain-in-windows-server-2008-r2-sp1-using-powershell?forum=winserverpowershell
Don't retire TechNet! -
(Don't give up yet - 12,830+ strong and growing) -
PowerShell Script running Excel won't run on Windows Server 2008 R2
I have a script that creates a report of a single example of each warning or error in the Windows Event log, for each server in a list of servers,with the number of times that error has occurred in the last week on each server. It creates this report in
Excel. I have this script running automated through Task Scheduler for one client on Windows 7 and it's working perfectly. I have another client that I am attempting to run this script automated on a server running Windows Server 2008 R2. I can manually run
the script and everything works, but if I try to schedule the script everything works except for the Excel PowerShell commands. I've have tried:
Created the Desktop folders for config\systemprofile in System32 and in SysWOW64.
Configured permissions in DCOM for Microsoft Excel Application.
Configured folder permissions for config\systemprofile.
Verified PowerShell is working.
Unchecked the option in the task to only run while logged on.
Does anyone have any idea why this is happening and how I can fix it? Thanks!
Sincerely,
Christopher BeardYou might have to launch the application once as the system account so that it can set up the Excel environment, I've had the same problem when trying to update Excel files from an admin Powershell console using my admin account. Use psexec with
a -s option to run it as system account locally while logged on to the target server:
psexec -s "c:\program files (x86)\microsoft office\office14\excel.exe"
Then you'll most likely be prompted to input initials - which is what I suspect is preventing your code from running properly.
There may be some other more elegant way to handle this, but you'd be better off asking that question in one of the forums devoted to Office products.
I hope this post has helped!
Maybe you are looking for
-
Can't get photos in iCloud upload folder on pc to upload - help?
I've asked this question before but no answer for the problem. I believe I have everything set up properly on all my iOs devices and on my PC (where I have the iCloud control panel working). The problem is that any pictures I drop into the Upload fol
-
HI , I Used BPM scenario for merging two files and the Two files are picked from the source and in SXMB_MONI I try to click PE it showign the pop up PROCESS OVERVIEW ON INTEGRATION SERVER ONLY In receiver I did not get the desired data I need to ch
-
Web Services Server Connection Error
Although I was able to add my printer to hpeprintcenter successfully, after a few hours it was showing disconnected. When I pressed refresh I received a popup saying my printer had been removed. After clicking ok on the popup my printer was still l
-
How do I get an "installation alert" off my screen??
When I opened up my laptop today, there is a window box open that says "Installation Alert" and the message says that in order to continue installation, please close the following applications: IPhoto and ITunes. However - I don't have them open??
-
How to do sewing/stitching in Photoshop?
Hello, how do the sewing? thanks