The code below works fine when running from a Console C# application:
System.Security.Principal.WindowsIdentity wi = new System.Security.Principal.WindowsIdentity("User001");
but when I try to add it into a class inside my web application I get:
{There are currently no logon servers available to service the logon request}
at System.Security.Principal.WindowsIdentity.KerbS4ULogon(String upn)
at System.Security.Principal.WindowsIdentity..ctor(String sUserPrincipalName, String type)
at System.Security.Principal.WindowsIdentity..ctor(String sUserPrincipalName)
...
I am assuming this is related to Kerberos and since Web Applications run under an Application Pool I wonder if I need to register a SPN or do something extra here to get this to work(for the local Account).
The console app runs under my DOMAIN\USER001 and
the Web app (App Pool) runs under MY_LOCAL_MACHINE\USER001
so I am trying to verify if I need to run SetSPN.exe or not and what is the command line.
Thank you
I had the same issue in my 2008R2 VM running SP2010 with a backend WCF service. In the service I was calling
WindowsIdentity id = new WindowsIdentity("MyApplicationUser");
You need to make sure your NetLogon service is running. If you are running a VM, you will need to configure the DNS role in order for this service to start. Once I did this, my code worked.
Related
I have a C# console app that I wrote that is trying to enable mail for an AD user.
using (Runspace EnableMailboxRunspace = RunspaceFactory.CreateRunspace(ConnectionInfo(ExchangeServerURI, ExchangeUser, ExchangePassword)))
{
EnableMailboxRunspace.Open();
// Create a pipeline to process the commands
using (Pipeline EnableMailboxPipeline = EnableMailboxRunspace.CreatePipeline())
This works just fine in the dev environment, but I cannot get it to run on any production server. When the CreatePipeline command is executed I get this error:
"Connecting to remote server pc799.csnt.princegeorge.ca failed with
the following error message : The WinRM client cannot process the
request. It cannot determine the content type of the HTTP response
from the destination computer. The content type is absent or invalid.
For more information, see the about_Remote_Troubleshooting Help
topic."
I have tried this running as multiple different users, including domain admins.
This app did work a few months ago, but now it doesn't work. We moved from a fully on prem system, to a hybrid M365/On prem system and something in that seems to have broke it.
When trying to expand the node view in Service Fabric Explorer, I get the Red box with Service Fabric call failed and the Fabric Exception is supplied address was invalid. I have tried refreshing but get the same error.
It sounds like your local cluster did not successfully install.
To check, try running the following from a new PowerShell Admin window:
Connect-ServiceFabricCluster localhost:19000
If everything's good, you should see an output like this pretty quickly:
Otherwise, it will try to connect for a while and eventually return an error like this:
Try running the cluster setup script again and wait for it to successfully complete before going over to Service Fabric Explorer.
I'm running an application that executes Windows Workflows as a service with some custom activities in them. When I run the activities as a logged on user in a shell that invokes the workflows with the activities, the activities have no problems performing as expected. When the activities get invoked while the user is running the service (e.g. not logged on, at least not graphically) the activities fail with "Access Denied" errors. What's the difference between running the code as a logged on user vs running it as a service user ? Is it that when it runs as a service, the user's profile doesn't get loaded ? If so, how can I force the user's profile to get loaded when running as a service ?
Specifically, the activities I'm working with perform remote management with classes in the System.Management.Automation namespace (i.e. powershell).
A bit late answer, but in case someone else is wondering.
I had a similar problem earlier and have done some research. The following is untested, but may be of help to others.
The difference between a process running as "Windows Service" and under a desktop environment is what Window Station it is assigned to. Normally a service runs under a different station than desktop users.
I say normally because a service can have the "SERVICE_INTERACTIVE_PROCESS" flag set. This will give it a desktop window station. See this article and this article for a more detailed explanation. Setting the "SERVICE_INTERACTIVE_PROCESS" can be done in the CreateService (C# use of that) call or manually by checking the "Allow service to interact with desktop" checbox under "LogOn" under properties of the specific service.
I have followed this guide to install a jenkins slave on windows 8 as a service:
https://wiki.jenkins-ci.org/display/JENKINS/Installing+Jenkins+as+a+Windows+service#InstallingJenkinsasaWindowsservice-InstallSlaveasaWindowsservice%28require.NET2.0framework%29
I need to run a job that interact with the desktop (run an application that opens a browser etc.). So after I have installed the slave as a service (running jnlp downloaded from the master) I have changed the service "Log on" to "Allow to interact with display".
For some reason its only possible to enable this for the "Local System account" even though its recommended to run the service as a specified user, eg. jenkins.
But nothing happens when I execute the job, the browser is not opened. If I instead stop the service and just launch the slave through the jnlp file the job runs fine - the browser is opened.
Anybody had any luck interacting with the desktop when running a jenkins windows slave as a service?
Services run since Vista in Session 0 and the first user is now in Session 1. So you can't interact any longer. This is called Session 0 Isolation.
Microsoft explains this here and here. You have to use 2nd Program which uses IPC to communicate to the Service.
I had lots of issues running Jenkins in Windows using the service.
Instead I now disable the service and run it from CMD.
So open CMD.
cd C:\Program Files (x86)\Jenkins
java -Xrs -Xmx256m -Dhudson.lifecycle=hudson.lifecycle.WindowsServiceLifecycle -jar
jenkins.war --httpPort=9091
To resolve it, first create Windows auto-logon as I explain here:
https://serverfault.com/questions/269832/windows-server-2008-automatic-user-logon-on-power-on/606130#606130
Then create a startup batch for Jenkins agent (place it in Jenkins directory). This will launch agent console on desktop, and should allow Jenkins to interact with Windows GUI:
java -jar slave.jar -jnlpUrl http://{Your Jenkins Server}:8080/computer/{Your Jenkins Node}/slave-agent.jnlp
(slave.jar can be download from http://{Your Jenkins Server}:8080/jnlpJars/slave.jar)
EDIT :
If you're getting black screenshots (when using Selenium or Sikuli, for example), create a batch file that disconnects Remote Desktop, instead of closing the RDP session with the regular X button:
%windir%\system32\tscon.exe %SESSIONNAME% /dest:console
Consider running the Java slave server directly at startup and then using something to monitor and restart should the server go down (e.g., Kiwi Restarter).
Please check the services (# TestNode) make sure the "Interactive Services Detection" service is STARTED, by default the startup type is set to Manual, you may like to set it to automatic as well.
After service started, when you run your test in the Test Node, you will see something like the below:
Click on it and choose view the message
You will see the activities happen there. Hope this helps :D
Note: If login with other account and cannot view the Interative Services Detection prompt, restart the service again.
My Jenkins Service runs as user "jenkins" and all I did was to create Desktop folders in: C:\Windows\system32\config\systemprofile\desktop and if 64 bit Windows also in C:\Windows\SysWOW64\config\systemprofile\desktop - then it runs perfectly.
Make sure that Desktop folders are created as such:
%WINDOWS%/System32/config/systemprofile/Desktop
%WINDOWS%/SystemWOW64/config/systemprofile/Desktop
Presence of those can sometimes be mandatory while running some Java software as a Service.
So we are trying to setup a Continuous Integration server at my company. What we need to do is svn update the working copy on the server, then build it, start the site using IIS express and then run Watin/Specflow tests on it. I'm using rake inside of CCNet to automate all of this. We are running CCNet as a service and logging in as a build agent because svn uses our domain login credentials in order to authenticate. I've been unable to call the command line "svn update --username user --password pass" because of this. Yet Watin needs to be run in an interactive mode, and the service won't let me . I'm able to get it to work if we manually log on to the server and run ccnet as command line. Unfortunately the Build Agent also logs out of that user account, closing any command lines with it (I don't know why they need it to do this but they do). So is it possible to run a service in interactive mode if its signed in as a user?
If you have access to two servers you can build (can also work from computer to server)
Automated remote desktop - in windows form
see this post http://www.codeproject.com/Articles/43705/Remote-Desktop-using-C-NET
from one server to log into the server you need to run the Watin tests on and in the scheduled task, have the tests to come on after the log in has happened. This then gives the impression that the service is interacting with the desktop.
If you need any more information let me know