locked
NmLoadNplParser() requires admin rights? RRS feed

  • Question

  • I am using NmLoadNplParser()  in my VC++ program to load and parse netmon trace file. This is working fine on Windows 7 64 bit machine (with Admin rights on machine) but on Windows XP 32 bit machine (WITHOUT Admin rights on machine) , it is failing and giving some invalid result. Is admin right rquired on machine for using NmLoadNplParser() API?
    Monday, June 11, 2012 11:00 AM

Answers

  • I can't explain why this is not working.  The only thing I can think of is that the late binding nature using GetProcAddress is introducing an issue.  Do you have to use late binding?  Could you instead link to NMAPI.lib (the 32bit version)?  Perhaps you could expereiment and verify this method does or does not have the same problem?

    Also, for your question, NMAPI.DLL cannot be redristirbuted.  Instead we ask that you have Netmon installed as part of your install or that you state it as a prerequisite.

    Paul

    • Marked as answer by Paul E Long Wednesday, October 3, 2012 6:50 PM
    Monday, July 2, 2012 2:42 PM

All replies

  • Hi ModeLearner,

    I split this off as a seperate question as it didn't really relate to the other thread specifically.

    Anyway, to answer your question, I think I need a bit more information.  Are you using Network Monitor 3.4?  If not, I suggest you upgrade as we changed how the parsers are compiled and loaded.  Also, are you trying to use one of the built-in parser profiles or are you using your own set of parsers?  Also, which return result is it giving you?  Could you share the lines of code you're using to initialize the parsers?  Also, does Network Monitor itself load ok on your XP 32-bit machine and is able to parse?

    Thanks,


    Michael Hawker | Program Manager | Network Monitor

    Monday, June 11, 2012 1:21 PM
  • Here are the reqyured details:

    1) Yes. I am using Network Monitor 3.4

    2) Even on Windows XP (32 bit) machine with Admin rights, it is not working and giving same error.

    3) I am using one of the built-in parser profiles.

    4) Network Monitor itself loads ok on my XP 32-bit machine and is able to parse.

    5) Here is the line of code (I am using Visual Studio 2008):

    void __stdcall ParserBuild(PVOID Context, ULONG StatusCode, LPCWSTR lpDescription, ULONG ErrorType)
    {
        wprintf(L"%s\n", lpDescription);
    }

    void __stdcall LoadAndParceTraceFile()

    {

       //Declaration of function pointers for calling NMAPI.dll method

       ULONG (*l_pfptr_OpenFile) (LPCWSTR filename, PHANDLE pfile);
       ULONG (*l_pfptr_LoadParser) (LPCWSTR pFileName, NmNplParserLoadingOption ulFlags, NM_NPL_PARSER_CALLBACK CallbackFunction, PVOID pCallerContext, PHANDLE phNplParser);

       Handle LoadME = LoadLibrary(L"C:\\Netmon\\NMAPI.dll");

       //Assignment of of function pointers

       l_pfptr_OpenFile = (ULONG (*) (LPCWSTR, PHANDLE))GetProcAddress(LoadME, "NmOpenCaptureFile");
       l_pfptr_LoadParser = (ULONG (*) (LPCWSTR, NmNplParserLoadingOption, NM_NPL_PARSER_CALLBACK, PVOID, PHANDLE))GetProcAddress(LoadME, "NmLoadNplParser");

       HANDLE l_hwnd_CaptureFile = INVALID_HANDLE_VALUE;

       ULONG l_RetValue = l_pfptr_OpenFile(L"C:\\Netmon\\trace.cap", &l_hwnd_CaptureFile);

        if(l_RetValue == ERROR_SUCCESS)
        {

               HANDLE l_hwnd_NplParser = INVALID_HANDLE_VALUE;

               l_RetValue = l_pfptr_LoadParser(NULL, NmAppendRegisteredNplSets, ParserBuild, 0, &l_hwnd_NplParser);

              //This method is failing and returning 4294967295 in l_RetValue. Even its callback function ParserBuild is not getting invoked. INVALID_HANDLE_VALUE is updated in l_hwnd_NplParser variable.

         }

    }

    6) This above same code is working fine on Windows 7 (64 bit machine).

    Tuesday, June 12, 2012 7:37 AM
  • Hi ModeLearner,

    I was just thinking.  Are you cross-compiling your code to target the 32-bit platform?  If so, you need to make sure to grab the .lib from your 32-bit machine and include the reference to it instead when you build the 32-bit binary.

    Network Monitor uses different binaries and libs for its 32-bit and 64-bit versions because of our driver.  So, that could be an issue at play here.

    The other option is to try compiling your code on your 32-bit machine against the 32-bit Network Monitor lib and see if it'll run properly.

    If you've tried these things, let us know.

    Thanks,


    Michael Hawker | Program Manager | Network Monitor

    Tuesday, June 12, 2012 5:40 PM
  • Thanks Michael for quick response.

    No, I am not cross compiling my code. I built 64 bit executable on Windows 7 (64 bit machine) which is working fine and 32 bit executable on Windows XP (32 bit machine).

    Result Summary:

    64 bit executable: Working fine in both cases i.e. if I use NMAPI.dll or NMAPI.lib

    32 bit executable: Working fine only if I use NMAPI.lib. But if I use NMAPI.dll, I am facing the above mentioned issue in NmLoadNplParser method.

    Also please let me know:

    Can use NMAPI.lib in my application which is going to be open source item?  I will keep Microsoft Network Monitor installation mandatory whoever is going to use my application.

    Wednesday, June 13, 2012 8:46 AM
  • I can't explain why this is not working.  The only thing I can think of is that the late binding nature using GetProcAddress is introducing an issue.  Do you have to use late binding?  Could you instead link to NMAPI.lib (the 32bit version)?  Perhaps you could expereiment and verify this method does or does not have the same problem?

    Also, for your question, NMAPI.DLL cannot be redristirbuted.  Instead we ask that you have Netmon installed as part of your install or that you state it as a prerequisite.

    Paul

    • Marked as answer by Paul E Long Wednesday, October 3, 2012 6:50 PM
    Monday, July 2, 2012 2:42 PM
  • Thanks Paul.

    ModeLearner

    Monday, September 3, 2012 2:58 PM