locked
Vista Network Sercurity cause me problems RRS feed

  • Question

  • We develop a Server-Client project containing two applications. The communication is developed using Named Pipes, the language is C sharp and we are using .NET Framework 3.0.

    Brief system description:

    In a simplified version of our system there are two applications: myServer and myClient, each is running on a different computer. myServer ignites a Named Pipe Server and is waiting for an incoming connection, myClient begins execution and tries to connect at myServer. When the connection is established myClient sends an ignition command through the active Named pipe and myServer must follow these steps:

    1. Store ignition command
    2. Disable network adaptor (for security reasons myServer must not visible from the rest network)
    3.  Process ignition command ( this will take many minutes to be accomplished)
    4.  Enable network adaptor
    5.  Wait for an incoming connection (for a Named Pipes Client to be connected)
    6.  Send to myClient the processed data and wait for a receipt
    7.  Terminate myServer application

     This scenario works fine when the operating system is Windows XP but there is a small problem when the operating system is Windows Vista; remote named pipe connection cannot be established without a previous user authentication from myClient to myServer. This authentication can be done while myClient’s pc tries to open a myServer’s shared folder. After this user authentication myClient connects to myServer and sends the ignition command successfully but when the myServer’s network reactivates (steps 2 and 4) user must authenticate again so the processed data can be transmitted to myClient.

     

    The question is how I can programmable establish an authenticated connection from myClient to myServer without user has to open a shared folder?

     

    Thank you for your time and please note I am available to respond to any queries you may have for clarification

    • Moved by nobugz Wednesday, October 21, 2009 3:44 PM (From:Common Language Runtime)
    Wednesday, October 21, 2009 7:21 AM

Answers

  • Hello dear Coder,
    We bypass the problem by using Kernel32.dll NamedPipesClient, no 'The specific network name is no longer available' exception is thrown when OS is Vista against Vista.

    As i have notice this problem exist only in .NET libraries of Windows Vista but there is no problem in .NET libraries of Windows 7 (can't be sure since i have tested it only once in Windows 7).

    Since the problem is solved using native methods of Kernel32.dll the thread can be closed and this post Marked as the Answer.
    Tuesday, December 29, 2009 7:36 AM

All replies

  • Hi,

    Is UAC active on the clients machine?
    You can bypass a UAC elevation, and then the
    clientapp will have full permission and authorication,
    to perform the required actions.

    Also: Any firewall popups and any block incoming-and-out going connections etc?

    Have a nice day...

    Best regards,
    Fisnik
    Coder24.com
    Saturday, October 24, 2009 12:20 PM
  • UAC does not affect the execution and firewall is disabled.

    The problem does not exist when i am using kernel32.ddl pipes.

    I am using .NET 3.5 NamedPipes and the problem seems to be security issue.

    this is how i create the Named Pipes Server and how i add pipeAccess:

    PipeSecurity

    ps = new PipeSecurity();

    System.Security.Principal.

    SecurityIdentifier sid = new System.Security.Principal.SecurityIdentifier(System.Security.Principal.WellKnownSidType.WorldSid, null); //I also tried NetworkSid

     

    PipeAccessRule psRule = new PipeAccessRule(sid, PipeAccessRights.ReadWrite, System.Security.AccessControl.AccessControlType.Allow);

    ps.AddAccessRule(psRule); 

    pipeStream =

    new NamedPipeServerStream(PipeName, PipeDirection.InOut, 1, PipeTransmissionMode.Message, PipeOptions.Asynchronous, 4 * 4096, 4 * 4096, ps);

    any suggestions?

    Tuesday, October 27, 2009 2:48 PM
  • Hi,

    Can you provide some details like What exception is thrown, and what message does it tell you?
    The code-snippet above seems correct, but I cannot find the use of PipeSecurity ps = new PipeSecurity();

    Maybe you shall share the entire code!

    Have a nice day...

    Best regards,
    Fisnik


    Coder24.com
    Tuesday, October 27, 2009 6:51 PM
  • Hello,
    When myServer(pipeServer) disconnects from the network, myClient thread hangs on NamedPipesClientStream.Read(..) and when Operating System is Windows Vista it nevers continues execution until a shared folder is tried to be opened. When myClient's or myServer's OS is Windows XP an Exception is thrown and the thread tries to reconnect.

    To sovle this problem I am pinging the server every 2 seconds, when myClient tries to write on myServer's Pipe the same exception in thrown( I think the exception is 'The pipe is broken') and the thread as above tries to reconnect.

    While myServer is disconnected from the network, myClient's thread calls NamedPipesClientStream.Connect(200) in a while loop and an exception is thrown; 'Network Path was not found' when one of the OS is XP and 'The specific network name is no longer available' when both OS are Vista. These exceptions are been thrown all the time myServer network is down.

    When myServer reconnects to the network myClient connects to the named pipe and the execution continues but if both OS are Vista the same exeption is thrown and myClient never connects to myServer (maybe not never but it may take 30 minutes) except if I open a shared folder from myClient at myServer's PC.

    Is there any way that i can programmable tell OS to check if the network name is now available?

    thank you for your help,
    Menelaos
    Thursday, November 5, 2009 10:42 AM
  • Hi again:

    How is the situation on your side?
    Is this thread solved?

    Please tell me!

    Have a nice day...

    Best regards,
    Fisnik
    Coder24.com
    Sunday, December 27, 2009 10:34 AM
  • Hello dear Coder,
    We bypass the problem by using Kernel32.dll NamedPipesClient, no 'The specific network name is no longer available' exception is thrown when OS is Vista against Vista.

    As i have notice this problem exist only in .NET libraries of Windows Vista but there is no problem in .NET libraries of Windows 7 (can't be sure since i have tested it only once in Windows 7).

    Since the problem is solved using native methods of Kernel32.dll the thread can be closed and this post Marked as the Answer.
    Tuesday, December 29, 2009 7:36 AM