I try to get the name of the current user logged like that
here my code
local $IniRead = IniRead(#AppDataDir & "\Mozilla\Firefox\profiles.ini", "Profile0", "Path", "default")
MsgBox(0, "", "valeur : " & #AppDataDir & "\Mozilla\Firefox\" & $IniRead)
But i use a #requireadmin so i got the name of the runas and not the name of the logged session in windows...
i can't leave the #requireadmin cause i use it for make a Filecopy...
if someone got a way.
You can use #UserName to get the running user. Milos is right, the #RequireAdmin directive directs AutoIt to request the admin token from the Operating System. If the logged on user is an administrator, it will either prompt them to continue, or continue silently depending on UAC. If the logged on user is not an administrator, they will be prompted for an account with administrative credentials.
If you're looking to copy a file into #AppDataDir, you will not need administrator rights since the logged on user will have full access (by default) to #AppDataDir.
Related
I am using gAdmin on mac. So far I have not been able to figure out how to run the desktop version, so I am running the web application. I want to change the password for the user postres. The reason being, I am trying to connect R to postres using:
db <- 'dvdrental' #provide the name of your db
host_db <- "localhost"
db_port <- '5432'
db_user <- "postgres"
db_password <- " " # I typed the master password in, as I do not remember setting up this user/password
con<-dbConnect(RPostgres::Postgres(), dbname = db, host=host_db, port=db_port, user=db_user, password=db_password)
but I keep getting below error:
Error: FATAL: password authentication failed for user "postgres".
This is thee reason for the change of password for the user postgres
How can I change a user password in PgAmin4 using webapp on mac?
In PgAdmin4, if you are changing the password for the same user you are logged in as, then you need to select a connected database from the browser tree. Once you do that, the "Object" menu "Change Password..." option.
If you are logged into the server as a super user and want to change the password of a different user/role, then right click (or whatever mac uses for that function) on that user/role from the tree and choose "Properties...". Then under the "definition" tab there is a place to enter the new password. Note that this method is inferior, as the password is received by the server as plain text (once any ssl decryption is done) and so can end up in the log file in the clear.
Why constrain yourself to PgAdmin4? psql has \password, which does this better.
I am trying to find the home directory of users on a UNIX (Solaris/AIX) box using
echo ~username
This does return the home directory for all valid users. For some reason this command also outputs home directory which are non-existent for few users who seem not to have logon access to that server.
For eg. the above command would return below for a non-existent user -
/home/username
What I expected was
~username
as output for a user with no access and that does happen with certain usernames.
This makes me think what could be causing a difference between different users who do not have access to this server. Has this something to do with LDAP?
Nothing I can find in /etc/passwd too.
getent and finger commands were outputting a default home directory for a non-existent user (not retrieved using ldaplist) because the requests were handled through an intermediate access control mechanism such as Cisco SA Control for role based access control.
I have only recently been looking into ACS, AAL, WAAD and I would like to avoid redirecting users to the login page of their IDP. I want to keep my users within my site and present them with a dropdown to choose who they wish to authenticate with and an area to request a username and password, then acquire token via code. Is this possible?
I have been reviewing some sample applications and produce a quick mock-up, but cant seem to get things working e.g.
_authContext = new AuthenticationContext("https://littledeadbunny.accesscontrol.windows.net");
string enteredEmailDomain = UserNameTextbox.Text.Substring(UserNameTextbox.Text.IndexOf('#') + 1);
IList<IdentityProviderDescriptor> idpdList = _authContext.GetProviders("http://littledeadbunny.com/NonInteractive");
foreach (IdentityProviderDescriptor idpd in idpdList)
{
if (String.Compare(ServiceRealmDropDownList.SelectedValue, idpd.Name, StringComparison.OrdinalIgnoreCase) == 0)
{
Credential credential;
credential = new UsernamePasswordCredential(enteredEmailDomain, UserNameTextbox.Text, PasswordTextbox.Text);
_assertionCredential = _authContext.AcquireToken("http://littledeadbunny.com/NonInteractive", idpd, credential);
return;
}
}
Using the code above, when I try to use the Windows Azure Active Directory User (admin), i get the error "Data at the root level is invalid. Line 1, position 1." where I attempt to acquiretoken.
When I use Google, I get an error "0x8010000C: No identity provider matches the requested protocol".
If there is a working sample? if I am doing something obviously wrong, I would appreciate the correction.
This is not supported for passive identity providers. IdPs like Google, Facebook, etc. don't want other people collecting credentials for them, as this leads to security issues and possible phishing attacks. They also don't support it because they need to be able to show a permission dialog (that screen that asks the user if they want to release data to you) which they can't do without the browser redirecting to them. Furthermore, Google in particular supports two-factor auth, which you couldn't replicate, and generally collecting credentials opens up whole cans of worms around other UI problems such as incorrect or forgotten passwords.
This is also generally a bad user experience, because your users are fairly likely to already be logged in to Google and have cookies there. If so, and if they've already consented to your app, they would just be silently redirected back to you. In your scenario, even if the user is already logged in they'd still have to provide a username/password.
The correct way to do these sorts of logins is to render a browser control in your app that allows the user to log in at their IdP, which is what AAL helps with.
I had the same error, executing a powerscript solved that error
PS C:\windows\system32> $replyUrl = New-MsolServicePrincipalAddresses
-Address https://mydomain.accesscontrol.windows.net/
PS C:\windows\system32> New-MsolServicePrincipal -ServicePrincipalNames
#("https://mydomain.accesscontrol.windows.net/") -DisplayName
"MyDomain Namespace" -Addresses $replyUrl
But i'm stuck anyway with a 403 permission error
If you get any further i would like to know how :)
Dim filePath As String = "~/Images/FleaMarket/uploadedImages/" & User.Identity.Name.ToString & "/" & itemID & Path.GetExtension(fuImage.FileName)
MsgBox(filePath)
If fuImage.HasFile Then
If Directory.Exists(Server.MapPath("~/Images/FleaMarket/uploadedImages/" & User.Identity.Name.ToString & "/")) = False Then
Directory.CreateDirectory(Server.MapPath("~/Images/FleaMarket/uploadedImages/" & User.Identity.Name.ToString & "/"))
End If
'lblMessage.Text = ""
If checkFileType(fuImage.FileName) Then
fuImage.SaveAs(Server.MapPath("../Images/FleaMarket/uploadedImages/" & User.Identity.Name.ToString))
i get an error "System.UnauthorizedAccessException: Access to the path 'D:\TriceDealsII Updated\13-10-11\Tricedeals II(4)\Images\FleaMarket\uploadedImages\mitali2054' is denied"
why??
ASP.NET Applications, which run in IIS use the User assigned to the specified Application Pool. For each Application Pool there will be a Windows User which is part of the Windows Group "IIS_IUSRS". As this User / Group do not have Write/Change Access to the directory of your Webapplication (or any other directory) you must manually grant these permissions.
To achive this: Navigate in the explorer to the specified path, where you wish to write your files / data open the Security Page of the directory to add the User of your AppPool or the Group "IIS_IUSRS" to the List and select the write (or change) permission.
Note: Write permission is always a security risk. Therefore you should restrict it as much as possible.
This is probably caused by a permissions issue on the file you're trying to access. You could try Procmon to see if it will tell you what account is trying to access the file then grant the necessary permissions to that account.
I have a Windows 2003 server running IIS 6 and have some scripts that do automated setup and creation of websites. They are not working on a new server I cam commissioning (they already work happily on 3 other W2K3 servers). The problem appear to boil down to WMI security on the IIS provider. The ASP code below represents the problem (although it is not the original code that causes the problem - this is a simplified demonstration of the problem).
Set wmiProvider = GetObject("winmgmts:\\.\root\MicrosoftIISv2")
If wmiProvider is Nothing Then
Response.Write "Failed to get WMI provider MicrosoftIISv2<br>"
End If
Response.Write "Querying for IISWebService...<br>"
Set colItems = wmiProvider.ExecQuery("Select * From IISWebServer",,0)
Response.Write "Error: " & Hex(Err.Number) & " (" & Err.Description & ")<br>"
If I run this in my browser, I get an access denied error reported after the ExecQuery call. I have set WMI access for the IUSR_ user from the Root branch all the way down. In fact, I can query for IP address information using the CIMV2 provider quite happily. If I put the IUSR user in the machine admins group it all works, but I don't really want to do that.
This must be a DCOM/WMI security problem, but I can't work out what else there is. Can anyone shed any light?
After reading G. Stoynev's comment asking if any events were logged in the Windows Logs, I checked the event logs on the server to which I'm attempting to access IIS remotely via WMI, and lo and behold I found an event with the following text:
Access to the root\WebAdministration namespace was denied because the namespace is marked with RequiresEncryption but the script or application attempted to connect to this namespace with an authentication level below Pkt_Privacy. Change the authentication level to Pkt_Privacy and run the script or application again.
See the code in this answer to the related SO question c# - "Access is denied" Exception with WMI.
Here's some example C# code that I added that seemed to resolve this issue for me:
ConnectionOptions options = new ConnectionOptions();
options.Authentication = AuthenticationLevel.PacketPrivacy;
ManagementScope managementScope = new ManagementScope(#"\\remote-server\root\WebAdministration", options);
// ...
If this is something that you intend to run as a tool for yourself or your admin (as opposed to the unwashed anonymous masses), here is a way I have used in the past (YMMV):
Set up a new directory in your website (e.g. /SiteCreate) and place your WMI scripts there
Configure a Windows user that has appropriate rights (probably admin in this case but you should use whatever is pertinent to your app)
Turn off the anonymous access to the directory you created in step 1 and then set the security to allow access only to the user you created in step 2 (turn on the authentication for that directory)
Now, when you navigate to that directory in your browser, you should get a login prompt. When you enter the username/password you created in step 2 your script will have the appropriate rights to perform your WMI requests.
Not a DCOM issue, more so a WMI security and encryption issue. Try changing the GetObject moniker to include impersonation and pktPrivacy, eg:
Set wmiProvider = GetObject("winmgmts:{impersonationLevel=impersonate;authenticationLevel=pktPrivacy}!\root\MicrosoftIISv2")
Refer to the follow MS article for more info:
http://msdn.microsoft.com/en-us/library/aa393618(v=vs.85).aspx