Solved

VB.NET window service

Posted on 2004-10-29
2,906 Views
Last Modified: 2012-08-13
Hi all,

I coded a simple window service that write to a file on a server every 3 sec. The problem is that the service works only on my development machine. I added all the necessery stuff (the installers...) and when i try to install the service on other computers, the install works great (with installutil MyService.exe) and I start the service with Net start MyService and the console tells my the service has started. but then nothing happened the the file i'm supposed to write to.

And the odd thing is that i took the same code and i put it within a windows application, double-clicked on it and it worked great !!! it's the same code the only diff. is the type of application. One window service, the other window app. So the problem is not related to user rights or some logon on the machine.

can anyone help me !?!?
thx,
LeibNiZ
0
Question by:LeibNiZ
    25 Comments
     
    LVL 11

    Expert Comment

    by:pratap_r
    looks like a security problem to me.. did you check the eventlog? if you did please post the eventlog entries for your application.

    and also check what id your service is running under and check if the user id has access to the file you are writing to.

    and where is the file that you are writing to exist? local or remote?

    Have fun
    Pratap
    0
     

    Author Comment

    by:LeibNiZ
    Hi pratap r,

    The event log's only telling me: "failed to stop service"

    The file i'm trying to write to is on a other server. It's remote and the address's like "\\server\folder\file.ext" but the computer where im must install the service is not on the domain. So if I try to access the server by typing \\server... in the address bar, a popup appears asking me login and password. I give a valid user and pass so normally im connected to the server cause i can see the folder and all... But even after that if I install the service it does nothing...

    But don't forget that if i put the service code in a window app it works like heaven !! why won't it work under a service ??
    0
     
    LVL 3

    Expert Comment

    by:stu_pb
    Is the service running with a local system account? If so try changing the service account to your domain account and see if it works then.  If it works then you know that it is a security issue.  Still logging on to the remote server will be a problem if you are not logged into the server and you haven't ran to \\server\folder\file.ext.

    Is the remote server a web server, is that why it is not on the domain?  If so you should either create and FTP site or a Web site that allows you to upload files.

    Good luck,
    0
     
    LVL 11

    Expert Comment

    by:pratap_r
    when you say the app works when you run it as a windows application you are actually runing the application under your id which has access to the remote machine.. so it works fine... but a service by default runs under LOCAL SYSTEM account which does not have access to the network files.. change the user id under which the service is running

    in the installer you should see an option called Login ID .. specify your credentials there.. or open up services.msc and change the login details there..  

    that should solve the problem

    Have fun,
    Pratap
    0
     

    Author Comment

    by:LeibNiZ
    Hi guys,

    The computer where the service is running is not on the domain.

    pratap r, there is no option called loginId but i changed the account to NetworkService and put a userName and a password. But should the user and the pass be the on of the computer itself or the user and pass of users on the server (where the files are) ?? Cause if i put a user and a pass from the server list, i get an error like:

    "No mapping of the ID's was performed..." or something like this...

    When i open the computer, i do not have the option of connecting myself on the network, only the "This computer" option is in the combobox. And the service do not see the server \\server... even if i enter the right user and pass...

    I don't know what to do !!!!!
    help me plz !!
    thx, LeibNiX
    0
     
    LVL 3

    Expert Comment

    by:stu_pb
    Sorry I misunderstood the first time!

    Try creating a local account on both machines with the same username and password.  Run the service with the new local account.  Also, on the server you may need to allow the new account to log on locally.  Make sure the account on the server can write to disk.

    Good luck,
    0
     
    LVL 11

    Expert Comment

    by:pratap_r
    ya thats the place to change it

    prefix the userid with the target domain .. something like DOMAIN\USERID

    0
     
    LVL 11

    Expert Comment

    by:pratap_r
    stu_pb, windows will not propogate the security token if the user ids are created locally on both the machines.. it has to be created on one machine and used on the client machine..
    0
     
    LVL 3

    Expert Comment

    by:stu_pb
    pratap_r - I have created a service on a domain machine that ships files to a web server in our DMZ (not on the domain).  This is done using a web site. The service runs with a local account.  The web server also has a local account (allowed to log on locally) with the same username and password.  This account is the only account with permissions on the web site (other than system, etc...) and the web site is able to write the files to disk.  If I change the service login account it no longer is able to upload files.

    I thought that this might apply here as well.
    0
     
    LVL 11

    Expert Comment

    by:pratap_r
    did you use 2 seperate accounts created on two seperate machines (same user name text alone?)

    anyways a webserver is a totally different scenario..
    0
     
    LVL 3

    Expert Comment

    by:stu_pb
    yes, I didn't think it would work at first either! (Same username and password).

    0
     

    Author Comment

    by:LeibNiZ
    the main problem is that the computer running the service cannot see the server "\\server" because it's not on the domain... and even if i type \\server on the address bar, it pops a input for pass and user.

    but pratap r, you didn't not answer my question about the pass and the user. must i type the user and the pass of the local machine of the user and pass of the server's users ???
    0
     
    LVL 11

    Expert Comment

    by:pratap_r
    it should be of the server's user.,. dont forget to include the domain name in the login id..

    eg, if your server name is ... EETEST and user id is EUSER

    then your login id will be EETEST\EUSER

    and also make sure that this user has proper rights on your client machine
    0
     

    Author Comment

    by:LeibNiZ
    Hi pratap_r,

    I also tried that but when I install the service, it fails and the error message is:

    "No mapping of the user's ID was done" or something like that... Even if the user is an admin on the machine...

    i'll go check the error msg more closely when it comes up.
    thx,
    LeibNiZ
    0
     
    LVL 11

    Expert Comment

    by:pratap_r
    can you post the event log messages of all the three categories for this app as well as for service control manager?

    Pratap
    0
     
    LVL 5

    Expert Comment

    by:naiea1231
    "the main problem is that the computer running the service cannot see the server "\\server" because it's not on the domain... and even if i type \\server on the address bar, it pops a input for pass and user.

    but pratap r, you didn't not answer my question about the pass and the user. must i type the user and the pass of the local machine of the user and pass of the server's users ???"

    If your saying it won't go into it straight away even when you type it from the address bar then this is going to be where the issue lies, i'll have a look around but surely there must be some method to provide credentials (user/pass) for a remote connection in the code for the service.
    0
     

    Author Comment

    by:LeibNiZ
    Hi all,

    To answer your question pratap_r, when the account is in NetworkService, the error message when i try to install the service is:

    "No mapping between account names and secure IDs was done."

    When in User account, the error messages is:

    "No mapping bwtween account names and secure IDs was done."

    When in LocalSystem it works, but the service does nothing cause it can't see the \\server this.

    But I don't understand what the error message means ! What "No mapping between account names and secure IDs was done." is supposed to mean !?!
    0
     

    Author Comment

    by:LeibNiZ
    Sorry I made a mistake,

    the error message is "No mapping between account names and security IDs was done." not "secure IDs..."
    0
     
    LVL 11

    Expert Comment

    by:pratap_r
    it means its not able to authenticate using the id that you provided in the credentials. mm.. can you post the code where you are trying to open the file and write data into it... ill see if i can add code to impersonate the user id when running the service as LocalSystem itself

    Pratap
    0
     

    Author Comment

    by:LeibNiZ
    Sure, here it is:

    If IO.File.Exists("\\spmoweb01\webprod\FTB-8100\test.txt") Then
                sw = New System.IO.StreamWriter("\\spmoweb01\webprod\FTB-8100\test.txt", True)
                sw.WriteLine("salut !")
                Beep()
                sw.Close()
            End If
    0
     
    LVL 11

    Expert Comment

    by:pratap_r
    I hope the file \\spmoweb01\webprod\FTB-8100\test.txt does exist when you run the code.. i am checking to see how to impersonate.. will post back in some time..
    0
     

    Author Comment

    by:LeibNiZ
    LoL yes it does !!!
    0
     
    LVL 11

    Expert Comment

    by:pratap_r
    i am still trying.. meanwhile check this link

    http://www.dotnet247.com/247reference/msgs/55/279224.aspx
    0
     
    LVL 11

    Expert Comment

    by:pratap_r
    check if this one works.....

    -----------------------------
          Dim sw As StreamWriter
          Dim filename As String = "\\spmoweb01\webprod\FTB-8100\test.txt"
          Dim tok As New IntPtr(0)
          Dim dtok As New IntPtr(0)
          tok = IntPtr.Zero
          dtok = IntPtr.Zero
          Dim rt As Boolean
          rt = LogonUser("username", "domain", "password", 2, 0, tok)
          If rt = False Then
              EventLog.WriteEntry("Logon User Failed")
              Exit Sub
          End If
          EventLog.WriteEntry("Before Impersonation : " + WindowsIdentity.GetCurrent().Name)
          rt = DuplicateToken(tok, 2, dtok)
          If rt = False Then
              EventLog.WriteEntry("Duplicate Token Failed")
              Exit Sub
          End If
          Dim wi As New WindowsIdentity(dtok)
          Dim iuser As WindowsImpersonationContext = wi.Impersonate()

          EventLog.WriteEntry("After Impersonation : " + WindowsIdentity.GetCurrent().Name)
          EventLog.WriteEntry("Attempting open on remote server file : " + filename)

          sw = New System.IO.StreamWriter(filename, True)
          sw.WriteLine(WindowsIdentity.GetCurrent().Name)
          sw.Close()

          iuser.Undo()
          CloseHandle(tok)
          CloseHandle(dtok)
          EventLog.WriteEntry(WindowsIdentity.GetCurrent().Name)
          Beep()
    -----------------------------

    post me the eventlog messages if it fails.. the username,domain and password are the ones you type in when you access the server by typing it in the address bar

    0
     
    LVL 11

    Accepted Solution

    by:
    heres the API imports

        Private Declare Auto Function LogonUser Lib "advapi32.dll" (ByVal usr As String, ByVal domain As String, ByVal pwd As [String], ByVal logontype As Integer, ByVal provider As Integer, ByRef token As IntPtr) As Boolean
        Private Declare Auto Function CloseHandle Lib "kernel32.dll" (ByVal handle As IntPtr) As Boolean
        Private Declare Auto Function DuplicateToken Lib "advapi32.dll" (ByVal token As IntPtr, ByVal sil As Integer, ByRef recvtoken As IntPtr) As Boolean

    put them inside your service class
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Does the idea of dealing with bits scare or confuse you? Does it seem like a waste of time in an age where we all have terabytes of storage? If so, you're missing out on one of the core tools in every professional programmer's toolbox. Learn how to …
    This is about my first experience with programming Arduino.
    An introduction to basic programming syntax in Java by creating a simple program. Viewers can follow the tutorial as they create their first class in Java. Definitions and explanations about each element are given to help prepare viewers for future …
    In this fourth video of the Xpdf series, we discuss and demonstrate the PDFinfo utility, which retrieves the contents of a PDF's Info Dictionary, as well as some other information, including the page count. We show how to isolate the page count in a…

    884 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now