VB.NET window service

Hi all,

I coded a simple window service that write to a file on a server every 3 sec. The problem is that the service works only on my development machine. I added all the necessery stuff (the installers...) and when i try to install the service on other computers, the install works great (with installutil MyService.exe) and I start the service with Net start MyService and the console tells my the service has started. but then nothing happened the the file i'm supposed to write to.

And the odd thing is that i took the same code and i put it within a windows application, double-clicked on it and it worked great !!! it's the same code the only diff. is the type of application. One window service, the other window app. So the problem is not related to user rights or some logon on the machine.

can anyone help me !?!?
thx,
LeibNiZ
LeibNiZAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

pratap_rCommented:
looks like a security problem to me.. did you check the eventlog? if you did please post the eventlog entries for your application.

and also check what id your service is running under and check if the user id has access to the file you are writing to.

and where is the file that you are writing to exist? local or remote?

Have fun
Pratap
0
LeibNiZAuthor Commented:
Hi pratap r,

The event log's only telling me: "failed to stop service"

The file i'm trying to write to is on a other server. It's remote and the address's like "\\server\folder\file.ext" but the computer where im must install the service is not on the domain. So if I try to access the server by typing \\server... in the address bar, a popup appears asking me login and password. I give a valid user and pass so normally im connected to the server cause i can see the folder and all... But even after that if I install the service it does nothing...

But don't forget that if i put the service code in a window app it works like heaven !! why won't it work under a service ??
0
stu_pbCommented:
Is the service running with a local system account? If so try changing the service account to your domain account and see if it works then.  If it works then you know that it is a security issue.  Still logging on to the remote server will be a problem if you are not logged into the server and you haven't ran to \\server\folder\file.ext.

Is the remote server a web server, is that why it is not on the domain?  If so you should either create and FTP site or a Web site that allows you to upload files.

Good luck,
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

pratap_rCommented:
when you say the app works when you run it as a windows application you are actually runing the application under your id which has access to the remote machine.. so it works fine... but a service by default runs under LOCAL SYSTEM account which does not have access to the network files.. change the user id under which the service is running

in the installer you should see an option called Login ID .. specify your credentials there.. or open up services.msc and change the login details there..  

that should solve the problem

Have fun,
Pratap
0
LeibNiZAuthor Commented:
Hi guys,

The computer where the service is running is not on the domain.

pratap r, there is no option called loginId but i changed the account to NetworkService and put a userName and a password. But should the user and the pass be the on of the computer itself or the user and pass of users on the server (where the files are) ?? Cause if i put a user and a pass from the server list, i get an error like:

"No mapping of the ID's was performed..." or something like this...

When i open the computer, i do not have the option of connecting myself on the network, only the "This computer" option is in the combobox. And the service do not see the server \\server... even if i enter the right user and pass...

I don't know what to do !!!!!
help me plz !!
thx, LeibNiX
0
stu_pbCommented:
Sorry I misunderstood the first time!

Try creating a local account on both machines with the same username and password.  Run the service with the new local account.  Also, on the server you may need to allow the new account to log on locally.  Make sure the account on the server can write to disk.

Good luck,
0
pratap_rCommented:
ya thats the place to change it

prefix the userid with the target domain .. something like DOMAIN\USERID

0
pratap_rCommented:
stu_pb, windows will not propogate the security token if the user ids are created locally on both the machines.. it has to be created on one machine and used on the client machine..
0
stu_pbCommented:
pratap_r - I have created a service on a domain machine that ships files to a web server in our DMZ (not on the domain).  This is done using a web site. The service runs with a local account.  The web server also has a local account (allowed to log on locally) with the same username and password.  This account is the only account with permissions on the web site (other than system, etc...) and the web site is able to write the files to disk.  If I change the service login account it no longer is able to upload files.

I thought that this might apply here as well.
0
pratap_rCommented:
did you use 2 seperate accounts created on two seperate machines (same user name text alone?)

anyways a webserver is a totally different scenario..
0
stu_pbCommented:
yes, I didn't think it would work at first either! (Same username and password).

0
LeibNiZAuthor Commented:
the main problem is that the computer running the service cannot see the server "\\server" because it's not on the domain... and even if i type \\server on the address bar, it pops a input for pass and user.

but pratap r, you didn't not answer my question about the pass and the user. must i type the user and the pass of the local machine of the user and pass of the server's users ???
0
pratap_rCommented:
it should be of the server's user.,. dont forget to include the domain name in the login id..

eg, if your server name is ... EETEST and user id is EUSER

then your login id will be EETEST\EUSER

and also make sure that this user has proper rights on your client machine
0
LeibNiZAuthor Commented:
Hi pratap_r,

I also tried that but when I install the service, it fails and the error message is:

"No mapping of the user's ID was done" or something like that... Even if the user is an admin on the machine...

i'll go check the error msg more closely when it comes up.
thx,
LeibNiZ
0
pratap_rCommented:
can you post the event log messages of all the three categories for this app as well as for service control manager?

Pratap
0
naiea1231Commented:
"the main problem is that the computer running the service cannot see the server "\\server" because it's not on the domain... and even if i type \\server on the address bar, it pops a input for pass and user.

but pratap r, you didn't not answer my question about the pass and the user. must i type the user and the pass of the local machine of the user and pass of the server's users ???"

If your saying it won't go into it straight away even when you type it from the address bar then this is going to be where the issue lies, i'll have a look around but surely there must be some method to provide credentials (user/pass) for a remote connection in the code for the service.
0
LeibNiZAuthor Commented:
Hi all,

To answer your question pratap_r, when the account is in NetworkService, the error message when i try to install the service is:

"No mapping between account names and secure IDs was done."

When in User account, the error messages is:

"No mapping bwtween account names and secure IDs was done."

When in LocalSystem it works, but the service does nothing cause it can't see the \\server this.

But I don't understand what the error message means ! What "No mapping between account names and secure IDs was done." is supposed to mean !?!
0
LeibNiZAuthor Commented:
Sorry I made a mistake,

the error message is "No mapping between account names and security IDs was done." not "secure IDs..."
0
pratap_rCommented:
it means its not able to authenticate using the id that you provided in the credentials. mm.. can you post the code where you are trying to open the file and write data into it... ill see if i can add code to impersonate the user id when running the service as LocalSystem itself

Pratap
0
LeibNiZAuthor Commented:
Sure, here it is:

If IO.File.Exists("\\spmoweb01\webprod\FTB-8100\test.txt") Then
            sw = New System.IO.StreamWriter("\\spmoweb01\webprod\FTB-8100\test.txt", True)
            sw.WriteLine("salut !")
            Beep()
            sw.Close()
        End If
0
pratap_rCommented:
I hope the file \\spmoweb01\webprod\FTB-8100\test.txt does exist when you run the code.. i am checking to see how to impersonate.. will post back in some time..
0
LeibNiZAuthor Commented:
LoL yes it does !!!
0
pratap_rCommented:
i am still trying.. meanwhile check this link

http://www.dotnet247.com/247reference/msgs/55/279224.aspx
0
pratap_rCommented:
check if this one works.....

-----------------------------
      Dim sw As StreamWriter
      Dim filename As String = "\\spmoweb01\webprod\FTB-8100\test.txt"
      Dim tok As New IntPtr(0)
      Dim dtok As New IntPtr(0)
      tok = IntPtr.Zero
      dtok = IntPtr.Zero
      Dim rt As Boolean
      rt = LogonUser("username", "domain", "password", 2, 0, tok)
      If rt = False Then
          EventLog.WriteEntry("Logon User Failed")
          Exit Sub
      End If
      EventLog.WriteEntry("Before Impersonation : " + WindowsIdentity.GetCurrent().Name)
      rt = DuplicateToken(tok, 2, dtok)
      If rt = False Then
          EventLog.WriteEntry("Duplicate Token Failed")
          Exit Sub
      End If
      Dim wi As New WindowsIdentity(dtok)
      Dim iuser As WindowsImpersonationContext = wi.Impersonate()

      EventLog.WriteEntry("After Impersonation : " + WindowsIdentity.GetCurrent().Name)
      EventLog.WriteEntry("Attempting open on remote server file : " + filename)

      sw = New System.IO.StreamWriter(filename, True)
      sw.WriteLine(WindowsIdentity.GetCurrent().Name)
      sw.Close()

      iuser.Undo()
      CloseHandle(tok)
      CloseHandle(dtok)
      EventLog.WriteEntry(WindowsIdentity.GetCurrent().Name)
      Beep()
-----------------------------

post me the eventlog messages if it fails.. the username,domain and password are the ones you type in when you access the server by typing it in the address bar

0
pratap_rCommented:
heres the API imports

    Private Declare Auto Function LogonUser Lib "advapi32.dll" (ByVal usr As String, ByVal domain As String, ByVal pwd As [String], ByVal logontype As Integer, ByVal provider As Integer, ByRef token As IntPtr) As Boolean
    Private Declare Auto Function CloseHandle Lib "kernel32.dll" (ByVal handle As IntPtr) As Boolean
    Private Declare Auto Function DuplicateToken Lib "advapi32.dll" (ByVal token As IntPtr, ByVal sil As Integer, ByRef recvtoken As IntPtr) As Boolean

put them inside your service class
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Programming

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.