Solved

.NET NamedPipe access using ip address

Posted on 2016-10-20
5
50 Views
Last Modified: 2016-10-21
I am using NamedPipes (Client) on the server to communicate with users.  All users have a local Pipe server installed.  Where I have the users machine name this works fine but if I only have the ip address I get 'Login Failure' errors.  For example :

using (NamedPipeClientStream pClient = new NamedPipeClientStream("UsersMachineName", "\\Pipe\\<UserID>.MonitorPipe", PipeDirection.InOut, PipeOptions.None)) {

  pClient.Connect();
  // Transaction code here

}

Works fine  
BUT

using (NamedPipeClientStream pClient = new NamedPipeClientStream("192.168.1.1", "\\Pipe\\<UserID.MonitorPipe",                           PipeDirection.InOut, PipeOptions.None)) {

  pClient.Connect();
  // Transaction code here

}

FAILS "Logon Failure  Unknown User Name or Password"

The Named pipe server on the Users PC is created as follows:

      var sid = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
      var rule = new PipeAccessRule(sid, PipeAccessRights.ReadWrite, System.Security.AccessControl.AccessControlType.Allow);
      var sec = new PipeSecurity();
      sec.AddAccessRule(rule);

      using (NamedPipeServerStream pServer=new NamedPipeServerStream("\\Pipe\\<UserID>.MonitorPipe",PipeDirection.InOut,100,
                                                                      PipeTransmissionMode.Byte,PipeOptions.None,0,0,sec)) {
 
        while (boolContinue==true) {
          pServer.WaitForConnection();

          // Transaction code here

         pServer.Disconnect();

        }

Is there a reason that this will work if I use the Users Machine Name but not if I use the IP Address??

Thanks - Peter
0
Comment
Question by:PeterC_UK
  • 3
5 Comments
 
LVL 22

Expert Comment

by:ambience
Comment Utility
According to MSDN pipe names have to follow specific format. See:

https://msdn.microsoft.com/en-us/library/windows/desktop/aa365783(v=vs.85).aspx

The pipe server cannot create a pipe on another computer, so CreateNamedPipe must use a period for the server name, as shown in the following example.

\\.\pipe\PipeName

The short answer to your question therefore is that this is by design and IP wont work. See also:

https://msdn.microsoft.com/en-us/library/windows/desktop/aa365150(v=vs.85).aspx
1
 

Author Comment

by:PeterC_UK
Comment Utility
This code is not trying to create the pipe on a remote machine but to send a message to a named pipe on the remote machine for which I may only have the ip address.  The code above shows the problem is 'Unknown username or password" and this happens when the client tries to connect to the named pipe on the remote machine.

The problem only exists when using Named Pipes with .NET  

I have code that I wrote some years ago in C.  This works with all OS's including Windows 10.  I remember having some issues creating a SECURITY_ATTRIBUTES structure to get this to work with ip addresses but eventually got there.

I guess I will have to convert this into a dll and and call it from managed code.
1
 

Author Comment

by:PeterC_UK
Comment Utility
The answer appears to be very simple.

If the host address is an ipaddress I just use

System.Net.Dns.GetHostByAddress(IP) and extract the host name.

Appears to solve the problem but I will need to test on a large network.
0
 
LVL 61

Accepted Solution

by:
gheist earned 500 total points
Comment Utility
It is fairly simple - domain kerberos authentication aka SPNEGO aka LM is not sent to hosts designated by IP address.
0
 

Author Closing Comment

by:PeterC_UK
Comment Utility
Thank you - It's great to understand why the problem existed
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now