Solved

.NET NamedPipe access using ip address

Posted on 2016-10-20
5
123 Views
Last Modified: 2016-10-21
I am using NamedPipes (Client) on the server to communicate with users.  All users have a local Pipe server installed.  Where I have the users machine name this works fine but if I only have the ip address I get 'Login Failure' errors.  For example :

using (NamedPipeClientStream pClient = new NamedPipeClientStream("UsersMachineName", "\\Pipe\\<UserID>.MonitorPipe", PipeDirection.InOut, PipeOptions.None)) {

  pClient.Connect();
  // Transaction code here

}

Works fine  
BUT

using (NamedPipeClientStream pClient = new NamedPipeClientStream("192.168.1.1", "\\Pipe\\<UserID.MonitorPipe",                           PipeDirection.InOut, PipeOptions.None)) {

  pClient.Connect();
  // Transaction code here

}

FAILS "Logon Failure  Unknown User Name or Password"

The Named pipe server on the Users PC is created as follows:

      var sid = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
      var rule = new PipeAccessRule(sid, PipeAccessRights.ReadWrite, System.Security.AccessControl.AccessControlType.Allow);
      var sec = new PipeSecurity();
      sec.AddAccessRule(rule);

      using (NamedPipeServerStream pServer=new NamedPipeServerStream("\\Pipe\\<UserID>.MonitorPipe",PipeDirection.InOut,100,
                                                                      PipeTransmissionMode.Byte,PipeOptions.None,0,0,sec)) {
 
        while (boolContinue==true) {
          pServer.WaitForConnection();

          // Transaction code here

         pServer.Disconnect();

        }

Is there a reason that this will work if I use the Users Machine Name but not if I use the IP Address??

Thanks - Peter
0
Comment
Question by:PeterC_UK
  • 3
5 Comments
 
LVL 22

Expert Comment

by:ambience
ID: 41853575
According to MSDN pipe names have to follow specific format. See:

https://msdn.microsoft.com/en-us/library/windows/desktop/aa365783(v=vs.85).aspx

The pipe server cannot create a pipe on another computer, so CreateNamedPipe must use a period for the server name, as shown in the following example.

\\.\pipe\PipeName

The short answer to your question therefore is that this is by design and IP wont work. See also:

https://msdn.microsoft.com/en-us/library/windows/desktop/aa365150(v=vs.85).aspx
1
 

Author Comment

by:PeterC_UK
ID: 41853689
This code is not trying to create the pipe on a remote machine but to send a message to a named pipe on the remote machine for which I may only have the ip address.  The code above shows the problem is 'Unknown username or password" and this happens when the client tries to connect to the named pipe on the remote machine.

The problem only exists when using Named Pipes with .NET  

I have code that I wrote some years ago in C.  This works with all OS's including Windows 10.  I remember having some issues creating a SECURITY_ATTRIBUTES structure to get this to work with ip addresses but eventually got there.

I guess I will have to convert this into a dll and and call it from managed code.
1
 

Author Comment

by:PeterC_UK
ID: 41853878
The answer appears to be very simple.

If the host address is an ipaddress I just use

System.Net.Dns.GetHostByAddress(IP) and extract the host name.

Appears to solve the problem but I will need to test on a large network.
0
 
LVL 62

Accepted Solution

by:
gheist earned 500 total points
ID: 41854566
It is fairly simple - domain kerberos authentication aka SPNEGO aka LM is not sent to hosts designated by IP address.
0
 

Author Closing Comment

by:PeterC_UK
ID: 41854866
Thank you - It's great to understand why the problem existed
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
802.1X auth setup and configuration 3 40
Upgrade code from VS 2010 to VS 2015 7 34
C# Service FileSystemwatcher isse 9 47
Import CSV with All modify groups 17 45
Most MSPs worth their salt are already offering cybersecurity to their customers. But cybersecurity as a service is wide encompassing and can mean many things.  So where are MSPs falling in this spectrum?
Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question