Solved

.NET NamedPipe access using ip address

Posted on 2016-10-20
5
158 Views
Last Modified: 2016-10-21
I am using NamedPipes (Client) on the server to communicate with users.  All users have a local Pipe server installed.  Where I have the users machine name this works fine but if I only have the ip address I get 'Login Failure' errors.  For example :

using (NamedPipeClientStream pClient = new NamedPipeClientStream("UsersMachineName", "\\Pipe\\<UserID>.MonitorPipe", PipeDirection.InOut, PipeOptions.None)) {

  pClient.Connect();
  // Transaction code here

}

Works fine  
BUT

using (NamedPipeClientStream pClient = new NamedPipeClientStream("192.168.1.1", "\\Pipe\\<UserID.MonitorPipe",                           PipeDirection.InOut, PipeOptions.None)) {

  pClient.Connect();
  // Transaction code here

}

FAILS "Logon Failure  Unknown User Name or Password"

The Named pipe server on the Users PC is created as follows:

      var sid = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
      var rule = new PipeAccessRule(sid, PipeAccessRights.ReadWrite, System.Security.AccessControl.AccessControlType.Allow);
      var sec = new PipeSecurity();
      sec.AddAccessRule(rule);

      using (NamedPipeServerStream pServer=new NamedPipeServerStream("\\Pipe\\<UserID>.MonitorPipe",PipeDirection.InOut,100,
                                                                      PipeTransmissionMode.Byte,PipeOptions.None,0,0,sec)) {
 
        while (boolContinue==true) {
          pServer.WaitForConnection();

          // Transaction code here

         pServer.Disconnect();

        }

Is there a reason that this will work if I use the Users Machine Name but not if I use the IP Address??

Thanks - Peter
0
Comment
Question by:PeterC_UK
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 22

Expert Comment

by:ambience
ID: 41853575
According to MSDN pipe names have to follow specific format. See:

https://msdn.microsoft.com/en-us/library/windows/desktop/aa365783(v=vs.85).aspx

The pipe server cannot create a pipe on another computer, so CreateNamedPipe must use a period for the server name, as shown in the following example.

\\.\pipe\PipeName

The short answer to your question therefore is that this is by design and IP wont work. See also:

https://msdn.microsoft.com/en-us/library/windows/desktop/aa365150(v=vs.85).aspx
1
 

Author Comment

by:PeterC_UK
ID: 41853689
This code is not trying to create the pipe on a remote machine but to send a message to a named pipe on the remote machine for which I may only have the ip address.  The code above shows the problem is 'Unknown username or password" and this happens when the client tries to connect to the named pipe on the remote machine.

The problem only exists when using Named Pipes with .NET  

I have code that I wrote some years ago in C.  This works with all OS's including Windows 10.  I remember having some issues creating a SECURITY_ATTRIBUTES structure to get this to work with ip addresses but eventually got there.

I guess I will have to convert this into a dll and and call it from managed code.
1
 

Author Comment

by:PeterC_UK
ID: 41853878
The answer appears to be very simple.

If the host address is an ipaddress I just use

System.Net.Dns.GetHostByAddress(IP) and extract the host name.

Appears to solve the problem but I will need to test on a large network.
0
 
LVL 62

Accepted Solution

by:
gheist earned 500 total points
ID: 41854566
It is fairly simple - domain kerberos authentication aka SPNEGO aka LM is not sent to hosts designated by IP address.
0
 

Author Closing Comment

by:PeterC_UK
ID: 41854866
Thank you - It's great to understand why the problem existed
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question