Solved

.NET NamedPipe access using ip address

Posted on 2016-10-20
5
88 Views
Last Modified: 2016-10-21
I am using NamedPipes (Client) on the server to communicate with users.  All users have a local Pipe server installed.  Where I have the users machine name this works fine but if I only have the ip address I get 'Login Failure' errors.  For example :

using (NamedPipeClientStream pClient = new NamedPipeClientStream("UsersMachineName", "\\Pipe\\<UserID>.MonitorPipe", PipeDirection.InOut, PipeOptions.None)) {

  pClient.Connect();
  // Transaction code here

}

Works fine  
BUT

using (NamedPipeClientStream pClient = new NamedPipeClientStream("192.168.1.1", "\\Pipe\\<UserID.MonitorPipe",                           PipeDirection.InOut, PipeOptions.None)) {

  pClient.Connect();
  // Transaction code here

}

FAILS "Logon Failure  Unknown User Name or Password"

The Named pipe server on the Users PC is created as follows:

      var sid = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
      var rule = new PipeAccessRule(sid, PipeAccessRights.ReadWrite, System.Security.AccessControl.AccessControlType.Allow);
      var sec = new PipeSecurity();
      sec.AddAccessRule(rule);

      using (NamedPipeServerStream pServer=new NamedPipeServerStream("\\Pipe\\<UserID>.MonitorPipe",PipeDirection.InOut,100,
                                                                      PipeTransmissionMode.Byte,PipeOptions.None,0,0,sec)) {
 
        while (boolContinue==true) {
          pServer.WaitForConnection();

          // Transaction code here

         pServer.Disconnect();

        }

Is there a reason that this will work if I use the Users Machine Name but not if I use the IP Address??

Thanks - Peter
0
Comment
Question by:PeterC_UK
  • 3
5 Comments
 
LVL 22

Expert Comment

by:ambience
ID: 41853575
According to MSDN pipe names have to follow specific format. See:

https://msdn.microsoft.com/en-us/library/windows/desktop/aa365783(v=vs.85).aspx

The pipe server cannot create a pipe on another computer, so CreateNamedPipe must use a period for the server name, as shown in the following example.

\\.\pipe\PipeName

The short answer to your question therefore is that this is by design and IP wont work. See also:

https://msdn.microsoft.com/en-us/library/windows/desktop/aa365150(v=vs.85).aspx
1
 

Author Comment

by:PeterC_UK
ID: 41853689
This code is not trying to create the pipe on a remote machine but to send a message to a named pipe on the remote machine for which I may only have the ip address.  The code above shows the problem is 'Unknown username or password" and this happens when the client tries to connect to the named pipe on the remote machine.

The problem only exists when using Named Pipes with .NET  

I have code that I wrote some years ago in C.  This works with all OS's including Windows 10.  I remember having some issues creating a SECURITY_ATTRIBUTES structure to get this to work with ip addresses but eventually got there.

I guess I will have to convert this into a dll and and call it from managed code.
1
 

Author Comment

by:PeterC_UK
ID: 41853878
The answer appears to be very simple.

If the host address is an ipaddress I just use

System.Net.Dns.GetHostByAddress(IP) and extract the host name.

Appears to solve the problem but I will need to test on a large network.
0
 
LVL 62

Accepted Solution

by:
gheist earned 500 total points
ID: 41854566
It is fairly simple - domain kerberos authentication aka SPNEGO aka LM is not sent to hosts designated by IP address.
0
 

Author Closing Comment

by:PeterC_UK
ID: 41854866
Thank you - It's great to understand why the problem existed
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows Security warnings have started to pop up excessively 4 52
VB: Convert 2 dates to specific format 24 48
PCI compliance 16 31
PCI Compliance - mixing SAQs 6 27
On Beyond Tools A conversation I recently had with the DevOps manager of a major online retailer really made me think about DevOps monitoring tools (https://www.onpage.com/devops-incident-management-tool/). The manager and I discussed how sever…
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question