MSMVPS.COM

Using Reflection to Determine if a Property Data Type is Nullable

KevinMcNeish — Tue, 01 Dec 2009 17:52:00 GMT

You can easily determine if the data type of an object property is nullable using the following code: Type t = objectReference.GetType(); Type pt; // Test for Nullable bool isNullable = pi.PropertyType.IsGenericType && pi.PropertyType.GetGenericTypeDefinition() == typeof(Nullable<>); PropertyInfo pi = t.GetProperty("MyPropertyName"); if (isNullable) { // Returns the basic data type without reference to Nullable (for example, System.Int32) pt = pi.PropertyType.GetGenericArguments...(read more)

The security validation for this page is invalid. Click Back in your Web browser, refresh the page, and try your operation again.

Mostafa Elzoghbi - C# MVP — Tue, 01 Dec 2009 16:43:00 GMT

Hi, "The security validation for this page is invalid. Click Back in your Web browser, refresh the page, and try your operation again." This error message in sharepoint 2007 you will get it because of different actions you may perform on the Read More......(read more)

Online Workflow 4 presentation

Maurice — Tue, 01 Dec 2009 16:29:00 GMT

Attached are the PowerPoint sheets and samples from my online Window Workflow Foundation 4 presentation today.

Let me know if you have any questions.

WF4Demo.zip

www.TheProblemSolver.nl
Wiki.WindowsWorkflowFoundation.eu

Koobface Now Using Christmas Theme

Don — Tue, 01 Dec 2009 13:58:00 GMT

Websense Security Labs™ ThreatSeeker™ Network has discovered that the Koobface malware campaign is now using a Christmas theme. Recent developments by Koobface have included use of Google Reader.

The Koobface Web site offers a video posted by 'SantA'. The usual ruse of requiring a codec to watch the video is used, to encourage the user to install and run a file called setup.exe (SHA1:a2046fc88ab82abec89e150b915ab4b332af924a). This file is currently detected by 16 out of 41 antivirus products according to VirusTotal.

On the compromised Facebook page the user is presented with a link to ch[removed]cher.ch which is a compromised site in Switzerland. The user is redirected to one of several Koobface Web sites through a malicious Flash movie file hosted on the compromised site. If the user runs the infected file, the worm will automatically login to their Facebook, Myspace, and several other social networking sites and send messages to all their friends.

Alert Details

Malicious Code Circulating via Social Security Administration Phishing Messages

Don — Tue, 01 Dec 2009 13:55:00 GMT

US-CERT is aware of public reports of malicious code circulating via phishing email messages that appear to come from the Social Security Administration. The messages indicate that the users' annual Social Security statements may contain errors and instruct users to follow a link to review their Social Security statement. If users click this link, they will be redirected to a seemingly legitimate website that prompts them for their Social Security number. If users enter their Social Security number and continue to the next page, they will be given an option to generate a statement. If users attempt to generate a statement, malicious code may be installed on their systems. This malicious code attempts to collect online banking traffic to gain access to the users' bank accounts.

US-CERT encourages users and administrators to take the following preventative measures to help mitigate the security risks:

Install antivirus software, and keep the virus signatures up to date.

Do not follow unsolicited links and do not open unsolicited email messages.

Use caution when visiting untrusted websites.

Use caution when entering personal information online.

Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.

Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

US-CERT will provide additional information as it becomes available.

http://www.us-cert.gov/current/index.html#malicious_code_circulating_via_social

Windows® Live Messenger et nos enfants

Patrice BONNEFOY — Tue, 01 Dec 2009 12:48:00 GMT

Salut à tous, Aujourd'hui, je passe la main à un collègue MVP, Laurent GEBEAU , qui vous a concocté un super article (comme toujours d'ailleurs) sur le comment protéger nos enfants contre les mauvaises rencontres faites avec Windows ® Live Messenger ? Laurent détaille les riques liés à son utilisation sans l'encadrement des parents et leurs rôles dans l'utilisation qu'en font les enfants. Loin d'en faire l'outil...(read more)

Como comunicarme con una Bascula

peplluis — Tue, 01 Dec 2009 12:17:00 GMT

'Respondiendo a la pregunta :

' ¿Cómo puedo establecer comunicación con una bascula que tiene un RS232?

'En este ejemplo podremos ver diferentes formas de enviar una petición

' a una bascula, simulando que nos responde al enviar el carácter 'P'

' y visualizar su respuesta en una etiqueta llamada 'Recibidos'

Public Class Form1

'Constructores

Private BasculaCom As New System.IO.Ports.SerialPort 'Puerto conectado a la báscula

Private Recibidos As New Label 'Etiqueta para visualizar la recepción

Private Peticion As New Button 'Botón para disparar el envío

Delegate Sub MostrarRecepcion(ByVal Texto As String) 'Delegado para asignar el valor recibido

Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load

' Ajustar los parámetros de comunicaciones

' adaptándolos a las especificaciones o configuración

' de la bascula en concreto.

BasculaCom.PortName = "COM1" 'Conectaremos la bascula al puerto COM1

BasculaCom.BaudRate = 9600 'La velocidad de intercambio será de 9600

BasculaCom.Parity = IO.Ports.Parity.None 'No verificaremos la paridad

BasculaCom.StopBits = 1 'Final de Byte con 1 bit de Stop

BasculaCom.Open() 'Abrir las comunicaciones con la bascula

' marco

Dim marcoDGV = New FlowLayoutPanel 'Conformar los controles del form

marcoDGV.BorderStyle = BorderStyle.Fixed3D

marcoDGV.Width = Me.Width

marcoDGV.Height = Me.Height

' Añadir el marco con el Label y el Buton

Recibidos.Text = "-"

Peticion.Text = "Enviar p"

marcoDGV.Controls.AddRange(New Control() {Peticion, Recibidos})

Me.Controls.Add(marcoDGV)

'Dirigir los eventos a las funciones para procesarlos

AddHandler Peticion.Click, AddressOf EnviarUnaP 'Ejecución de 'EnviarUnaP' al pulsar el boton

AddHandler BasculaCom.DataReceived, AddressOf Recibir 'Ejecución de 'Recibir' al recibir respuesta de la bascula

End Sub

' Enviar una solicitud a la bascula

Sub EnviarUnaP()

'enviar una p

BasculaCom.Write("P")

'tambien puede ver/probar...

BasculaCom.WriteLine("P")

BasculaCom.Write(Chr(80))

'... etc

End Sub

'al recibir de la bascula los bytesToRead indicara

'un valor superior a 0, indicando el numero de caracteres

Sub Recibir()

'Dim NumeroDeBytesEnBuffer As Integer = BasculaCom.BytesToRead

MostrarRececibidos(BasculaCom.ReadExisting)

End Sub

' Mostrar los bytes recibidos en el Label recibidos

Private Sub MostrarRececibidos(ByVal [texto] As String)

If Recibidos.InvokeRequired Then

Dim delegado As New MostrarRecepcion(AddressOf MostrarRececibidos)

Me.Invoke(delegado, New Object() {[texto]})

Else

Me.Recibidos.Text = [texto]

End If

End Sub

End Class

A busy week of presenting

But it works on my PC! — Tue, 01 Dec 2009 12:02:48 GMT

The interest in Visual Studio 2010 is growing, I am presenting at two events this week and have another day of less formal meetings on the subject. The event on Thursday is the Architecture Forum in the North we are hosting with Microsoft, there are still a few spaces available is if you are interested in the learning more about new techniques and tools why not come along. You even get to hear me talking about using TFS as a Java developers via Teamprise . Hope to see you there....(read more)

Post PDC Thoughts

But it works on my PC! — Tue, 01 Dec 2009 10:43:23 GMT

I realised I never did another post after my first at the PDC, now what does that tell you? One thing it tells me is that blogs are not they primary news form for events now, it has moved onto Twitter . Though as yet I am still lagging behind on this one, I have an account but no tweets as yet. I find there is too much noise most of the on Twitter, it is useful when at an event like PDC to get the buzz, but for me not day to day (though I know I am missing stuff because of this view) For me the key...(read more)

Advanced Installer 7.3.1 supports HTML Controls on Dialogs

stefan — Tue, 01 Dec 2009 08:57:53 GMT

On November 23rd, 2009, Caphyon Ltd. released version 7.3.1 of their Windows Installer authoring tool Advanced Installer (the original 7.3 release was on November 9th).

New and improved features in Advanced Installer 7.3 include:

Custom Tables editor
Feature-based prerequisites
HTML Host control in Enhanced UI
Vertical line control in Enhanced UI
Predefined installer project templates for: Tomcat web applications, client-server applications and XNA Games
Windows Server 2008 R2 predefined launch condition
Predefined custom action for displaying a message box
Copy/Paste support for: Java products, registry, media, environment variables, file associations, custom actions, services, ODBC elements, SQL connections and scripts, scheduled tasks, themes, IIS elements and Game Explorer

With seven feature releases within a 12 month period, Caphyon is one of the most agile manufacturers in the MSI authoring tools market. Each purchase of Advanced Installer includes 6 months of maintenance (optionally 30 months) so you typically get three or four upgrades for free.

Advanced Installer is licensed on a per developer basis and can be installed on multiple machines. It is available in four editions, starting with the Freeware community edition and offering a 30-day trial period for the other editions.

For more information and to purchase Advanced Installer please visit the InstallSite Shop.

Tweaking auditing and alerting again

bradley — Tue, 01 Dec 2009 07:09:00 GMT

I'm tweaking auditing and alerting again.

I like... okay no I LOVE it when I get an alert when someone fails to log into the server. Why? Because I want to know who's banging on my ports. But at the same time I don't want to be so overloaded with alerts that I can't stand it.

So I use my Calyptix Firewall to limit my SMTP email to those IP addresses that are from Exchange Defender. Then I limit RDP to either only be accessed via VPN or limit it to my external Static IP.

How can you do this you ask? Easy with SBS 2008. Not so easy with SBS 2003. With 2k3 you need an external firewall that can handle this.

With SBS 2008 you can do this by adjusting the inbound RDP to only be allowed from the internal IP addresses of the network AND the internal IP addresses from your remote session.

Now we go and adjust the default domain controllers policy to track our failures and not just our successes.

Add failure to those audit events so that you get those alerts.

Then right mouse click on the audit event log and kick up the size. The default is 16384 KB which is fine for some of the other logs but small on the audit ones.

I also kick up the default auditing policy to log FAILURES. I don't want to see just the successes, I want to see the attempts to get in before they are successful.

And while I had stuck in Philip Elder's alert from the www.codeplex.com/sbs

<?xml version="1.0" encoding="utf-8" ?>

- <AlertDefinitions>

- <AlertDefinition ID="e86545a3-417d-4a0a-ae42-2e6a352ebe90" Default="1" Title="Failed User Logon" Source="Server">

- <Parameters>

<Path>Security</Path>

<Provider>Microsoft-Windows-Security-Auditing</Provider>

</Parameters>

</AlertDefinition>

</AlertDefinitions>

I had forgotten to kick the group policy/auditing to alert me to failures as the default is just success. This is the same as SBS 2003 and it something easy to kick up and IMHO very useful for security. So I go into group policy management and kick up the default domain controller policy

The resulting alert looks like this:

An alert was detected on your network. Further investigation into the issue is recommended.

Computer: SERVER
Date/Time generated: 11/30/2009 11:05:12 PM
Title: Failed User Logon
Source: Server
Description:
An account failed to log on.

Subject:
Security ID: S-1-5-20
Account Name: SERVER$
Account Domain: DOMAIN
Logon ID: 0x3e4

Logon Type: 3

Account For Which Logon Failed:
Security ID: S-1-0-0
Account Name: Someone
Account Domain:

Failure Information:
Failure Reason: Unknown user name or bad password.
Status: 0xc000006d
Sub Status: 0xc000006a

Process Information:
Caller Process ID: 0x4c0
Caller Process Name: C:\Windows\System32\inetsrv\w3wp.exe

Network Information:
Workstation Name: SERVER
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon request fails. It is generated on the computer where access was attempted.

The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).

The Process Information fields indicate which account and process on the system requested the logon.

The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.

Wrong compiler warning? Or Not?

Senthil — Tue, 01 Dec 2009 05:27:57 GMT

This piece of code results in a warning.

   1: class Test

   2: {

   3:     public static void Main()

   4:     {

   5:         object obj = "Senthil";

   6:         string myName = "Senthil";

   7:         Console.WriteLine(obj == myName);

   8:     }

   9: }

The compiler says “warning CS0252: Possible unintended reference comparison; to get a value comparison, cast the left hand side to type 'string'” on line 7. The compiler is right; it has no way of knowing that obj is actually a string. It infers the static type of obj to be System.Object, and if you’ve done any programming in C# at all, you’ll know that the default behavior of the == operator is reference comparison. This code is unintentionally comparing reference values of two local variables, and that’s what the compiler is warning about.

Yet try running the code, and you’ll see that it works correctly; it prints True. Is the compiler wrong?

No. The code appears to work fine because string interning masks the problem. The C# compiler figures that there are two constant strings in the program, and both are equal, so instead of creating two distinct string objects, it creates only one. With strings being immutable, reusing string objects for identical strings is safe. And that’s why this code works, both obj and myName refer to the same string object, which means reference comparison will succeed.

Now that we know why it’s working, it’s easy to prove that the compiler warning is right with a small code change.

   1: class Test

   2: {

   3:     public static void Main()

   4:     {

   5:         object obj = "Senthil";

6:

   7:         string myName1 = "Sen";

   8:         string myName2 = "thil";

   9:         string myName = myName1 + myName2;

  10:         Console.WriteLine(obj == myName);

  11:     }

  12: }

Constructing myName dynamically forces the compiler to create another string object; it cannot reuse the interned one. As you’d expect, this piece of code will print False.

Fixing the warning is a mere matter of casting obj to the correct type (string) and then doing the equality check.

   1: class Test

   2: {

   3:     public static void Main()

   4:     {

   5:         object obj = "Senthil";

6:

   7:         string myName1 = "Sen";

   8:         string myName2 = "thil";

   9:         string myName = myName1 + myName2;

  10:         Console.WriteLine(((string)obj) == myName);

  11:     }

  12: }

Or we could use the Equals method, which is virtual and won’t be fooled by the compile time type.

   1: class Test

   2: {

   3:     public static void Main()

   4:     {

   5:         object obj = "Senthil";

6:

   7:         string myName1 = "Sen";

   8:         string myName2 = "thil";

   9:         string myName = myName1 + myName2;

  10:         Console.WriteLine(obj.Equals(myName));

  11:     }

  12: }

Both of them print True, which is what we want.

Latest Microsoft patches cause black screen of death, Microsoft looking into Windows 'black screen of death' problem

donna — Tue, 01 Dec 2009 03:10:54 GMT

Microsoft's latest round of security patches appears to be causing some PCs to seize up and display a black screen, rendering the computer useless.

The problem affects Microsoft products including Windows 7, Vista and XP operating systems, said Mel Morris , the CEO and CTO for the U.K. security company Prevx.

Prevx was alerted to the problem by users of its security software last week, Morris said. Microsoft apparently made changes to the Access Control List (ACL), a list of permissions for a logged-on user. The ACL interacts with registry keys, creating visible desktop features such as a sidebar.

However, the latest patches appear to make some changes to those registry keys. The effect is that some installed applications aren't aware of the changes and don't run properly, causing a black screen, Morris said.

Security applications seem to be particularly affected. Morris said users of other security products have also complained about the issue, even going so far as trying to reinstall the operating system to fix it.

http://www.computerworld.com/s/article/9141568/Latest_Microsoft_patches_cause_black_screen_of_death

Black Screen woes could affect millions on Windows 7, Vista and XP

Firstly, there appears to be many causes of of the black screen issue. The symptoms are very distinctive and troublesome. After starting your Windows 7, Vista, XP, NT, W2K, W2K3 or W2K8 PC or server the system appears normal. However, after logging on there is no desktop, task bar, system tray or side bar. Instead you are left with a totally black screen and a single My Computer Explorer window. Even this window might be minimized making it hard to see.

If you have these symptoms you can safely try our free Black Screen Fix. It will fix the most common cause we have seen of this issue. Running the fix program is easy under normal circumstances, simply download with your browser using the link above and run the program. However, if you are trying to do this from the PC which has black screen it is a bit more tricky.

http://www.prevx.com/blog/140/Black-Screen-woes-could-affect-millions-on-Windows--Vista-and-XP.html

Microsoft looking into Windows 'black screen of death' problem

Microsoft says it's looking into reports that its latest security updates are causing some Windows machines to stop working and display a mostly black screen with no desktop icons, taskbar, sidebar or other elements -- seizing up and displaying just a "My Computer" Explorer window, if they're lucky. [...]

"Microsoft is investigating reports that its latest release of security updates is resulting in system issues for some customers," a company representative said via email in response to our inquiry. "Once we complete our investigation, we will provide detailed guidance on how to prevent or address these issues."

http://www.techflash.com/seattle/2009/11/microsoft_investigating_windows_black_screen_of_death.html

Also, Recent Windows security patches causing 'black screen of death'

Microsoft said it is aware of the issue and sent seattlepi.com the following statement:

* Microsoft is investigating reports that its latest release of security updates is resulting in system issues for some customers.
* Based on our investigation so far we can say that we're not seeing this as an issue from our support organization.
* The issues as described also do not match any known issues that have been documented in the security bulletins or KB articles.
* As always, we encourage customers to review the security bulletin and related KB articles and test and deploy security updates.
* If customers do encounter an issue with security updates, we encourage them to contact our Customer Service and Support group for no-charge assistance. Customers can contact CSS using the information at http://support.microsoft.com/security.

http://blog.seattlepi.com/microsoft/archives/186746.asp

Okay so what KSOD?

bradley — Tue, 01 Dec 2009 02:56:00 GMT

I'm not saying that there isn't historical issues with the black screen of death (aka KSOD) that Mark Crall probably lost a few dents in his head to a few months back, but tonight as the Techmeme articles are parroting the "Latest Microsoft Patches cause black screen of death", I'm asking ...okay are all of the folks supposedly impacted by this not calling in, not posting in a newsgroup, not posting in a forum and only silently suffering?

I will be the first to eat crow (rather than leftover turkey) if something comes out of this, but right now I'm doubting Thomas for sure.

Microsoft investigates Windows 'black screen of death' triggered by recent security updates | Security - InfoWorld:
http://www.infoworld.com/t/security/microsoft-investigates-windows-black-screen-death-triggered-recent-security-updates-424

"Searches of Microsoft's support forums today, for example, turned up only one "black screen" thread with posts after the Nov. 10 security updates had been released. Four different users on that Windows 7-specific thread said that they faced a blank screen."

Microsoft investigating 'black screen of death' | Beyond Binary - CNET News:
http://news.cnet.com/8301-13860_3-10406369-56.html

"So this is a problem that ostensibly would have happened 20 days ago? Does it happen right away, or under certain circumstances.

Cause if its supposed to happen right away, I'm sure we would have heard about it before a press release from a software vendor. People love to jump on any problems that MS has, I'm surprised it would have stayed quiet for 3 weeks."

"I loved this line from the link "If you Google Black Screen then you will find a whopping 80Million plus results" except all but the computer world article and Cnet article are between 1 and 5 years old."

Fixing a bit of WMI

bradley — Tue, 01 Dec 2009 02:06:00 GMT

So if some of your workstations are not showing up properly in the SBS 2008 Computers console, here's what I did to fix all of my truant ones.

Event ID 10016 Source DCOM:
http://www.eventid.net/display.asp?eventid=10016&eventno=4718&source=DCOM&phase=1

In my case I went into dcomcfg

Then I went under component services, computers, my computer, dcom config, then found the 49BD2028-1523-11D1-AD79-00C04FD8FDFF CSLID and changed the settings to "use default"

Rebooted.

Then I followed this and

Repairing and re-registering the WMI:
http://windowsxp.mvps.org/repairwmi.htm

Did the following commands at a c:\

rundll32 wbemupgd, UpgradeRepository

Then did this:

cd /d %windir%\system32\wbem

for %i in (*.dll) do RegSvr32 -s %i

for %i in (*.exe) do %i /RegServer

This big square box will load up just hit cancel.

Close the command window.

Why did I do all of that? to get the WMI kicked back into gear so I could fix the lack of security status being reported in the SBS 2008 console.

If your machines are not checking in, it's either a firewall blocking the communication, or your WMI messed up.

Vista and Win7's were connecting just fine but I had three XPs not reporting the proper security status. Remember that servers will not report a status as they have no security status center.

oh, gosh! SO many ways to require a script…

luisabreu — Mon, 30 Nov 2009 20:45:27 GMT

I’d like to apologize for the lack of posts lately…no, I haven’t given up in my Silverlight series, but I’ve been busy updating my existing ASP.NET book to the 4.0 version. It seems like I will have a lot of work (much more than I had anticipated, but the truth is that I really enjoy writing about technical stuff) so the Silverlight series won’t really go as fast as the one on MS AJAX…sorry for that…now back to business :)

I really didn’t gave it any thoughts until I spoke with a friend who he asked me about the options we have for requiring a script (when using MS AJAX, of course!). So, lets see…we can specify it by:

using the scripts object : Sys.scripts.Core loads the basic MS AJAX JavaScript file
using the components object: Sys.components.dataView loads all the JavaScript files required for using the DataView component;
using the plugins object: Sys.plugins.bind will load all the JavaScript file required for using the bind method;
name: “History” will load all the scripts required for supporting the history feature.

All of them requires that you “define” your scripts in a JavaScript file which must be included in the page after the start.js file. And the best thing is that you can mix them all when using the Sys.required method. Fantastic, right?

The official MMS 2010 marketing kit is coming…

Rod Trent at myITforum.com — Mon, 30 Nov 2009 20:35:11 GMT

Look for an announcement soon on a downloadable marketing kit (banners, web buttons, etc.) for MMS 2010… Read More......(read more)

Rogue Gallery

donna — Mon, 30 Nov 2009 19:36:37 GMT

Few years ago, I remember talking with MVP Janie Whitty about a page that is similar to above and similar to MVP Eric Howes' list of Rogue/Suspect Anti-Spyware programs. A place where people can see the look of Rogue software (avoid rogue applications!) and I'm glad her wish has come true because Lavasoft have it now online: http://www.lavasoft.com/mylavasoft/rogues/latest

http://www.lavasoft.com/mylavasoft/company/blog/lavasoft-malware-labs’-rogue-gallery

Thanks to Ray for the link!

Quest Management Xtensions

Rod Trent at myITforum.com — Mon, 30 Nov 2009 19:10:20 GMT

QMX Monitoring for Operations Manager and MOM Monitor Extensions Read More......(read more)

HowTo: Obtener TODOS los usuarios de un grupo del Directorio Activo

lfranco — Mon, 30 Nov 2009 16:58:36 GMT

Siguiendo con el tema de las últimas entradas, vamos a ver cómo obtener TODOS los usuarios que pertenecen a un grupo del directorio activo. Y cuando digo TODOS los usuarios, me refiero a TODOS (por algo lo he puesto en mayúsculas :-D). Es decir, dentro de un grupo podemos tener otros grupos, que a su vez contengan otros grupos y así succesivamente... y nuestro objetivo es obtener todos los usuarios de forma recursiva.

Para obtener los datos de estos usuarios vamos a crear una clase, para ir almacenando las propiedades que deseamos obtener de cada usuario. Y una función que obtenga los usuarios de un grupo, y se llame a sí misma de forma recursiva en caso que este grupo contenga otros grupos.

El código de la clase:

public class ADUser

    public byte[] Sid { get; set; }

    public string Name { get; set; }

    public string DistinguishedName { get; set; }

    public string SAMAccountName { get; set; }

    public int RoleType { get; set; }

    public ADUser(byte[] sid, string name,

        string distinguishedName, string sAMAccountName)

        Sid = sid;

        Name = name;

        DistinguishedName = distinguishedName;

        SAMAccountName = sAMAccountName;

    public string sIDtoString()

        SecurityIdentifier sid = new SecurityIdentifier(Sid, 0);

        return sid.ToString();

Y el método que devuelve todos los usuarios de un grupo de forma recursiva:

namespace Alpha.Code

    public class SecurityContextEx

        public static string getDomainName()

            return IPGlobalProperties.GetIPGlobalProperties().DomainName;

        public static string getLDAPDomainName(string domainName)

            StringBuilder sb = new StringBuilder();

            string[] dcItems = domainName.Split(".".ToCharArray());

            sb.Append("LDAP://");

            foreach (string item in dcItems)

                sb.AppendFormat("DC={0},", item);

            return sb.ToString().Substring(0, sb.ToString().Length - 1);

        public static List<ADUser> GetUsersInGroup(string group)

            List<ADUser> users = new List<ADUser>();

            string ldapDomainName = SecurityContext.getLDAPDomainName(SecurityContext.getDomainName());

            string domainName = ldapDomainName.Replace("LDAP://", string.Empty);

            List<string> groupMemebers = new List<string>();

            DirectoryEntry de = new DirectoryEntry(ldapDomainName);

            DirectorySearcher ds = new DirectorySearcher(de, "(objectClass=person)");

            ds.Filter = "(&(objectClass=group)(cn=" + group + "))";

            foreach (SearchResult result in ds.FindAll())

                var dir = result.GetDirectoryEntry();

                var list = dir.Invoke("Members");

                IEnumerable entries = (IEnumerable)list;

                foreach (var entry in entries)

                    DirectoryEntry member = new DirectoryEntry(entry);

                    if (member.SchemaClassName == "group")

                        List<ADUser> usersInGroup =

                            GetUsersInGroup(member.Properties["name"][0].ToString());

                        foreach (ADUser aduser in usersInGroup)

                            if (!users.ToDictionary(u => u.Name).ContainsKey(aduser.Name))

                                users.Add(aduser);

                    else

                        ADUser aduser = new ADUser(

                            (byte[])member.Properties["objectSid"][0],

                            member.Properties["name"][0].ToString(),

                            member.Properties["distinguishedName"][0].ToString(),

                            member.Properties["sAMAccountName"][0].ToString());

                        users.Add(aduser);

            return users;

Aparte de la función GetUsersInGroup, también existen un par de métodos de apoyo para averiguar el nombre de nuestro dominio, que creo recordar que he publicado con anterioridad, pero por si acaso os los he publicado también.

Si deseamos obtener los usuarios de un grupo en particular, basta con usarlo de este modo:

List<ADUser> users = SecurityContextEx.GetUsersInGroup("My users");

Nota: En ocasiones, puede resultar una buena práctica para la administración de la seguridad de nuestras aplicaciones, crear un grupo en el directorio activo con el mismo nombre de la aplicación. Y de este modo conceder acceso a todos los miembros de dicho grupo a nuestra aplicación. En este caso todavía resultaría más sencillo mostrar todos los usuarios a los que hemos concedido acceso:

List<ADUser> users = SecurityContextEx.GetUsersInGroup(Application.ProductName);

Espero que os haya gustado,

Un saludo desde las frías tierras de Andorra :-)

Y después de la nevada de ayer, esta vez más frías que nunca…

Noviembre 2009

** crossposting desde el blog de Lluís Franco en geeks.ms **

El Registro: organización

juansa — Mon, 30 Nov 2009 13:55:15 GMT

Como una vista esencial y panorámica, diremos que el registro está compuesto de 5 llaves raíz y de ellas las HKLM y HKU son más importantes que el resto. Son las llaves que Windows guarda en disco, mientras que el resto son enlaces a sub-llaves de una u otra. HKCU es un enlace a una sub-llave de HKU, HKCR y HKCC son enlaces a sub-llaves de HKLM.

Las configuraciones pueden ser para el usuario o para el equipo. En la llave HKCU tenemos los de usuarios y en la HKLM la del equipo.

HKEY_USERS

Aquí nos encontramos al menos con:

.DEFAULT

Configuración por usuario que usa Windows para mostrar el escritorio antes de que cualquier usuario inicie sesión. No es lo mismo que el perfil predeterminado, que utiliza Windows para crear la configuración de los usuarios la primera vez que inician sesión en el equipo.

Donde SID es el identificador de seguridad de la consola de usuario, contiene configuración por usuario. HKCU enlaza con esta llave. Valores de preferencia de escritorio de usuario, configuración de Panel de control, etc…

SID_classes

Donde SID, al igual que el anterior es el identificador de seguridad de la consola de usuario, contiene configuración por usuario, registro de clases y asociaciones de archivos. Windows mezcla los contenidos de HKLM\SOFTWARE\Classes y HKU\SID_Classes en HKCR.

Suelen verse otros SID en HKU, como los SID conocidos: s-1-5-18, s-1-5-19, s-1-5-20, etc…

Cualquier otra sub-llave pertenece a usuarios secundarios, es decir, si usamos el comando RunAs para ejecutar algún programa como usuario distinto.

HKEY_CURRENT_USER

Aquí encontramos la configuración por usuario de la consola del usuario. Esta llave raíz está enlazada a HKU\SID (El SID representa cada identificador de usuario). Esta rama incluye las variables de entorno, configuración del escritorio, conexiones de red, impresoras, y preferencias de las aplicaciones.

Así a bote pronto:

AppEvents

Sonidos asociados con eventos.

Console

Almacena datos del subsistema de consola, que almacena todos modos caracteres de aplicaciones, incluido el prompt de MS-DOS. La llave Console puede contener sub-llaves de ventanas de comando personalizadas.

Control Panel

Configuración de la apariencia del escritorio, configuración de accesibilidad y la configuración regional. Muchos de estos valores se configuran desde el Panel de Control, sin embargo dentro de esta llave hay un montón de configuraciones útiles que carecen de interfaz de usuario; que sólo podemos configurar mediante el registro.

Environment

Variables de entorno establecidas por los usuarios. Los valores predeterminados se encuentran en el perfil del usuario.

Identities

Una sub-llave por cada identidad de Outlook express. Desde la compatibilidad de Windows con perfiles múltiples de usuario, las configuraciones de cada uno van separadas, por lo que esta clave se usa ya pocas veces.

Keyboard Layout

Información sobre los teclados instalados.

Network

Información sobre las unidades de red. Cada sub-llave dentro de Network es una unidad de red, conteniendo su configuración a usar para reconexión.

Printers

Preferencias de usuario de impresoras.

Software

Configuraciones de aplicación por usuario. Windows tiene muchas de sus configuraciones dentro de esta llave.

Volatile Environment

Variables de entorno definidas dentro de la sesión de usuario.

HKEY_LOCAL_MACHINE

Esta llave raíz contiene los valores por equipo, que significa que la configuración establecida aquí es de aplicación al equipo y afectará a cada usuario que inicie sesión en el.

HARDWARE

Descripción del hardware que Windows detecta e inicia. Esta llave se crea cada vez que el sistema operativo inicia, incluyendo la información sobre dispositivos, sus controladores y recursos asociados.

SAM

Base de datos de Seguridad Local de Windows, el Administrador de cuentas de Seguridad (SAM), donde Windows almacena usuarios y grupos. Las listas de control de acceso de esta llave (ACL) impiden verla, aun siendo administrador. Es un enlace a la llave HKLM\SECURITY\SAM

SECURITY

Contenido de la sub-llave SAM y algunos otros valores de seguridad. La ACL impide verla, a menos que hagamos por verla, claro.

SOFTWARE

Configuraciones de las aplicaciones por equipo. Windows también almacena configuraciones propias aquí.

SYSTEM

Contiene conjuntos de control, del que uno será el actual. Los conjuntos quedan disponibles para su uso por Windows. Cada sub-llave se llama ControlSet???, donde ??? es un número que se incrementa y que comienza por 001. El sistema operativo mantiene al menos dos conjuntos de control para asegurarse que puede iniciarse correctamente siempre. Estos conjuntos contienen configuraciones de servicios y controladores de dispositivo. HKLM\SYSTEM\CUrrentControlSet es un enlace a ControlSet???, y HKLM\SYSTEM\Select al ControlSet??? en uso.

HKEY_CLASSES_ROOT

Aquí se esconden dos tipos de configuración. La primera de ellas es la asociación de archivos, que asocia los distintos tipos de archivo con los programas que pueden abrirlos, editarlos, imprimirlos. La segunda es el registro de clases para los objetos COM. Esta es una de las llaves más interesantes del registro a personalizar, nos permite cambiar el comportamiento del sistema operativo. Es la más grande además, por lo que consume la mayor parte del espacio del registro. Ha sufrido algunos cambios desde Windows 2000, realizando una mezcla de llaves que se supone que son beneficiosos, como:

Los programas pueden registrar su asociación de archivo y clase tanto por usuario como por equipo.
Distintos usuarios que comparten el equipo pueden estar utilizando diferentes programas para editar el mismo tipo de archivo, sin que ello afecte a ninguno de ellos.
Debido a que el registro de clases y asociaciones de archivo por usuario están en el perfil de usuario, le siguen a cualquier equipo al usar perfiles móviles.
Podemos limitar el acceso a HKLM\SOFTWARE\Classes sin impedir a los usuarios cambiar HKCU\Software\Classes, ganando en seguridad en el registro sin consecuencias en la posibilidad de que los usuarios cambien las asociaciones.

HKEY_CURRENT_CONFIG

Enlace a los datos de configuración del perfil actual de hardware, HKLM\SYSTEM\CurrentControlSet\Hardware Profiles\****, donde **** es un número incremental desde el 0000.

1e Shopping Application Webinar

Rod Trent at myITforum.com — Mon, 30 Nov 2009 12:32:36 GMT

Is Your Organization Suffering from Application Sprawl? Time to go Shopping™ For a Typical ROI of Between 3-6 Months! Join one of two webinars on Thursday 3 rd December and Wednesday 9 th December at 16.00 GMT to find out how 1E can help your organization Read More......(read more)

Creating complex activities in the workflow designer

Maurice — Mon, 30 Nov 2009 12:31:18 GMT

In Windows Workflow Foundation 4 there are a number of “activities” in the designer that aren’t really activities but activity templates. The most obvious of there are the ReceiveAndSendReply and the SendAndReceiveReply in the Messaging section of the toolbox.

If you search for either of these activities you are not going to find them. Their real name is ReceiveAndSendReplyFactory and SendAndReceiveReplyFactory respectively and they aren’t activities but activity templates.

So how to create an activity template?

Quite simply create a class and implement the IActivityTemplateFactory interface. This interface is simple and consists of a single Create function that returns the activity to be added to the workflow. Need to create multiple activities like the messaging activities do? Just wrap them in a Sequence activity and return that.

So what does that look like? Well in the case of the ReceiveAndSendReplyFactory the Create() looks like this according to Reflector:

public Activity Create(DependencyObject target)

    string str = ActivityDesignerHelper.GenerateUniqueVariableNameForContext(target, "__handle");

    Variable<CorrelationHandle> variable = new Variable<CorrelationHandle>

        Name = str

};

    VisualBasicSettings settings = new VisualBasicSettings

        ImportReferences =

            new VisualBasicImportReference

                Assembly = requiredAssemblyName,

                Import = requiredNamespace

};

    Receive receive = new Receive

        OperationName = "Operation1",

        ServiceContractName = XName.Get("IService", "http://tempuri.org/"),

        CorrelationInitializers =

            new RequestReplyCorrelationInitializer

                CorrelationHandle = new VisualBasicValue<CorrelationHandle>

                    ExpressionText = str,

                    Settings = settings

};

    return new Sequence

        Variables = { variable },

        Activities =

            receive,

            new SendReply

                DisplayName = "SendReplyToReceive",

                Request = receive

};

Nice to know what is happening behind the scenes and IActivityTemplateFactory is a nice interface to have when you start creating your own complex activities.

Enjoy!

www.TheProblemSolver.nl
Wiki.WindowsWorkflowFoundation.eu

Black Screen woes could affect millions on Windows 7, Vista and XP

Rod Trent at myITforum.com — Mon, 30 Nov 2009 12:23:54 GMT

Firstly, there appears to be many causes of of the black screen issue. The symptoms are very distinctive and troublesome. After starting your Windows 7, Vista, XP, NT, W2K, W2K3 or W2K8 PC or server the system appears normal. However, after logging Read More......(read more)

Working with Access dates

RichardSiddaway — Mon, 30 Nov 2009 11:18:08 GMT

Following on from the previous post about updating records one data type that will be a little awkward to work with is dates.

If you use a US locale or any other that uses a date format of Month/Day/Year you can more or less ignore this because your standard formats work OK.

If I run

PS> Get-AccessData -sql "select * from test1" -connection $db

FirstName                         LastName                          DOB
---------                         --------                          ---
Fred                          ... Green                         ... 01/09/1979 00:00:00
John                          ... Green                         ... 01/07/1981 00:00:00
James                         ... Jones                         ... 18/04/1981 00:00:00

In the first record the date is first of September 1979 because I am using a UK date format of day/month/year

if I try to query on that date

PS> Get-AccessData -sql "select * from test1 where DOB = #01/09/1979#" -connection $db

I don’t get anything returned but if I use

PS> Get-AccessData -sql "select * from test1 where DOB = #09/01/1979#" -connection $db

FirstName                         LastName                          DOB
---------                         --------                          ---
Fred                          ... Green                         ... 01/09/1979 00:00:00

I get the data I expect.

This is a PowerShell issue.

PS> $host

Name             : ConsoleHost
Version          : 2.0
InstanceId       : 98b88ef9-297c-46a8-bc2c-8cbb4cb273df
UI               : System.Management.Automation.Internal.Host.InternalHostUserInterface
CurrentCulture   : en-GB
CurrentUICulture : en-US
PrivateData      : Microsoft.PowerShell.ConsoleHost+ConsoleColorProxy
IsRunspacePushed : False
Runspace         : System.Management.Automation.Runspaces.LocalRunspace

Notice that the CurrentUICulture is en-US but my CurrentCulture is en-GB. This means that when I input dates at the PowerShell prompt or in scripts they will be interpreted following the US format.

My recommendation for dealing with this is to use this format

PS> Get-AccessData -sql "select * from test1 where DOB = #01-Sep-79#" -connection $db

This removes the ambiguity and leaves us able to apply the same commands anywhere (at least if you are using English :-))

Our update command then becomes

Set-AccessData -table test1 -filter "DOB = #01-Sep-1979#" -value "DOB = #02-Sep-1979#" -connection $db

Technorati Tags: PowerShell,Office 2010,Access,dates

Updating Access data

RichardSiddaway — Mon, 30 Nov 2009 10:58:15 GMT

The last of of our data manipulation tasks is to update the data – we have already seen how to create, read and delete.

            001              
002               
003               
004               
005               
006               
007               
008               
009               
010               
011               
012               
013               
          function Set-AccessData {               
[CmdletBinding(SupportsShouldProcess=$true)]               
param (               
    [string]$table,               
    [string]$filter,               
    [string]$value,               
    [System.Data.OleDb.OleDbConnection]$connection               
)               
    $sql = "UPDATE $table SET $value WHERE $filter"               
    $cmd = New-Object System.Data.OleDb.OleDbCommand($sql, $connection)               
                  
    if ($psCmdlet.ShouldProcess("$($connection.DataSource)", "$sql")){$cmd.ExecuteNonQuery()}               
} 
       
 

This function is very similar to the delete function. We have an additional parameter to pass in the values we are updating.

PS> Import-Module accessfunctions
PS> $db = Open-AccessDatabase -name test03.mdb -path c:\test
PS> Get-AccessData -sql "select * from test1" -connection $db

FirstName                          LastName                           DOB
---------                          --------                           ---
Fred                           ... Smith                          ... 01/09/1979 00:00:00
John                           ... Smith                          ... 01/07/1981 00:00:00
James                          ... Jones                          ... 18/04/1981 00:00:00

PS> Set-AccessData -table test1 -filter "LastName='Smith'" -value "LastName='Green'" -connection $db
2
PS> Get-AccessData -sql "select * from test1" -connection $db

FirstName                          LastName                           DOB
---------                          --------                           ---
Fred                           ... Green                          ... 01/09/1979 00:00:00
John                           ... Green                          ... 01/07/1981 00:00:00
James                          ... Jones                          ... 18/04/1981 00:00:00

Technorati Tags: PowerShell,office 2010,Access,update

[ConfigMgr] ConfigMgr Deployment Pack Links added to the Downloads page

Cliff Hobbs at myITforum.com — Mon, 30 Nov 2009 09:34:00 GMT

I've just added links to the various vendor specific ConfigMgr Deployment Packs to the Downloads page. The four that exist at present are from Dell , HP , IBM and Sun ......( read more ) Read More......(read more)

Online presentation: Meet the New Workflow WF4

Maurice — Mon, 30 Nov 2009 08:49:19 GMT

Tomorrow I will be doing an online presentation about Windows Workflow Foundation 4. The meeting lasts 1 hour and starts at 4PM European time, 3PM UTC or 7AM PST.

The goal is to provide an overview of WF4 and how to get started with it in Visual Studio 2010.

I will be doing the meeting using LiveMeeting and you can register here.

During the meeting I will also be tracking the Twitter hash tag #dmwf4 for additional questions and feedback.

“See” you there tomorrow

www.TheProblemSolver.nl
Wiki.WindowsWorkflowFoundation.eu

EmsiSoft has released MalAware (just a quick scanner, no removal)

donna — Mon, 30 Nov 2009 08:44:45 GMT

It's in http://www.emsisoft.com/en/software/malaware/

No installation needed. It will only scan for active malware. Really quick scan.

Discussion and thanks to RedDawn for the link: http://www.calendarofupdates.com/updates/topic25556

I felt naked....

bradley — Mon, 30 Nov 2009 07:12:00 GMT

And now I'm not .....

Now protecting the RWW access (especially for the administrator account)...

And the cool thing is that I can now use iPhones and Windows mobile phones to be portable softtokens

I've also added the protection to the RDP access to the server so that it's not open. Mind you I already limited the RDP access to certain IP addresses, but this tightens up security that much more.

And you can extend the password policy and let people change them LESS often to then ensure that they choose better passwords.