RE: Problems with security requirements in Windows WorkGroups.

Hi Domingo,

I have performed some tests on the projects, so far I've tried running it
on multiple machines (such as XP or windows 2k3 server). I have domain
environment, so I use local accounts to run both of them and here is the
result:

** with duplicated account(same username/password), it works

** with a normal local account(only exists on client machine), it fails.

I'll try establising a non-domain environment to see whether it differs. It
may take some further time since all my existing local test environment are
in domain.

Steven Cheng
Microsoft MSDN Online Support Lead

Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msdnmg@xxxxxxxxxxxxxx

This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------

Date: Thu, 13 Mar 2008 09:37:14 GMT
Subject: RE: Problems with security requirements in Windows WorkGroups.
X-Tomcat-NG: microsoft.public.dotnet.languages.csharp
Message-ID: <XI2Jg3OhIHA.360@xxxxxxxxxxxxxxxxxxxxxx>
Newsgroups: microsoft.public.dotnet.languages.csharp
Lines: 227
Path: TK2MSFTNGHUB02.phx.gbl
Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.dotnet.languages.csharp:79936
NNTP-Posting-Host: TOMCATIMPORT3 10.201.220.210

Hi Domingo,

I've got the email. Seems it is origially routered to an incorrect folder
which made me miss it. I'll perform some test on it and let you know my
results.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msdnmg@xxxxxxxxxxxxxx

==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.


--------------------
From: =?Utf-8?B?d29taW4=?= <vt_supervisor@xxxxxxxxxxxxxxxxxxxxxxxxx>
References: <800CF03C-C49C-4E08-B27F-681FEBC8F60D@xxxxxxxxxxxxx>
<p3vBGF1fIHA.4200@xxxxxxxxxxxxxxxxxxxxxx>
<975D4CC3-0401-4DB3-A064-C4D3E5D2C9DA@xxxxxxxxxxxxx>
<I5VjYqkgIHA.4672@xxxxxxxxxxxxxxxxxxxxxx>
Subject: RE: Problems with security requirements in Windows WorkGroups.
Date: Wed, 12 Mar 2008 02:40:00 -0700


Hi again, Steven.

I have sent you an email some days ago with the example code to the
address
you wrote me below. Did you receive it? If not, please let me know to try
to
send it again.

Thank you very much, sincerally,

Domingo.

--
Domingo López.
Software Engineer & Project Manager.
Visual Tools.



""Steven Cheng"" wrote:

Thanks for your reply Domingo,

You can reach me through the following email:

"stcheng" + "@" + "microsoft.com"

Best regards,

Steven Cheng
Microsoft MSDN Online Support Lead

Delighting our customers is our #1 priority. We welcome your comments
and
suggestions about how we

can improve the support we provide to you. Please feel free to let my
manager know what you think of

the level of service provided. You can send feedback directly to my
manager
at: msdnmg@xxxxxxxxxxxxxx

This posting is provided "AS IS" with no warranties, and confers no
rights.
--------------------
From: =?Utf-8?B?d29taW4=?= <vt_supervisor@xxxxxxxxxxxxxxxxxxxxxxxxx>
References: <800CF03C-C49C-4E08-B27F-681FEBC8F60D@xxxxxxxxxxxxx>
<p3vBGF1fIHA.4200@xxxxxxxxxxxxxxxxxxxxxx>
Subject: RE: Problems with security requirements in Windows WorkGroups.
Date: Thu, 6 Mar 2008 08:57:02 -0800


Hello Steven, first of all, thank you for your quick answer.

Yes, of course I have a security error as you can read in the error
message
I obtain:

"A remote side security requirement was not fulfilled during
authentication.
Try increase the ProtectionLevel and/or ImpersonationLevel".

(No Inner Exception is thrown)

I can give you some code generated for the error purpose. It consists
in a
small chat application between a client (ChatClient) and a server
(ChatServer). By the way, how should I send you the code? I can not
find a
way in my web news interface... :(

I am executing the example in two machines with Windows XP, the same
users
and passwords in both machines and belonging to a WorkGroup.

When I try to use the TCP channel I get the error (with NO inner
exception
messages) I have written above.

Thanks again and regards,

Domingo.
--
Domingo L�³pez.
Software Engineer & Project Manager.
Visual Tools.



""Steven Cheng"" wrote:

Hi Domingo,

From your description, I got that you're encountering some security
error
when using .net remoting to communicate between client , server
application, correct?

Based on my experience, this general error message could be caused
by
many
things such as user identity not supplied, or the client and server
channel's security setting not match.....

As for the error, what's the innerException, generally the inner
exception
may provide some further information. Also, for non-domain machines
that
need to communicate under windows authentication, you need to use a
duplicated account(with same username/password) on both sides. If
convenient, you can try creating a simplified client/server project
pair(with a very simple remoting class) to demonstrate the problem.
And
you
can send me the package so that I can also perform some tests on my
side.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead



==================================================

Get notification to my posts through email? Please refer to


http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#noti
f
ications.



Note: The MSDN Managed Newsgroup support offering is for non-urgent
issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each
follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to
reach
the
most efficient resolution. The offering is not appropriate for
situations
that require urgent, real-time or phone-based interactions or
complex
project analysis and dump analysis issues. Issues of this nature are
best
handled working with a dedicated Microsoft Support Engineer by
contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.

==================================================


This posting is provided "AS IS" with no warranties, and confers no
rights.


--------------------
From: =?Utf-8?B?d29taW4=?= <vt_supervisor@xxxxxxxxxxxxxxxxxxxxxxxxx>
Subject: Problems with security requirements in Windows WorkGroups.
Date: Wed, 5 Mar 2008 07:21:03 -0800

Hello everybody,

I have a .NET C# client-server application that is being used in
two
machines with Windows XP installed. Both the client and the server
are
executed into users of a Work Group.

I am using .NET Remoting to connect the client and the server with
a
TCP
channel. The registration of the channel is made by using the
following
code:

"ChannelServices.RegisterChannel(channel, true);"

Where "channel" is a TCP channel. The ensureSecurity option is set
to
"true"
in order to ensure the channel encryption.

Both the client and sever must send objects to each other (usually
using a
proxy).

The problem is, although this environment works well in most of the
cases,
I
have an example where I obtain the following error text when the
server
tries
to access the client proxy (the error is displayed in the client):

"A remote side security requirement was not fulfilled during
authentication.
Try increase the ProtectionLevel and/or ImpersonationLevel".

It is important to remark that the (.NET Remoting) proxies have
right
permissions when accessing the server from the client.

After that, I have proved making the following change to the TCP
channel:

"ChannelServices.RegisterChannel(channel, false);"

That is, setting "false" the ensureSecurity option. So this means
(as
the
Microsoft documentation says) that the channel will be encrypted
only
in
case
it is possible. So in this case the error is resolved because
although
the
server does not have the proper client credentials, the channel
will
not
be
encrypted.

Finally, my question: I mandatory need to ensure the encryption of
the
channel, and I need to know which could be the problem with the
impersonation
and credentials in the wrong example. Is it machine configuration
dependant?
Which is the reason for having two environment apparently identical
(Windows
XP, WorkGroup, same users) but with different behavors?

Could you please give me some help about my problem?

Thanks a lot in advance.

Regards,

Domingo.

--
Domingo LÃ?Æ?Ã?³pez.
Software Engineer & Project Manager.
Visual Tools.











.

Relevant Pages

  • RE: Problems with security requirements in Windows WorkGroups.
    ... I will wait until you test a non-domain environment (remember I ... Microsoft MSDN Online Support Lead ... You can send feedback directly to my manager at: ... Problems with security requirements in Windows WorkGroups. ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Where get list of RUN commands?
    ... RUN COMMANDS: ... MIGWIZ.EXE - File and Settings Transfer Wizard ... MSMSGS.EXE - Windows Messenger ... CMSTP.EXE - Connection Manager Profile Installer ...
    (microsoft.public.windowsxp.help_and_support)
  • RE: Start > Run Commands
    ... These are GUI applications that can be opened from the run line. ... MIGWIZ.EXE - File and Settings Transfer Wizard ... MSMSGS.EXE - Windows Messenger ... CMSTP.EXE - Connection Manager Profile Installer ...
    (microsoft.public.windowsxp.general)
  • Re: DNS CORRUPT AND ALL SYSTEMS DOWN
    ... > DHCP Server ... > Remote Access Connection Manager ... > Windows Internet Name Service ...
    (microsoft.public.windows.server.dns)
  • Re: Physical Memory
    ... Thanks for your help, John. ... As for the services just use the Windows Services Management Console to ... Remote Access Connection Manager ... gig Pentium 4 processor and apparently a half gig of available memory, ...
    (microsoft.public.windowsxp.general)