LDAPS settings in C# - c#

How to add LDAPS settings to LDAP string?
Currently my LDAP settings is LDAP://OU=Specific Users,OU=All Users,OU=Users,DC=example,DC=com.
I pass the above one in the directory entry one.
But I need to change it to LDAPS Setting. How can I change it ?

Related

Read/Write Application Settings in C#.NET project

I need to save informations (db password) permanently in my project via an .aspx file. I found the Application Settings to store the password but other users can not access my values.
For example:
Setting db_password has the value oldPassword
Administrator (User A) changes the database password to newPassword. It is stored into the Applicatoin settings via: Properties.Settings.Default["db_password"] = tb_testSettingPassword.Text;
Saving: Properties.Settings.Default.Save();
Administrator (User A) see the changed value: lt_testSettingPassword.Text = System.Convert.ToString(Properties.Settings.Default["db_password"]);
User B (no administrator) accesses the page and want to get informations from the database. He needs to connect via the password that user A has saved but I still gets the value oldPassword.
How can I store the value for all users?
Settings stored with Properties.Settings.Default are stored in the current users own application data folder (%USERPROFILE%\AppData under Vista and above).
If you want to have a config file easily accessible to all users you should store it at System.Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData).
That line will give you the path to the common AppData folder (C:\ProgramDAta under Win7), where all users will have read and write access.
In there you should create a folder for your application and then create your config file in that folder.
If you need help creating folders and files there are multiple questions and answers on SO that should help you out.

IP address from settings is altered during start of the application

I have following problem:
In my application, I have config file, which I use to alter settings needed for standalone installations of the application.
In the settings, there is variable "OffLineServerAddress", which is set to "169.254.2.2"
The application only uses this variable, it is NOT changed anywhere in the program.
The user says (and log file confirms it), that the address, which he uses, is different. It corresponds with address of his virtual box.
Default addres in app.config file is "127.0.0.1"
Apparently, the program uses ip addres of virtual box instead of address from the config file.
I can not think about any way, that this is possible and unfortunatelly I can not post here reproducible code.
I can confirm, that config file of the user has the correct ip address and that the value of the variable is not changed programmatically by the program.
Does anyone know about some way, in which this behavior could happen?
thanks
Got the solution - problem was in saving of default settings.

Not able to persist new changes in appsetting section in app.config WPF?

Below is the code i am using to update or change the values in appsetting in app.config
Configuration config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
config.AppSettings.Settings["userName"].Value = username;
config.AppSettings.Settings["pwd"].Value = pwd;
config.Save(ConfigurationSaveMode.Modified, true);
ConfigurationManager.RefreshSection("appSettings");
i am using above code to change or update the settings in appsetting section at runtime and want the changes to persist so that when i run the application it should pick the new values from appsettings but here it doesn't happen so the changes made and saved at run time do not persist when i relaunch my application again it has the old default settings. Also i checked app.config in bin/debug but it too had the old values in appsettings. i refered various blogs and post here too as a reference but it got the same code as above but it did not persist the settings.have referred this post
I had the same problem while ago. I would have preferred to put this in a comment but I don't have that privilege. My answer might not be your case but I think is worth to be shared.
May I ask you where your bin folder is located? Windows 7 when you programmatically alter a file that isn't in a user accessible space creates a copy of that file in a Roaming space and there the file will stay. Every time you try to access the file (like your app.config) W7 transparently redirect your readings/writings to this file, so there's a chance that you are modifying the file in the roaming space, leaving the one you are lookin unaltered.
Are the changes you are making still there the successive time you start the application?
Disclaimer/Apology: I'm not an experienced user so if I am saying silly things let me know and I will remove this comment.
See below(from MSDN) and remember app.config is in your project. .exe.config is the actual file name.
Client applications use a global configuration that applies to all users, separate configurations that apply to individual users, and configurations that apply to roaming users. The userLevel parameter determines the location of the configuration file being opened by indicating whether it has no user level (the configuration file is in the same directory as the application) or has a per-user level (the configuration file is in an application settings path determined by the user level).
Specify which configuration to get by passing one of the following values for userLevel:
To get the Configuration object that applies to all users, set userLevel to None.
To get the local Configuration object that applies to the current user, set userLevel to PerUserRoamingAndLocal.
To get the roaming Configuration object that applies to the current user, set userLevel to PerUserRoaming.
NoteNote
To get the Configuration object for a resource, your code must have read permissions on all the configuration files from which it inherits settings. To update a configuration file, your code must additionally have write permissions for both the configuration file and the directory in which it exists.
i got my solution of above problem, my goal was to persist changes done at run time at application or user level. Initially i tried using App.config where i kept default settings for application in appsettings section of app.config, but later after research i got to refer i got to know appsetting does not persist the changes, instead you can use userSettings section where under YourApplication.Property.Settings you can give your userlevel settings and it worked for me. To do this you do not need to go to App.config to do it manually, rather you can do it from the property window of project.
Right Click on your project -> Select Settings Tab on the left-> Now on the right hand side you will see the Resource section , give the ResourceName, Type, Scope and its value and you are done. The same value can be access and change dynamically from Code as well.
Below are Code Excerpt for the same --
Accessing Settings Value
enter code here
userName = Properties.Settings.Default.UserName;
pwd = Properties.Settings.Default.PWD;
Saving New Settings Back
enter code here
Properties.Settings.Default.UserName = userName.ToString();
Properties.Settings.Default.PWD = newPWD..ToString();
Properties.Settings.Default.Save();
And when you will launch your application next time you will get the new changed settings as your default settings.
I hope that helps
Thanks Guys
VJ

LDAP vs. ADSI in manipulation of Active Directory Users

I have been requested to expose a web service for managing Active Directory Users via an intranet. I have been advised that LDAP is viewed as a security vulnerability and is not to be used.
Given this constraint, I have managed to connect via ADSI with a DirectoryEntry object like this:
DirectoryEntry de = new DirectoryEntry();
de.Path = "WinNT://TheDomain.local";
de.Username = "NTUser1";
de.Password = "pwdpwdpwd2";
I can loop through the children of this DirectoryEntry get the ones that are users. On the Users, I can see these basic properties: UserFlags, MaxStorage, PasswordAge, PasswordExpired, LoginHours, FullName, Description, BadPasswordAttempts, LastLogin, HomeDirectory, LoginScript, Profile, HomeDirDrive, Parameters, PrimaryGroupID, Name, MinPasswordLength, MaxPasswordAge, MinPasswordAge, PasswordHistoryLength, AutoUnlockInterval, LockoutObservationInterval, MaxBadPasswordsAllowed, objectSid.
There are a number of User properties that are visible in the Active Directory MMC that are not accessible from the DirectoryEntry object including: LastName, NameSuffix, Department, etc...
These other properties are all documented in msdn as being exposed by IADsUser (http://msdn.microsoft.com/en-us/library/aa746340%28VS.85%29.aspx).
1) Is LDAP actually a vulnerable protocol? More so than the ADSI (WinNT) connection shown above? LDAP seems to be pretty common for this purpose.
2) How can I retrieve/set these other properties of the User?
TIA
1- LDAP packet transmission is performed as plaintext, so somebody can capture your data.
If you use LDAPS protocol or TLS-enable your LDAP connection, it is safe. ADSI is just an implementation of LDAP client by Microsoft, and it supports both LDAP and LDAPS connections.
When you use ADSI against your corporate Active Directory, it primarily tries to start a LDAPS connection.
So you are safe of you use ADSI; or you can use any other client or programming library as well if you use secure connection. the default port for LDAPS is 636.
2- To get more information about directory objects, you can use the GetInfoEx method, it loads exactly the attributes you want. Below you can see an example:
http://msdn.microsoft.com/en-us/library/aa746411%28v=vs.85%29.aspx
But some of the properties that you look for, are stored in the Active Directory by attribute names different from the MMC console. e.g. First name is stored as 'givenName' and Last name is stored as 'sn'. Look here to find names of attributes you need;
You can find more information here.
http://www.techgalaxy.net/Docs/Dev/Using_ADSI_and_LDAP_with_AD.htm explains the difference between LDAP and ADSI: http://technet.microsoft.com/en-us/library/cc755809(v=ws.10).aspx includes illustrations.
In short, ADSI is a simplified wrapper around LDAP. If there's any insecurity to it, it's in the binding, which here appears to be SIMPLE (unencrypted plaintext username and password). If you bind the LDAP connection using any other method (or over an SSL connection), it should be secure.

Why are application settings read-only in app.config?

I have some settings in my app.config which I intend to be 'global' - ie. any user can change them, and all users get the same setting.
But unless I change them to be user settings, they are read only.
Why is this?
And how should I go about persisting my app's global settings?
Edit:
This is actually a windows service application which runs as a service as LocalSystem. It can also be run manually by a local admin with argument "/config", which launches a windows form to edit configuration values.
So it will have write access to %PROGRAMFILES% in both situations.
The way I am accessing my settings is thusly:
Settings.Default.MySetting = MyNewValue;
And when MySetting is set to Application (in my project properties, Settings.settings), I get a compile-time error "MySetting is read only".
I am new to this stuff, and have not yet found a very good explanation of how it is supposed to be done. For example, why do I need to say 'Default', and what does that actually mean? I have no idea. If anyone can point me to an app.config usage tutorial, that would be really helpful.
The real complete answer:
The app.config settings are read-only because there are 2 types of settings:
Application Settings
User Settings
The first won't change unless the application publisher publishes a new version of it. The second is not stored in the app.config, but in a user.config file. In the abscence of this user.config file the app.config provides the default value.
If MySetting is a User Setting:
Settings.Default.MySetting = MyNewValue;
Settings.Default.Save();
It will create a user.config file at [User Local Settings Application Data]\[company name]\[application].exe[hash string]\[version] with the new settings, and those settings will prevail over the settings in the app.config file.
Why: Application settings are intended to be stored in the Application folder under Program Files where the user does not have write privileges.
How: There is no default support for "All Users" but you should be able to setup your own custom config file in a public folder or use a Database.
Simply put: There's no location on a machine that everyone can change, unless you give privileges to do so.
There are several ways to deal with this kind of situation:
You can create a configuration file / some registry settings, put this in the "all users" profile and grant "Everyone" the rights to change that specific file. During installation you can automate the procedure for granting the appropiate privileges and your program can handle the rest.
You can leverage UAC to make sure the current user has the appropiate privileges to change a system-wide setting. This is the recommended approach but also means that not everyone can change specific settings.
You can use a shared database and store your settings in there.
???
I would not recommend to change items in the program files directory or changing the default privileges overthere.
EDIT: As local system you have indeed write privileges to the program files directory. If you get the "Read only" error, it means the settings itself are read only. You'll need to use the configuration manager to be able to change the settings in configuration files.
Hope this helps.
One reason is that the app.config file is in your app's folder under the Program Files directory, and everything in Program Files is read only for standard users by default.
Another is that app.config settings apply system wide. If one user makes a change it will impact other users. Normal users are not supposed to be able to make that kind of change. Anything that can impact multiple users should only be set by a system administrator. Per-user settings belong in each user's Application Data folder.
Not quite sure what you mean here.
Do you mean you allowed users to alter app.config from the UI and the changes are not persisted?
did you call
ConfigurationManager.RefreshSection("appSettings");
and
Configuration.Save();
Configuration Settings are cached in the memory when you starts the application. you can deal with the app.config file as xml to change the values.
I'm using this code (a static method) to change the default settings:
public static bool SetGlobalSetting(string settingName, string settingValue)
{
try
{
XmlDocument xml = new XmlDocument();
xml.Load(AppDomain.CurrentDomain.SetupInformation.ConfigurationFile);
XmlNode xmlNode = xml.DocumentElement.SelectSingleNode("descendant::setting[#name='" + settingName + "']");
xmlNode.SelectSingleNode("value").InnerText = settingValue;
xml.Save(AppDomain.CurrentDomain.SetupInformation.ConfigurationFile);
Settings s = new Settings();
s.Reload();
return true;
} catch (Exception e)
{
// process the exception as you need
}
return false;
}
}

Categories