Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
Can i restrict usage of an service user account to particular application by using any programming language? Means i created one service account with Domain administrator privilege to have a semantic backup or something, now how can i restrict users not use that service account for any other jobs/works. If any one uses that service account credential set i would like to have email intimation through any programming language.
You can be alerted when a logon-related event is recorded by attaching a "Send E-Mail" task to the event log of the DC. This way, when the server sees an authentication event coming in, it will e-mail you.
This page explains how to accomplish this step-by-step.
I'm not aware of any means of binding an account like you describe, but the easiest solution would be to prep some scheduled tasks running on that specific account, then keeping the credentials undisclosed to other people.
Related
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 1 year ago.
Improve this question
I'm facing a problem developing the app for the client that uses a SQL Server with Windows authentication only, so the situation is that there is a number of Windows accounts in Active Directory that can access the database and some application are using those accounts.
My problem is I have to develop a C# application that has to get any modification in specific table with a SqlTableDependency the only way to access the database is by using an administrator account; is there a way to define any of the defined accounts to connect using Windows authentication for users to execute the app developed?
And many thanks.
You make this assertion about SqlTableDependency:
The only way to access the database is by using Administrator account
But that is not correct. ANY account can do this, no matter what kind of authentication it uses, if the required security permissions are granted. You will need to find out the exact permissions this item uses and communicate with your client about granting those permissions to their users.
At this point there's a good chance your client will get uncomfortable... they may not have realized what they were asking for! But that's okay. Now you can have a real conversation about what their needs are. Perhaps they need a special (sql-auth-based) service account for this. Or perhaps they want to change the architecture so this runs as a background task on the server. It doesn't matter: the important part is you and the client are now making better-informed decisions about the application.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 4 years ago.
Improve this question
I have created a windows service that checks a new release of an application. And if there is a new release then it will show an alert or message to the user saying that "A new release is available. Do you want to install it?".
My service is ready but I am not able to show this message to the user from Windows Service.
TL;DR: you cannot.
Longer version: a few years ago the use of highly privileged processes (services showing UI) opened up vulnerabilities where user processes could be elevated to gain those higher privileges. Therefore the capability was blocked.
Instead you need a completely separate user process to provide the UI and some form of inter-process communication (like a named pipe with a carefully chosen ACL) to connect to the service. This also allows you to handle the case where no one (via make the connection work across the network) or multiple users are logged in (and none on the console).
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
How can i start an app when user logs on first time on a machine? I need to write an app which assists the user for example configuring other software, printer etc. What i need to ensure is, that this app starts when a user first logs into this machine.
How can I achieve this?
(If it helps, I only need to support Windows 10.)
Make an auxiliar process that starts your app when the computer starts. You can refer this one...
How to run a C# application at Windows startup?
then make a value at your db, for example firstLogin and changed to 0 for this user when your app is running.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I have a winform application that runs as the pc logged in userA. I want to add a login button that lets a pc userB login to the application while userA is still logged into the PC. The application will then run as UserB. How can this be done ? All i need here is the technical term or an example of this done.
The following article contains example C# source code and a description of how to achieve this:
http://www.codeproject.com/Articles/4051/Windows-Impersonation-using-C
Briefly summarizing, you need to use the native function LogonUser in the advapi32.dll library via P/Invoke. This stores a token handle in a provided IntPtr variable, which can then be used via the DuplicateToken native function and the SetThreadToken function (also in advapi32.dll) to make the current thread impersonate the requested user. The RevertToSelf function can be used to return to the original user.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
In my system, I have to send sms to users whose accounts are expired on the day of expiration. So I'm thinking of a solution to check all accounts everyday regardless of other functionality of the server so I was guessing a service should do the job? I'm looking for the best practice.
If you have a task that you want to run once a day, a service is not necessary. You can simply use the Task Scheduler to schedule a task thats run your C# program at the same time each day.
That way you don't have to do the extra work of writing a service, and you don't have a process running all the time that just sits there waiting all day.
you can use a service that send sms and call that when accounts is expired on the day of expiration