El TecnoBaúl de Kiquenet

Kiquenet boring stories

Archive for 19 mayo 2014

“Consistency validation for SQL Server registry keys” failed. – SQL Server installation Error

Posted by kiquenet en 19 mayo 2014

The error:

Rule “Consistency validation for SQL Server registry keys” failed. The SQL Server registry keys from a prior installation cannot be modified. To continue, see SQL Server Setup documentation about how to fix registry keys.

The issue occur when the installer unable to update the registry entries due to lack of permission. Please follow the below steps to resolved the issue.

1. Go to RUN –> Type regedit.

2. Locate HKEY_LOCAL_MACHINE -> SOFTWARE -> MICROSOFT -> Microsoft SQL Server in the registry

3. Right click and select Permissions…

4. Click on Advanced

5. Under Permission TAB, select “Replace permission entries on all child objects with entries shown here that apply to child objects”.

6. Click OK.

7. Now Re-run the SQL Server installer.

References:
http://sqlserverteacher.blogspot.com.es/2014/01/consistency-validation-for-sql-server.html

http://connect.microsoft.com/SQLServer/feedback/details/668112/rule-consistency-validation-for-sql-server-registry-keys-failed

Posted in Errores, SQLServer | Etiquetado: | Leave a Comment »

Failed to decrypt using provider ‘RsaProtectedConfigurationProvider’

Posted by kiquenet en 19 mayo 2014

The error using ConfigurationManager and RsaProtectedConfigurationProvider section:

System.Configuration.ConfigurationErrorsException: Failed to decrypt using provider ‘RsaProtectedConfigurationProvider’. Error message from the provider: The RSA key container could not be opened.

The app.config file will have been encrypted using a certificate on your local machine. This certificate will not be present on the other machine. You will therefore not be able to decrypt the app.config file.

For this to work, you need to export the encryption key on your machine, then import it on the other machine. The following article demonstrates how to do that: Walkthrough: Creating and Exporting an RSA Key Container

This is the location where all of the keys are being put:

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys

Solution

Using this command **aspnet_regiis -pa**

Open cmd Console -execute as Administrator-

    C:\Windows\system32>aspnet_regiis -pa "NetFrameworkConfigurationKey" "myDomain\myUser"
    Microsoft (R) ASP.NET RegIIS versión 4.0.30319.33440
    Utilidad de administración que instala y desinstala ASP.NET en el equipo local.
    Copyright (C) Microsoft Corporation. Todos los derechos reservados.
    Agregando ACL para el acceso al contenedor de claves RSA…
    Con éxito

Referencias:
http://stackoverflow.com/questions/16124389/failed-to-decrypt-using-provider-rsaprotectedconfigurationprovider/16126458#16126458

http://stackoverflow.com/a/8000407/206730

http://social.msdn.microsoft.com/Forums/vstudio/en-US/88b15d6b-9baa-4f4d-8942-137185bfdf56/bug-with-encrypting-configuration-file-using-rsaprotectedconfigurationprovider?forum=netfxbcl

More references:

http://stackoverflow.com/questions/7998666/asp-net-encryption-aspnet-regiis-farm

http://stackoverflow.com/a/16126458/206730
 http://connect.microsoft.com/VisualStudio/feedback/details/511835/the-rsaprotectedconfigurationprovider-sometimes-fails-when-encrypting-an-application-configuration-file

http://ryaremchuk.blogspot.com.es/2012/11/encrypting-and-decrypting-webconfig.html

Posted in .NET, Configuracion, Errores, Soporte | Etiquetado: , | Leave a Comment »

Visual Studio 2013–Install Error

Posted by kiquenet en 19 mayo 2014

During installation I am getting an error

“Microsoft visual studio 2013 VsGraphic Helper Dependencies RC Incorrect Function”

Solution:

Windows 8.1

ISO VS 2013 ultimate

I try copy contents in local, and I get the same error.

solution:

– verify checksum of ISO. Get file again, copy to local.

– Uninstall the failed version of 2013 from control panel -> Uninstall programs

– Restart the computer

– Clean %temp%

– Mount ISO, execute as Administrator setup.exe

– Re-run the setup again.

References:
http://stackoverflow.com/questions/19116570/microsoft-visual-studio-2013-installation-failing

http://social.msdn.microsoft.com/Forums/en-US/fe3d5411-b601-425e-bf44-8cf5cd00f7af/visual-studio-2013-setup-failed-when-installing-on-windows-81-preview?forum=vssetup

Posted in Soporte, VisualStudio | Etiquetado: , , | Leave a Comment »

Create Private Accessors for Visual Studio 2012

Posted by kiquenet en 19 mayo 2014

Con Visual Studio 2012 desaparece la creación desde IDE de los Private Accessors.

Posibles soluciones: crear los Private Accessors con la clase Microsoft.VisualStudio.TestTools.UnitTesting.PrivateObject o usar el comando publicize.exe.

Open a command prompt, or a “VS2013 x86 Native Tools Command Prompt” to have the search path already set up, and run publicize.

In case you do not have the path set up correctly, the tool can be found at
%Program Files (x86)%\Microsoft Visual Studio 11.0\Common7\IDE for Visual Studio 2012 or %Program Files (x86)%\Microsoft Visual Studio 12.0\Common7\IDE for VS 2013.

publicize.exe [options] input-assembly

publicize.exe creates classes named NameOfTheSourceClass_Accessor. In case the class to be tested is called MyClass, the accessor is named MyClass_Accessor.

Starting with Visual Studio 2012, private accessors cannot be created any more by the IDE. The post Home-made Private Accessor for Visual Studio 2012+ presents an approach on how to create private accessors using the classMicrosoft.VisualStudio.TestTools.UnitTesting.PrivateObject.

Axel Mayer noted in the MSDN forums post How to create private accessors in VS 2012 that one can use the command line tool publicize.exe to create private accessors too.

Referencias:
http://blog.instance-factory.com/?p=1036
http://blog.instance-factory.com/?p=810

http://stackoverflow.com/questions/17850406/replacements-for-private-accessors-in-visual-studio-2012

Home-made Private Accessor for Visual Studio 2012+

How to create private accessors in VS 2012

publicize.exe documentation

Posted in .NET, VisualStudio | Etiquetado: , | Leave a Comment »

The Perils and Pitfalls of Launching a Process Under New Credentials by Asprosys

Posted by kiquenet en 9 mayo 2014

This isn’t a common need but it also isn’t that rare, so I thought I had better post this step by step guide to troubleshooting the launching of a process under impersonated credentials. This is based on using the Start method of the .Net Process class but it is also applicable to the underlying API calls: CreateProcessWithLogonW and CreateProcessWithTokenW.

Access Denied – The first attempt and an access denied exception right off the bat. This is the most common initial problem and is caused by the fact that the service is running under the LOCAL SYSTEM account. Strangely, the SYSTEM account is the most powerful account on the computer but one of the few things it cannot do is launch a process using CreateProcessWithLogonW which is the API underlying the call to Process.Start. So change your service account to Local Service, it’s probably the more appropriate account anyway.

Access Denied Again – Aargh, I thought we solved this. Oops, double check the permissions on the application that you are trying to launch. Remember that the system tries to access the application file as the user account that the process will be running under, not the service account.

Invalid Directory Error – What? All the paths are correct. All the directories are spelled correctly, no invalid characters. This is an incredibly annoying error and is not very consistent. Usually when we run a process we don’t bother setting the WorkingDirectory property and just accept the default from the parent process. When starting a process with new credentials you can’t do that, you must explicitly set a path for the WorkingDirectory or you’ll get a "The directory name is invalid." Win32Exception.

Failure: No Error? – Process.Start handles the creation of the Environment block for the new process for you quite well. So this is a problem only if you are using the underlying API. When calling one of the CreateProcess* APIs it is normal to leave the lpEnvironment parameter as NULL and have the system use the default of copying the block from the parent process. But when launching under new credentials you must create an environment block explicitly, either manually or using CreateEnvironmentBlock. What makes this worse is, if you leave this out the CreateProcess* call will fail but GetLastError will return ERROR_SUCCESS and if you make an error creating your environment block there will be no error but the process may just not run at all.

Application Failed to Initialize Properly – No more exceptions, you’ve solved all the problems and the process has been launched. Oops again, where is the process? Check the event log (or you may have received an Application Error pop-up). There should be an entry for Application Error that says that your process was the faulting application, either user32.dll or kernel32.dll was the faulting module and the exception was: 0xC0000142. There may be some minor variation in this but basically it is saying that your application could not initialize. The reason for this is that on initialization, before any application code is run, all processes are attached to a Window Station and all threads are attached to a Desktop but the user you are launching under does not have permission to access the Window Station and Desktop in which your process is being launched, ergo it can’t initialize. The security descriptors for the Window Station and Desktop must be adjusted to give AllAccess permission to the user the process is being launched under. This is a devil to do directly in .Net, so you might find the security wrapper classes here useful.

No More Errors – Really, no more errors, your process should be running smoothly now. There may be some variations in what you need to do based on who the user is (for instance an administrator will already have the correct permissions in some cases) or what kind of session you are launching in. But following these steps should make your life smooth and easy (well maybe not your whole life).

Solution:

I had to add a reference to AsproLock.dll and associated code in order to permit the user account to have access to the running resource.

            //The following security adjustments are necessary to give the new 
            //process sufficient permission to run in the service's window station
            //and desktop. This uses classes from the AsproLock library also from 
            //Asprosys.
            IntPtr hWinSta = NativeMethods.GetProcessWindowStation();
            WindowStationSecurity ws = new WindowStationSecurity(hWinSta,
              System.Security.AccessControl.AccessControlSections.Access);
            ws.AddAccessRule(new WindowStationAccessRule(userPassDto.Usuario,
                WindowStationRights.AllAccess, System.Security.AccessControl.AccessControlType.Allow));
            ws.AcceptChanges();

            IntPtr hDesk = NativeMethods.GetThreadDesktop(NativeMethods.GetCurrentThreadId());
            DesktopSecurity ds = new DesktopSecurity(hDesk,
                System.Security.AccessControl.AccessControlSections.Access);
            ds.AddAccessRule(new DesktopAccessRule(userPassDto.Usuario,
                DesktopRights.AllAccess, System.Security.AccessControl.AccessControlType.Allow));
            ds.AcceptChanges();

[DllImport("user32.dll", SetLastError = true)]
public static extern IntPtr GetProcessWindowStation();

[DllImport("user32.dll", SetLastError = true)]
public static extern IntPtr GetThreadDesktop(int dwThreadId);

[DllImport("kernel32.dll", SetLastError = true)]
public static extern int GetCurrentThreadId();


References

http://asprosys.blogspot.com.es/2009/03/perils-and-pitfalls-of-launching.html

http://stackoverflow.com/questions/17488220/wcf-service-process-start-under-network-service-account-impersonating-as-a-diffe

Aspro Lock – Access Control

Code Samples

Creating New Process Under Alternate Credentials (createprocessasuser)

processstart-hangs

Posted in .NET, Security | Etiquetado: , , , | Leave a Comment »