Re: Remoting
From: Joe Kaplan \(MVP - ADSI\) (joseph.e.kaplan_at_removethis.accenture.com)
Date: 01/07/04
- Next message: Ignacio Lopez: "CCertAdmin IsValidCertificate"
- Previous message: Michel Gallant: "Re: CSP key container access"
- In reply to: Hernan de Lahitte: "Re: Remoting"
- Next in thread: Jerry: "Re: Remoting"
- Reply: Jerry: "Re: Remoting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 7 Jan 2004 09:24:42 -0600
It sounds like the problem is that he needs a way to get machine in a
different domain to trust his current credentials. I don't think that will
work unless there is a trust between the domains or he can create some means
of authentication to provide appropriate credentials to the remote server.
I also don't think the .NET remoting strategy discussed earlier will work.
You need software on the remote machine that the remoting client can talk to
and it sounds like you don't want to install some sort of remoting server on
every target machine. However, something like that may be required if you
need to find a way to authenticate with the remote machine.
Just out of curiosity, how would you have credentials available to
authenticate with machines in different domains? Will you store valid
usernames and passwords somewhere?
Joe K.
"Hernan de Lahitte" <hernan@lagash.com> wrote in message
news:%230ekRDS1DHA.1660@TK2MSFTNGP09.phx.gbl...
> If you are running an ASP.NET application, you set impersonate=true with
> Windows authentication in the web.config file. If you are running a
WinForm
> application or Win32 service, when you set:
>
AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal)
>
> the process and thread account will be the interactive or logged on user
> account or your configured Win32 service account, so when you use the
Event
> logging API, it will be running under your process account, that is, the
> accounts named above.
>
>
>
> --
> Eng. Hernan de Lahitte - MSDE
> Lagash Systems S.A. - Buenos Aires, Argentina
> http://www.lagash.com
>
>
>
>
> "Jerry" <JerryOfBorg@yahoo.com> wrote in message
> news:eHtm4$N1DHA.2888@tk2msftngp13.phx.gbl...
> > <<if you impersonate a domain account>>
> >
> > How is this done across domains?
> >
> > "Hernan de Lahitte" <hernan@lagash.com> wrote in message
> > news:uMJND2H1DHA.1924@TK2MSFTNGP10.phx.gbl...
> > > I don't know if I'm missing something but this sounds like an
> operational
> > > managment task. I think there are tools for this kind of job like MOM
> > > applications (http://www.netiq.com/) or
(http://www.microsoft.com/mom/)
> or
> > > some WMI solution like EIF
> > > (http://msdn.microsoft.com/vstudio/productinfo/enterprise/eif/ see
> > > implementation in
> > >
> >
>
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag/html/logging-ch01.asp).
> > >
> > > However, if you want to go and do your own work, the advise I gave you
> > > should work if you impersonate a domain account (so your worker
proccess
> > > will be running under this account) that is authorized to read the
> remote
> > > event log.
> > >
> > >
> > > --
> > > Eng. Hernan de Lahitte - MSDE
> > > Lagash Systems S.A. - Buenos Aires, Argentina
> > > http://www.lagash.com
> > >
> > >
> > >
> > > "Jerry" <JerryOfBorg@yahoo.com> wrote in message
> > > news:OtwOHkH1DHA.208@TK2MSFTNGP12.phx.gbl...
> > > > Hernan,
> > > >
> > > > Thank you very much for your reply. I only know that I have been
able
> > to
> > > > use the eventlog object on a local machine. I am trying to
determine
> > how
> > > to
> > > > use it when I have only an IP address of a remote server (domain)
with
> > > > clients attached. So, the best way is to be logged into a session
with
> a
> > > > username authorized to use the remote system and let windows handle
> the
> > > > security? Fine. However, does this work if you are doing this
across
> > > > domains? The purpose of this is to create an application which will
> > store
> > > > eventlog entries from our clients computers. This may actually be
> > > hundreds
> > > > of computers on a dozen different servers and domains. Of course I
am
> > > trying
> > > > to do it in the most secure manner possible.
> > > >
> > > > Regards
> > > >
> > > > "Hernan de Lahitte" <hernan@lagash.com> wrote in message
> > > > news:OnY4YgG1DHA.1924@TK2MSFTNGP10.phx.gbl...
> > > > > Jerry,
> > > > >
> > > > > I don't know why you want to use remoting for this task, but you
can
> > use
> > > > the
> > > > > System.Diagnostics.EventLog constructor overload with the
> MachineName
> > of
> > > > the
> > > > > remote server. Remember that you will be accessing this machine
with
> > the
> > > > > identity of the worker process of you client application.
> > > > >
> > > > > --
> > > > > Eng. Hernan de Lahitte - MSDE
> > > > > Lagash Systems S.A. - Buenos Aires, Argentina
> > > > > http://www.lagash.com
> > > > >
> > > > >
> > > > >
> > > > > "Jerry" <JerryOfBorg@yahoo.com> wrote in message
> > > > > news:ujmNKyF1DHA.1752@tk2msftngp13.phx.gbl...
> > > > > > Hello,
> > > > > > I wish to create a VB.NET program using the eventlog object and
> > > reading
> > > > > the
> > > > > > eventlog of a server on another domain for errors.
> > > > > > I don't have the security pieces together and need some advice.
> > Does
> > > > > anyone
> > > > > > have an example of defining a remoting command for this purpose
> and
> > > what
> > > > > is
> > > > > > the best practice with regard to username and password.
> > > > > > Also would it be better to log in once every 30 minutes or stay
> > logged
> > > > in
> > > > > > all the time?
> > > > > > Regards
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>
- Next message: Ignacio Lopez: "CCertAdmin IsValidCertificate"
- Previous message: Michel Gallant: "Re: CSP key container access"
- In reply to: Hernan de Lahitte: "Re: Remoting"
- Next in thread: Jerry: "Re: Remoting"
- Reply: Jerry: "Re: Remoting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
