Thursday, May 2, 2013

Additional notes on encrypted configuration


Note:  _tmp_blah_key is just the name of the key being registered for the identity.

aspnet_regiis -pa "NetFrameworkConfigurationKey" "identity"
or
aspnet_regiis -pa "tmp_test_key" " identity "
or
aspnet_regiis -pa "tmp_development_key" " identity "

 

While executing this command, if it says that any of the keys are not found, then execute the corresponding command line below

aspnet_regiis -pc "NetFrameworkConfigurationKey"

aspnet_regiis -pc "tmp_development_key"

aspnet_regiis -pc "tmp_test_key"

Or aspnet_regiis -pc "tmp_production_key"
Post by - No comments: Links

Infected Computer?

Restore system files and settings


1.) Command Line: rstrui.exe
Allows for the rolling back of system files, registry keys, installed programs, etc., to a previous state in the event of system malfunction or failure.

2.) Add/Remove Programs

3.) A few tools to assist
Kapersky TDSSkiller, Malwarebytes, Hitman Pro and ADW cleaner
Post by - No comments: Links

Thursday, April 18, 2013

SQL Stats to help identify bottlenecks.

Query 1 : Top 10 total CPU consuming queries 
SELECT TOP 10
QT.TEXT AS STATEMENT_TEXT,
QP.QUERY_PLAN,
QS.TOTAL_WORKER_TIME AS CPU_TIME
FROM SYS.DM_EXEC_QUERY_STATS QS
CROSS APPLY SYS.DM_EXEC_SQL_TEXT (QS.SQL_HANDLE) AS QT
CROSS APPLY SYS.DM_EXEC_QUERY_PLAN (QS.PLAN_HANDLE) AS QP
ORDER BY TOTAL_WORKER_TIME DESC
 
Query 2 : Top 10 average CPU consuming queries 
SELECT TOP 10
TOTAL_WORKER_TIME ,
EXECUTION_COUNT ,
TOTAL_WORKER_TIME / EXECUTION_COUNT AS [AVG CPU TIME] ,
QT.TEXT AS QUERYTEXT
FROM SYS.DM_EXEC_QUERY_STATS QS
CROSS APPLY SYS.DM_EXEC_SQL_TEXT(QS.PLAN_HANDLE) AS QT
ORDER BY QS.TOTAL_WORKER_TIME DESC ;
 
Query 3 : Top 10 I/O intensive queries
SELECT TOP 10
TOTAL_LOGICAL_READS,
TOTAL_LOGICAL_WRITES,
EXECUTION_COUNT,
TOTAL_LOGICAL_READS+TOTAL_LOGICAL_WRITES AS [IO_TOTAL],
QT.TEXT AS QUERY_TEXT,
DB_NAME(QT.DBID) AS DATABASE_NAME,
QT.OBJECTID AS OBJECT_ID
FROM SYS.DM_EXEC_QUERY_STATS QS
CROSS APPLY SYS.DM_EXEC_SQL_TEXT(SQL_HANDLE) QT
WHERE TOTAL_LOGICAL_READS+TOTAL_LOGICAL_WRITES > 0
ORDER BY [IO_TOTAL] DESC
 
Query 4 : Execution count of each query
SELECT QS.EXECUTION_COUNT,
QT.TEXT AS QUERY_TEXT,
QT.DBID,
DBNAME= DB_NAME (QT.DBID),
QT.OBJECTID,
QS.TOTAL_ROWS,
QS.LAST_ROWS,
QS.MIN_ROWS,
QS.MAX_ROWS
FROM SYS.DM_EXEC_QUERY_STATS AS QS
CROSS APPLY SYS.DM_EXEC_SQL_TEXT(QS.SQL_HANDLE) AS QT
ORDER BY QS.EXECUTION_COUNT DESC
Post by - No comments: Links

Thursday, March 14, 2013

Make service call with client certificate after receiving 401 Unauthorized errors

Scenario:
  • Call a service that requires a client certificate. 
  • The AppPool is set as an independent identity, NetworkService for example.
  • Everything works in the Dev environment with the developer having Administrator privileges, logged on locally, and having the certificate installed in local cert store.
  • The certificates are stored on disk at C:\MyCertificates\ or accessed directly from cert store.
  • The certificate is being applied at runtime successfully in Dev.
Problem:
When installing in new environment and running with the AppPool as NetworkService, the service response is:
The remote server returned an error: (401) Unauthorized.

Here are a few things to keep in mind followed by a brief resolution description and help links:
  • Even if a project is bypassing the cert store and importing the cert directly, the cert still needs to be properly configured in the cert store.
  • The cert needs to be configured in the machine cert store or the personal cert store of the identity making the request.
  • Microsoft WCF client code does not throw an exception with misconfiguration.
  • Explicit checks will display a false positive when a cert is not added due to improperly configured cert store:o    ((HttpWebRequest)request).ClientCertificates.Add(cert);  int certCount = ((HttpWebRequest)request).ClientCertificates.Count; //Count will return 1
   Resolution:
  1. Download and then install the Microsoft Windows HTTP Services Certificate Configuration Tool. To obtain the tool, visit the following Microsoft Web site: http://www.microsoft.com/en-us/download/details.aspx?id=19801
  2. Run the following command at a command prompt:
    winhttpcertcfg -i PFXFile -c LOCAL_MACHINE\My -a IWAM_TESTMACHINE -p PFXPassword
    Note PfxFile is the name of the .pfx file. Password is the password for the .pfx file. If the file does not require a password, omit the -p parameter. Typically, the WinHttpCertCfg.exe file is located in the following folder:  C:\Program Files\Windows Resource Kits\Tools
  3. To grant access for a specific user account, run the following command at a command prompt: WinHttpCertCfg.exe -g -c LOCAL_MACHINE\MY -s "IssuedToName" -a "AccountName"
  4. Install the root certificate for the CA, follow these steps:
    1. Click Start, click Run, type mmc, and then click OK.
    2. On the File menu, click Add/Remove Snap-in, and then click Add.
    3. In the Add Standalone Snap-ins dialog box, click Certificates, click Add, click Computer account, click Next, and then click Finish.
    4. Click Close, and then click OK.
    5. Expand Certificates (Local Computer), right-click Trusted Root Certification Authorities, click All Tasks, and then click Next.
    6. In the Certificate Import Wizard dialog box, click Next, and then in the File name box, type the name of the certificate file or navigate to the .pfx file, then click Next two times.
    7. Click Finish, and then click OK.
f
   Help links:
     http://www.microsoft.com/en-us/download/details.aspx?id=19801
     http://support.microsoft.com/kb/901183?wa=wsignin1.0

Post by - No comments: Links

Monday, February 25, 2013

XSLT Transform of client request


A simple way to transform a client XML request into a format for use by the listening service.
public Stream TransformRequest(Stream clientRequest){
    formattedRequest = new MemoryStream();
    XPathDocument myXPathDoc = new XPathDocument(clientRequest);
    XslCompiledTransform myXslTrans = new XslCompiledTransform();    myXslTrans.Load(this.XsltPath);    XmlTextWriter myWriter = new XmlTextWriter(formattedRequest, null);    myXslTrans.Transform(myXPathDoc, null, myWriter);    formattedRequest.Seek(0, SeekOrigin.Begin);
    return formattedRequest;
}
Post by - No comments: Links

Thursday, February 7, 2013

Finding a Control on a Page

Control c = FindControlRecursive(Page, "ControlId");if (c != null){
  ...//Process control
}


private Control FindControlRecursive(Control root, string id) {
  if(root.ID==id)   {
    return root;  }

  foreach(Control c in root.Controls)   {
    Control
t = FindControlRecursive(c, id);
    if
(t != null)     {
      return
t;    } 
  }
 
  return
null;}
Post by - No comments: Links

Tuesday, January 29, 2013

Page_Load executing twice

Correct Page_Load from loading twice
Check to make sure that the .aspx page and .cs page are not both wiring up Page_Load.

.aspx page:

<%@ Page Language="C#" AutoEventWireup="false"...

.aspx.cs code behind:

private void InitializeComponent()

{
     this.Load += new System.EventHandler(this.Page_Load);
}  

If AutoEventWireup="true" and this.Load wires up the Page_Load method, either remove the manual wireup or set AutoEventWireup="false".
Post by - No comments: Links
Subscribe to: Posts (Atom)