[twsocket] How does a server coder get the Windows groups and users in those groups?
Hello, I just need the group names and their member user names. Anybody know a code snippet? Best Regards, SZ -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
[twsocket] HTTPCli and proxy settings
Hello, It is easy to detect IE Proxy's settings and retrieve its IP:Port values to put them into HTTPCli, but managing the options do no use for local addresses and proxy exception's list to decide if HHTPCli has to use proxy or not need a bit more development. Can HTTPCli follow IE settings automatically ? or do somebody already implemented such function ? regards. - -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] TFtpServ that uses FTP user's Windows account security context
Now the source code is included: http://www.duodata.de/misc/delphi/OverbyteIcsFtpSrv-20070516.zip -- Arno Garrels [TeamICS] http://www.overbyte.be/eng/overbyte/teamics.html Arno Garrels wrote: Fastream Technologies wrote: Not yet. Having personal problems these days.. :(( I uploaded a new version with some common improvements and fixes. There's a new option to hide the physical path, see Menu | Options. http://www.duodata.de/misc/delphi/OverbyteIcsFtpServ.zip HomeDir is hardcoded C:\TEMP. In order to test Windows security try the following: 1) Create a new user Group FTP-Users 2) Right-click Drive C: | Properties | Security-Settings 3) Add group FTP-Users deny Full Access 4) Go to C:\Temp, Properties | Security-Settings Set proper NTFS rights to Group FTP-Users (break inheritance, copy inherited rights) 5) Create a new user make her a member of Group FTP-Users only. Make sure the server process runs in an account with sufficent permissions. Since the FtpSrv demo is not Vista-compatible please try on a different NT-OS or turn off virtualization as well as UAC or try to run the demo As Administrator. BTW: Even disk quotas work (I tested in XP). -- Arno Garrels [TeamICS] http://www.overbyte.be/eng/overbyte/teamics.html On 5/11/07, Arno Garrels [EMAIL PROTECTED] wrote: Fastream Technologies wrote: Hello Arno, I use Windows Vista Business. I went to the control panel and created what's called a limited user. Now that user can go into C:\Windows and list file/folder listings when logged in with your server demo. Is this normal? SZ, Any progress in testing? -- Arno Garrels [TeamICS] http://www.overbyte.be/eng/overbyte/teamics.html Regards, SZ On 5/10/07, Arno Garrels [EMAIL PROTECTED] wrote: Perhaps you can code the NTLM into ICS FTP Server demo? Believe me there is DEMAND for it! Fastream offers you $200 for the task to be completed in 10 days plus we can help you test. I know $200 is not much for a German company but this code could be used by many people so it's well spent effort (remember we will donate the demo). OK, some money is always welcome :-) I uploaded the result for testing (binary only): http://www.duodata.de/misc/delphi/OverbyteIcsFtpServ.zip It might be slower than the original v6 demo since security context is switched very frequently, please check whether it's too slow. Note that currently CWD works for directory names with length = 3 as well as with current HomeDir (Angus can you tell us why?). PWD also always succeeds. It's possible to upload a zero-size file even if the user has only read access (file is not written). My solution impersonates user's Windows security context upon filesystem access, all events however are triggered in the the context of server's process, it may be usefull to switch to user's context in some events as well, but that was fine tuning and should be discussed here. BTW: I changed/fixed the STOU command, can somebody please test? -- Arno Garrels [TeamICS] http://www.overbyte.be/eng/overbyte/teamics.html -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] TFtpServ that uses FTP user's Windows accountsecurity context
Hello, Seems like cool stuff. In order for me to test it more, we will first adapt the changes to our FTPSrvMT.pas. This can take a week. Regards, SZ - Original Message - From: Arno Garrels [EMAIL PROTECTED] To: ICS support mailing twsocket@elists.org Sent: Friday, May 18, 2007 4:32 PM Subject: Re: [twsocket] TFtpServ that uses FTP user's Windows accountsecurity context Now the source code is included: http://www.duodata.de/misc/delphi/OverbyteIcsFtpSrv-20070516.zip -- Arno Garrels [TeamICS] http://www.overbyte.be/eng/overbyte/teamics.html Arno Garrels wrote: Fastream Technologies wrote: Not yet. Having personal problems these days.. :(( I uploaded a new version with some common improvements and fixes. There's a new option to hide the physical path, see Menu | Options. http://www.duodata.de/misc/delphi/OverbyteIcsFtpServ.zip HomeDir is hardcoded C:\TEMP. In order to test Windows security try the following: 1) Create a new user Group FTP-Users 2) Right-click Drive C: | Properties | Security-Settings 3) Add group FTP-Users deny Full Access 4) Go to C:\Temp, Properties | Security-Settings Set proper NTFS rights to Group FTP-Users (break inheritance, copy inherited rights) 5) Create a new user make her a member of Group FTP-Users only. Make sure the server process runs in an account with sufficent permissions. Since the FtpSrv demo is not Vista-compatible please try on a different NT-OS or turn off virtualization as well as UAC or try to run the demo As Administrator. BTW: Even disk quotas work (I tested in XP). -- Arno Garrels [TeamICS] http://www.overbyte.be/eng/overbyte/teamics.html On 5/11/07, Arno Garrels [EMAIL PROTECTED] wrote: Fastream Technologies wrote: Hello Arno, I use Windows Vista Business. I went to the control panel and created what's called a limited user. Now that user can go into C:\Windows and list file/folder listings when logged in with your server demo. Is this normal? SZ, Any progress in testing? -- Arno Garrels [TeamICS] http://www.overbyte.be/eng/overbyte/teamics.html Regards, SZ On 5/10/07, Arno Garrels [EMAIL PROTECTED] wrote: Perhaps you can code the NTLM into ICS FTP Server demo? Believe me there is DEMAND for it! Fastream offers you $200 for the task to be completed in 10 days plus we can help you test. I know $200 is not much for a German company but this code could be used by many people so it's well spent effort (remember we will donate the demo). OK, some money is always welcome :-) I uploaded the result for testing (binary only): http://www.duodata.de/misc/delphi/OverbyteIcsFtpServ.zip It might be slower than the original v6 demo since security context is switched very frequently, please check whether it's too slow. Note that currently CWD works for directory names with length = 3 as well as with current HomeDir (Angus can you tell us why?). PWD also always succeeds. It's possible to upload a zero-size file even if the user has only read access (file is not written). My solution impersonates user's Windows security context upon filesystem access, all events however are triggered in the the context of server's process, it may be usefull to switch to user's context in some events as well, but that was fine tuning and should be discussed here. BTW: I changed/fixed the STOU command, can somebody please test? -- Arno Garrels [TeamICS] http://www.overbyte.be/eng/overbyte/teamics.html -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] HTTPCli and proxy settings
Scrive Dod [EMAIL PROTECTED]: Hello, It is easy to detect IE Proxy's settings and retrieve its IP:Port values to put them into HTTPCli, but managing the options do no use for local addresses and proxy exception's list to decide if HHTPCli has to use proxy or not need a bit more development. It could be more complicated than that, for example if a script is involved. Can HTTPCli follow IE settings automatically ? or do somebody already implemented such function ? Look at ProxyInfo component (I'm the author) on user made ics web page. It will help you to detect which proxy parameters should be used for a specific url. It doesn't cover all situation (for example if an url is local or not) but should cover most common situations. Bye, Maurizio. This mail has been sent using Alpikom webmail system http://www.alpikom.it -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] HTTPCli and proxy settings
Hello Maurizio, OK thanks i'll look at it. My need is very basic as it is only to be sure to download a file from specific URL, so no script envolved. I think it can be done with regexp (or basic '*' masked string search routine) on exception list, getting all IP attached to network card(s) (with netmask) and excluding proxy if IP is inside any of the mask of the IP(s). Regards. Hello, It is easy to detect IE Proxy's settings and retrieve its IP:Port values to put them into HTTPCli, but managing the options do no use for local addresses and proxy exception's list to decide if HHTPCli has to use proxy or not need a bit more development. ML It could be more complicated than that, for example if a script is involved. Can HTTPCli follow IE settings automatically ? or do somebody already implemented such function ? ML Look at ProxyInfo component (I'm the author) on user made ics web page. It will ML help you to detect which proxy parameters should be used for a specific url. ML It doesn't cover all situation (for example if an url is local or not) but ML should cover most common situations. ML Bye, Maurizio. ML ML This mail has been sent using Alpikom webmail system ML http://www.alpikom.it -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] HTTPCli and proxy settings
Scrive Dod [EMAIL PROTECTED]: Hello Maurizio, OK thanks i'll look at it. My need is very basic as it is only to be sure to download a file from specific URL, so no script envolved. A script could be involved if Automatic detect settings is set, and is involved if Use automatic configuration script is set. I think it can be done with regexp (or basic '*' masked string search routine) on exception list, getting all IP attached to network card(s) (with netmask) and excluding proxy if IP is inside any of the mask of the IP(s). This could work for local addresses. But if you have more than one interface (real NIC, emulated NIC or dial-up) the problem is that you should detect which interface will be used to reach a specific IP, since each dial-up has it own proxy settings while there are only one for the LAN. I never had this situation so I delayed to solve it :-) Bye, Maurizio. This mail has been sent using Alpikom webmail system http://www.alpikom.it -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
