I like the idea of having the script as an optional part of the setup so people who are in a corporate environment or just don't trust the code enouth to run it as administrator on their machine have an option. If you can get the certificate error worked out then I don't see an issue with having it become the recommended setup option.
Scott Golightly > From: [email protected] > To: [email protected] > Date: Tue, 7 Jul 2009 12:36:19 -0400 > Subject: RE: Authorize WCF Services scripts > > I experienced the Certificate error as well, but I installed the certs as > administrator, then created the BenD account which received the errors. I > reinstalled the certs from the BenD account and it worked. I'm not sure if > users would still receive this error if they only used a single account. > > I'll do some testing to see if I can get the scripts to grant keystore > permissions as well. Either way, do you think we should keep this script? Of > course, we'll have to supplement the documentation a bit. > > -Ben Dewey > > -----Original Message----- > From: Scott Golightly [mailto:[email protected]] > Sent: Tuesday, July 07, 2009 11:44 AM > To: Stonehenge Development > Subject: RE: Authorize WCF Services scripts > > > This particular VM is Windows Server 2008 Enterprise (without Hyper-V) SP2. I > downloaded the latest version of the batch file and the errors removing the > reservation as well as canceling are fixed. I am now getting the certificate > error for certificate 'CN=Trade.com' that says "The Certivicate > 'CN=Trade.com' must have a private key that is capable of key exchange. The > process must have access rights for the private key.". This is happening on > the call to serviceHost.Open(); at line 95 in > Trade.BusinessServiceConsole.BusinessService_ConsoleHost.BusinessServiceConsoleHost. > > > Since this still works as administrator I am guessing the script needs to > grant rights to the selected user (or everyone) to the key store. This is > probably the ACL on the physical file that stores the key. I created the user > after installing the application so that might have something to do with the > permissions problem. > > I think there was an example of how to do this with the Woodgrove Bank sample > application (it might have been a different sample app) from Microsoft a > while back. If I remember correctly that sample used an application called > FindCert to find the physical path to the certificate and PowerShell to set > the permissions. I don't see FindCert on my machine so is the workaround to > uninstall and reinstall the certificates? > > > > Scott Golightly > > > From: [email protected] > > To: [email protected] > > Date: Tue, 7 Jul 2009 10:02:49 -0400 > > Subject: RE: Authorize WCF Services scripts > > > > Scott, > > > > I just fixed the bug where quit was running delete. It seems that the order > > of the 'choice' statement has an effect. > > > > As for the delete not actually working, I was unable to repro that. What > > version of windows are you using? > > > > -Ben Dewey > > > > -----Original Message----- > > From: Scott Golightly [mailto:[email protected]] > > Sent: Tuesday, July 07, 2009 12:54 AM > > To: Stonehenge Development > > Subject: RE: Authorize WCF Services scripts > > > > > > Ben, > > > > > > > > The first time I ran the script I chose the option to cancel and it tried > > to remove the reservations. It didn't seem to cause any problems just > > wasn't the behavior I expected. > > > > I tested the patch and before I ran your script I couldn't run the > > services. After running the script it allows me to run from a prompt where > > I didn't specifically 'Run as administrator' when starting the command > > prompt. So far so good. > > > > When I remove the reservation it still allows me to run the services from a > > non-elevated prompt so it appears that removing the reservation didn't > > work. I tried removing the reservation again and got errors about not > > finding the file so it does something but seems incomplete in the removing > > the reservation. > > > > > > > > Scott Golightly > > > > > From: [email protected] > > > To: [email protected] > > > Date: Mon, 6 Jul 2009 22:51:29 -0400 > > > Subject: Authorize WCF Services scripts > > > > > > I just made my first commit. It's a little script that I've had that adds > > > a URL reservation to your network configuration. This prevents users from > > > having to run the RunServices.bat file with elevated privileges (ie. Run > > > As Administrator). If someone who is running the .NET services can test > > > this script it would be appreciated. > > > > > > I've also added this script to the WIKI under > > > > > > http://cwiki.apache.org/confluence/display/STONEHENGE/Stonehenge+.NET+StockTrader+Installation+Guide > > > > > > and > > > > > > http://cwiki.apache.org/confluence/display/STONEHENGE/.NET+Utilities+List > > > > > > > > > > > > -Ben Dewey
