I've updated the script to add permissions to the Windows Certificate Store as well. This update requires that you install the Windows Resource Kit.
After installing and running the script you should be able to RunServices and Debug solutions without "Running as Administrator" Anyone who tests this please let me know your results. -Ben Dewey -----Original Message----- From: Scott Golightly [mailto:[email protected]] Sent: Tuesday, July 07, 2009 3:24 PM To: Stonehenge Development Subject: RE: Authorize WCF Services scripts I like the idea of having the script as an optional part of the setup so people who are in a corporate environment or just don't trust the code enouth to run it as administrator on their machine have an option. If you can get the certificate error worked out then I don't see an issue with having it become the recommended setup option. Scott Golightly > From: [email protected] > To: [email protected] > Date: Tue, 7 Jul 2009 12:36:19 -0400 > Subject: RE: Authorize WCF Services scripts > > I experienced the Certificate error as well, but I installed the certs as > administrator, then created the BenD account which received the errors. I > reinstalled the certs from the BenD account and it worked. I'm not sure if > users would still receive this error if they only used a single account. > > I'll do some testing to see if I can get the scripts to grant keystore > permissions as well. Either way, do you think we should keep this script? Of > course, we'll have to supplement the documentation a bit. > > -Ben Dewey > > -----Original Message----- > From: Scott Golightly [mailto:[email protected]] > Sent: Tuesday, July 07, 2009 11:44 AM > To: Stonehenge Development > Subject: RE: Authorize WCF Services scripts > > > This particular VM is Windows Server 2008 Enterprise (without Hyper-V) SP2. I > downloaded the latest version of the batch file and the errors removing the > reservation as well as canceling are fixed. I am now getting the certificate > error for certificate 'CN=Trade.com' that says "The Certivicate > 'CN=Trade.com' must have a private key that is capable of key exchange. The > process must have access rights for the private key.". This is happening on > the call to serviceHost.Open(); at line 95 in > Trade.BusinessServiceConsole.BusinessService_ConsoleHost.BusinessServiceConsoleHost. > > > Since this still works as administrator I am guessing the script needs to > grant rights to the selected user (or everyone) to the key store. This is > probably the ACL on the physical file that stores the key. I created the user > after installing the application so that might have something to do with the > permissions problem. > > I think there was an example of how to do this with the Woodgrove Bank sample > application (it might have been a different sample app) from Microsoft a > while back. If I remember correctly that sample used an application called > FindCert to find the physical path to the certificate and PowerShell to set > the permissions. I don't see FindCert on my machine so is the workaround to > uninstall and reinstall the certificates? > > > > Scott Golightly > > > From: [email protected] > > To: [email protected] > > Date: Tue, 7 Jul 2009 10:02:49 -0400 > > Subject: RE: Authorize WCF Services scripts > > > > Scott, > > > > I just fixed the bug where quit was running delete. It seems that the order > > of the 'choice' statement has an effect. > > > > As for the delete not actually working, I was unable to repro that. What > > version of windows are you using? > > > > -Ben Dewey > > > > -----Original Message----- > > From: Scott Golightly [mailto:[email protected]] > > Sent: Tuesday, July 07, 2009 12:54 AM > > To: Stonehenge Development > > Subject: RE: Authorize WCF Services scripts > > > > > > Ben, > > > > > > > > The first time I ran the script I chose the option to cancel and it tried > > to remove the reservations. It didn't seem to cause any problems just > > wasn't the behavior I expected. > > > > I tested the patch and before I ran your script I couldn't run the > > services. After running the script it allows me to run from a prompt where > > I didn't specifically 'Run as administrator' when starting the command > > prompt. So far so good. > > > > When I remove the reservation it still allows me to run the services from a > > non-elevated prompt so it appears that removing the reservation didn't > > work. I tried removing the reservation again and got errors about not > > finding the file so it does something but seems incomplete in the removing > > the reservation. > > > > > > > > Scott Golightly > > > > > From: [email protected] > > > To: [email protected] > > > Date: Mon, 6 Jul 2009 22:51:29 -0400 > > > Subject: Authorize WCF Services scripts > > > > > > I just made my first commit. It's a little script that I've had that adds > > > a URL reservation to your network configuration. This prevents users from > > > having to run the RunServices.bat file with elevated privileges (ie. Run > > > As Administrator). If someone who is running the .NET services can test > > > this script it would be appreciated. > > > > > > I've also added this script to the WIKI under > > > > > > http://cwiki.apache.org/confluence/display/STONEHENGE/Stonehenge+.NET+StockTrader+Installation+Guide > > > > > > and > > > > > > http://cwiki.apache.org/confluence/display/STONEHENGE/.NET+Utilities+List > > > > > > > > > > > > -Ben Dewey
