Suping Chen's Notes: 2017

Tuesday, October 3, 2017

How to digital sign the one click installer build by wix

I sign the wix build one click installer. use signtool , got below exception:

i336: Acquiring container: WixAttachedContainer, copy from: C:\Users\test\Desktop\TestInstaller.exe
i000: Setting string variable 'WixBundleLastUsedSource' to value 'C:\Users\test\Desktop\'
e000: Error 0x80070001: Failed to extract all files from container, erf: 1:2:0
e000: Error 0x80070001: Failed to wait for operation complete.
e000: Error 0x80070001: Failed to open container.
e000: Error 0x80070001: Failed to open container: WixAttachedContainer.
e312: Failed to extract payloads from container: WixAttachedContainer to working path: C:\Users\test\AppData\Local\Temp\{8d17e055-d90d-4704-a556-bd5807e85920}\6C513FAEDC30F50DCA80F4305E027697FF9E50F8, error: 0x80070001.
e000: Error 0x80070001: Failed while caching, aborting execution.
i330: Removed bundle dependency provider: {8d17e055-d90d-4704-a556-bd5807e85920}
i352: Removing cached bundle: {8d17e055-d90d-4704-a556-bd5807e85920}, from path: C:\ProgramData\Package Cache\{8d17e055-d90d-4704-a556-bd5807e85920}\
i399: Apply complete, result: 0x80070001, restart: None, ba requested restart: No

to fix it:

1. Build your bundle (using candle/light).
My light output was "TestInstaller.exe"

2. detach the engine from TestInstaller.exe:
insignia -ib TestInstaller.exe -o engine.exe

3. sign engine.exe with your certificate:

4. re-attach the signed engine.exe to the bundle:
insignia -ab engine.exe TestInstaller.exe -o TestInstaller.exe

5. sign TestInstaller.exe with your certificate.

Thanks Jonks,
http://windows-installer-xml-wix-toolset.687559.n2.nabble.com/Burn-3-8-1128-Error-0x80070001-Failed-to-extract-all-files-from-container-erf-1-2-0-td7593695.html

Tuesday, August 1, 2017

How to statically link the C++ REST SDK (Casablanca)

1 Download code
git clone https://github.com/Microsoft/cpprestsdk.git

2 Open solution in Visual Studio

Change from dynamic to static linking

Select All Configurations and All Platforms from the drop-downs at the top of the Properties dialog.

In Configuration Properties -> General -> Project Defaults, change the Configuration Type option to Static library (.lib).

In Configuration Properties -> C/C++ -> Code Generation, change the Runtime Library option to Multi-threaded Debug (/MTd) for the Debug configuration and Multi-threaded (/MT) for the Release configuration.

In Configuration Properties -> C/C++ -> Preprocessor for All Configurations, add the text _NO_ASYNCRTIMP; to the Preprocessor Definitions option. This prevents the compiler from trying to export the functions to a DLL.

Click OK to save the changes.

3: Prepare your application

Open the solution for the application you want to build, right-click on it and choose Properties.

Select All Configurations and All Platforms from the drop-downs at the top of the Properties dialog.

In Configuration Properties -> VC++ Directories, add a new entry in Include Directories as follows:

C:\PathToCppRESTSDK\Release\include

In Configuration Properties -> VC++ Directories, add a new entry in Library Directories as follows:

C:\PathToCppRESTSDK\Binaries\Win32\$(Configuration)

In Configuration Properties -> C/C++ -> Preprocessor, add the text _NO_ASYNCRTIMP; to the Preprocessor Definitions option. This prevents the compiler from trying to find the C++ REST SDK functions from a DLL.

In Configuration Properties -> Linker -> Input, add winhttp.lib , Bcrypt.lib, Crypt32.lib and cpprest120_2_3.lib (replacing the numbers with the correct Visual Studio and C++ REST SDK version numbers) to the Additional Dependencies option.

Build your project.

https://katyscode.wordpress.com/2014/04/01/how-to-statically-link-the-c-rest-sdk-casablanca/

Change is missing 2 library.

Tuesday, July 25, 2017

Mac os create group command line

list group.

dscacheutil -q group

sudo dseditgroup -o edit -a $username_to_add -t user admin

Mac group:

sudo dscl . -create /Groups/groupname

sudo dscl . –create /Groups/groupname name groupname

sudo dscl . –create /Groups/groupname gid groupid

sudo dscl . –create /Groups/groupname GroupMembership usershorname

list group members

dscacheutil -q group -a name pam_idq

sudo dscl . –delete /Groups/groupname GroupMemebership usershorname

sudo dscl . –delete /Groups/groupname

Friday, July 14, 2017

fiddler capture java application traffic

Create a keystore containing the fiddler certificate and use it:
keytool -importcert -file " fiddlerroot.cer" -keystore " fiddler.jks" -alias "fiddler"

java -DproxySet=true -DproxyHost=127.0.0.1 -DproxyPort=8888 -Dhttps.proxyPort=8888 -Dhttps.proxyHost=127.0.0.1 -Djavax.net.ssl.trustStore=<path to FiddlerKeystore> -Djavax.net.ssl.trustStorePassword=<password> -jar test.jar

If you use third party HTTP libraries, you need to set the connection proxies. Example with Apache Commons HttpClient:

HttpClient httpClient = new HttpClient();

httpClient.getHostConfiguration().setProxy("localhost", 8888);

Tuesday, July 11, 2017

Update MSI property in C# programaticaly

To update MSI property with C#,
Added reference for Microsoft.Deployment.WindowsInstaller.dll

The PropertyTable not include default value is null Propery, we can not update the value, if not in property table, we could insert the property.

using Microsoft.Deployment.WindowsInstaller;

bool isProertyExits = false ;
using (Database msi = new Database(msiFileName, DatabaseOpenMode.Transact))
{

using (var view = msi.OpenView(msi.Tables["Property"].SqlSelectString))
{
view.Execute();
Record record = view.Fetch();
while (record != null)
{

if (record.GetString(1) == ProertyName)
{
record.SetString("Value", ProertyValue);
view.Modify(ViewModifyMode.Assign, record);
msi.Commit();
isProertyExits = true;
}

record = view.Fetch();
}
}

//If not find
if (!isProertyExits) {
using (var view = msi.OpenView(msi.Tables["Property"].SqlInsertString))
{
foreach (var item in properties)
{

Record missingRecord = msi.CreateRecord(2);
missingRecord.SetString(1, ProertyName);
missingRecord.SetString(2, ProertyValue);
view.Execute(missingRecord);
msi.Commit();

}
}
}
}

Tuesday, June 20, 2017

wix support localization with .wixproj

1: your .wixproj files include the .wxl file

<ItemGroup>
<EmbeddedResource Include="en_us.wxl" />
<EmbeddedResource Include="zh_cn.wxl" />
</ItemGroup>

2: .wxl file look like:

<?xml version="1.0" encoding="utf-8"?>
<WixLocalization Culture="en-us" xmlns="http://schemas.microsoft.com/wix/2006/localization">
<String Id="WelcomeDlgDescription">This Setup Wizard will install [ProductName] [MajorVersion].[MinorVersion] on your computer. Click Next to continue or Cancel to exit.</String>
</WixLocalization>

     http://wixtoolset.org/documentation/manual/v3/wixui/wixui_localization.html

Table of culture codes.

Language	Location	Culture code	WXL file
Arabic	Saudi Arabia	ar-SA	WixUI_ar-SA.wxl
Bulgarian	Bulgaria	bg-BG	WixUI_bg-BG.wxl
Catalan	Spain	ca-ES	WixUI_ca-ES.wxl
Croatian	Croatia	hr-HR	WixUI_hr-HR.wxl
Czech	Czech Republic	cs-CZ	WixUI_cs-CZ.wxl
Danish	Denmark	da-DK	WixUI_da-DK.wxl
Dutch	Netherlands	nl-NL	WixUI_nl-NL.wxl
English	United States	en-US	WixUI_en-US.wxl
Estonian	Estonia	et-EE	WixUI_et-EE.wxl
Finnish	Finland	fi-FI	WixUI_fi-FI.wxl
French	France	fr-FR	WixUI_fr-FR.wxl
German	Germany	de-DE	WixUI_de-DE.wxl
Greek	Greece	el-GR	WixUI_el-GR.wxl
Hebrew	Israel	he-IL	WixUI_he-IL.wxl
Hindi	India	hi-IN	WixUI_hi-IN.wxl
Hungarian	Hungary	hu-HU	WixUI_hu-HU.wxl
Italian	Italy	it-IT	WixUI_it-IT.wxl
Japanese	Japan	ja-JP	WixUI_ja-JP.wxl
Kazakh	Kazakhstan	kk-KZ	WixUI_kk-KZ.wxl
Korean	Korea	ko-KR	WixUI_ko-KR.wxl
Latvian	Latvia	lv-LV	WixUI_lv-LV.wxl
Lithuanian	Lithuania	lt-LT	WixUI_lt-LT.wxl
Norwegian (Bokmål)	Norway	nb-NO	WixUI_nb-NO.wxl
Polish	Poland	pl-PL	WixUI_pl-PL.wxl
Portuguese	Brazil	pt-BR	WixUI_pt-BR.wxl
Portuguese	Portugal	pt-PT	WixUI_pt-PT.wxl
Romanian	Romania	ro-RO	WixUI_ro-RO.wxl
Russian	Russia	ru-RU	WixUI_ru-RU.wxl
Serbian (Latin)	Serbia and Montenegro	sr-Latn-CS	WixUI_sr-Latn-CS.wxl
Simplified Chinese	China	zh-CN	WixUI_zh-CN.wxl
Slovak	Slovak Republic	sk-SK	WixUI_sk-SK.wxl
Slovenian	Solvenia	sl-SI	WixUI_sl_SI.wxl
Spanish	Spain	es-ES	WixUI_es-ES.wxl
Swedish	Sweden	sv-SE	WixUI_sv-SE.wxl
Thai	Thailand	th-TH	WixUI_th-TH.wxl
Traditional Chinese	Hong Kong SAR	zh-HK	WixUI_zh-HK.wxl
Traditional Chinese	Taiwan	zh-TW	WixUI_zh-TW.wxl
Turkish	Turkey	tr-TR	WixUI_tr-TR.wxl
Ukrainian	Ukraine	uk-UA	WixUI_uk-UA.wxl

embedding dlls into exe .net C#

https://stackoverflow.com/questions/6920920/embedding-dlls-into-exe-in-in-visual-c-sharp-2010

1: visual studio project include the dlls Build Action as "Embedded Resource"

2: in program.cs file ,
using System.Reflection;
using System.IO;

3: in main() function
//Load embedded resources dll to CurrentDomain.
AppDomain.CurrentDomain.AssemblyResolve += (sender, args) =>
{
String dllName = new AssemblyName(args.Name).Name + ".dll";
var assem = Assembly.GetExecutingAssembly();
String resourceName = assem.GetManifestResourceNames().FirstOrDefault(rn => rn.EndsWith(dllName));
if (resourceName == null) return null;
using (var stream = assem.GetManifestResourceStream(resourceName))
{
Byte[] assemblyData = new Byte[stream.Length];
stream.Read(assemblyData, 0, assemblyData.Length);
return Assembly.Load(assemblyData);
}
};

Sunday, February 26, 2017

Windows 2012 r2 ADFS 3.0 federated with Office 365 SMTP does not work, authenticaiton error. Mac native mail client does not work. Skype for business on Windows 7 does not work.

Since our ADFS Windows 2012 R2 disable TLS1.0 cause smtp client does not work.

And the exception also not clear, all about authentication error!

So If you got same issue. Please check sever TLS setting.

Thursday, February 16, 2017

Confluence saml single sign on internal error

Our confluence server use below saml plugin for federated authentication with ADFS.

https://github.com/bitium/confluence-saml-plugin

After our administration change the confluence server host name, we had trouble to do federate authentication. The ADFS no exception. Confluence throw "Smal internal error"

The issue was:

The new confluence server internal mark as use explicit address like:

https://confluence.domain.com:443/

So: the smal endpoint in configuration page is : https://confluence.domain.com:443/plugins/servlet/saml/auth

And the config page there is no relying party identifier, we get it from the ADFS exception "https://confluence.domain.com/confluenceSaml"

But in saml-plugin it expected is acceptance issuer is "https://confluence.domain.com:443/confluenceSaml".

So here is the trick :

The ADFS for replying party trust if identifier is url format.

The ADFS look the address "https://confluence.domain.com:443/confluenceSaml".
and "https://confluence.domain.com/confluenceSaml"

is Same, But in saml plugin, these two is not same!

ADFS 3.0 Federated to Office 365 exception "may be proxy server error"

We just try to migrate our Office 365 federated domain from A ADFS Server to B ADFS Server.
Read the document, it should be very simple and follow below steps.

Windows Azure Active Directory Module for Windows PowerShell

Right Click and Run As Administrator

Set the credential variable
$cred=Get-Credential Enter a Global Administrator account from Office 365. I have a dedicated tenant (@domain.onmicrosoft.com) service account setup for AD FS and Directory Syncronization.
Connect to Microsoft Online Services with the credential variable set previously

Connect-MsolService –Credential $cred

Convert-msoldomaintostandard

Set the MSOL ADFS Context server, to the ADFS server

Set-MsolADFSContext –Computer adfs_servername.domain_name.com

Convert the domain to a federated domain

Convert-MsolDomainToFederated –DomainName domain_name.com

Verify federation

Get-MsolFederationProperty –DomainName domain_name.com

We had some issues:

1: Connect-MsolService Throw exception, "may be proxy server error"

The case is we already configuration ADFS behide the load balance server, and the weigh is same, Fix it is turn off load balance, or set the Primary ADFS server as primary,

2: SSL Exception. Server TLS1.1 client is disabled. Should enable TLS1.1 TLS1.2 ssl client.

3: Everything good, but federation server did not get redirect.

Check the certification, grant the permission to service account , redo all steps.

4: Can not connect to ADFS server may be the remote power shell on ADFS server not enabled.
set up Windows PowerShell for remoting, type the following command, and then press Enter:

Enable-PSRemoting –force

Monday, January 9, 2017

Console application and windows service in parallel

Windows service is not easy to debug, and sometimes we want our service run as console.

Below sample show how to make console and service work together.

using System;

using System.ComponentModel;

using System.Threading;

using System.ServiceProcess;

using System.Reflection;

namespace ConsoleAndService

{

class Program

{

private static ManualResetEvent _quitEvent = new ManualResetEvent(false);

static void Main(string[] args)

{

ServiceBase[] ServicesToRun;

ServicesToRun = new ServiceBase[]

{

new ConsoleAndService()

};

//Run application in console mode, UserInteractive is true.

//Install service with installutil

//Example InstallUtil /i ConsoleAndService.exe

//UnInstall InstallUtil /u ConsoleAndService.exe

if (!System.Environment.UserInteractive)

{

ServiceBase.Run(ServicesToRun);

}

else

{

Console.CancelKeyPress += (sender, eArgs) => {

_quitEvent.Set();

eArgs.Cancel = true;

};

Type type = typeof(ServiceBase);

BindingFlags flags = BindingFlags.Instance | BindingFlags.NonPublic;

MethodInfo method = type.GetMethod("OnStart", flags);

foreach (ServiceBase service in ServicesToRun)

{

method.Invoke(service, new object[] { args });

}

_quitEvent.WaitOne();

foreach (ServiceBase service in ServicesToRun)

{

service.Stop();

}