Remko Weijnen's Blog (Remko's Blog)
About Virtualization, VDI, SBC, Application Compatibility and anything else I feel like
2,856 views
While browsing through my old projects folder I found a little commandline tool that I wrote about a year ago. I needed to detect a certain published application on a Citrix environment in the loginscript.
The tool detect the current Citrix published applicationname or if you are running Terminal Server aka Remote Desktop Services the Initial Program name and stores this in an environment variable (APPNAME).
There are no parameters and there are no special dependancies (such as MFCom).
CtxPubApp (2540 downloads)I have installed a new rating plugin that gives you, my readers, a convenient and fast method to give feedback. So please do so, let me know what posts you find interesting!
I have also added a Contact form in case you have any questions, article suggestions or maybe even consultation requests. The contact page is an attempt to streamline the e-mails I get from this blog so I hope this will work π
Today just some fun stuff with ASM, probably not the most recommended way to do things but for sure the most geeky way π
Get the Current Session Id:
1 2 3 4 5 6 | function GetCurrentSessionId: DWORD; asm mov eax,fs:[$00000018]; // Get TEB mov eax,[eax+$30]; // PPEB mov eax,[eax+$1d4]; // PEB.SessionId end; |
Get the Current Console Session Id:
1 2 3 4 | function GetConsoleSessionId: DWORD; asm mov eax, [$7ffe02d8]; end; |
And… if we can read it we can also write it?
1 2 3 4 5 6 | procedure SetCurrentSessionId(const SessionId: DWORD); asm mov edx,fs:[$00000018]; mov edx,[edx+$30]; mov [edx+$1d4], SessionId; end; |
and
1 2 3 4 5 6 7 8 9 10 | procedure SetConsoleSessionId(const SessionId: DWORD); var p: PDWORD; OldProtect: DWORD; begin p := PDWORD($7ffe02d8); Win32Check(VirtualProtect(p, SizeOf(p), PAGE_READWRITE, @OldProtect)); p^ := SessionId; Win32Check(VirtualProtect(p, SizeOf(p), OldProtect, @OldProtect)); end; |
You can safely try it since it of course affects the current process only, so don’t worry.
And perhaps more usefull
1 2 3 4 5 6 | procedure SetIsDebuggerPresent(const Value: Boolean); asm mov edx,fs:[$00000018]; // TEB mov edx, [edx+$30]; // PPEB mov byte ptr[edx+2], Value; // +0x002 BeingDebugged : UChar end; |
I needed to obtain the Fully Qualified Domain Name (FQDN) for a given NetBios domain name. Eg from MYDOMAIN to dc=mydomain,dc=local.
I did some tests with the TranslateName API and if you append a \ to the domain name it returns the FQDN.
Here is a short example:
If you look into the registry in the key HKLM\System\CurrentControlSet\ProductOptions you will find several licensing related Values.
The ProductType and ProductSuite keys contain the OS Suite and Edition, but the ProductPolicy key is much more interesting. So let’s have a closer look at it, open RegEdit and DoubleClick the key, you will something like the screenshot below, a Binary Value:
As you can see the license names are there as a Unicode string and later on I will show you how we can read the values. But because I didn’t want to extract all the names manually I decided to see if I could reverse the used structure because it didn’t look very complicated. Using a Hex Editor I could determine the important part of the structure.
Again a about post about using the Virtual TreeView component (did I mention it’s brilliant?), this time I will talk about memory leaks.
I often use Records to hold the treedata, and usually the record holds some string data (eg a caption) and an (a reference to) an Interface or Object(List) that holds more data.
If you are familiar with Virtual Tree then you know that you must can the NodeData in the OnFreeNode event.
When working with the Virtual TreeView component the most optimized way of adding (or removing child nodes is by changing the ChildCount.
I often make the mistake of change the ChildCount of a Node using:
1 | Node^.ChildCount := Count; |
If you look into the source you will see why this will not work, the proper way is:
1 | VirtualTree.ChildCount[Node] := Count; |
This is mainly a note to self since I tend to forget it all the time π
Previously I discussed IDirectoryObject, today I will show how to change a user’s password with IDirectoryObject.
I didn’t find any documentation except a kb article describing how to use pure ldap to do it. Of course I could have used IADsUser::SetPassword but I decided not to because of the following reasons:
- IADs interfaces are terribly slow (although for one use you probably wouldn’t really notice).
- IADsUser::SetPassword tries 3 different methods to set the password (ldap over ssl, kerberos and finally NetUserSetInfo) which makes it even slower (most domain controllers do not have an ssl certificate) and unpredictable.
All example code I found was .NET based using the .NET wrappers for Active Directory and seemed to be meant for use in Adam rather than full Active Directory (it set port number to 389 and password mode to cleartext).
In the end it’s not very difficult but nonetheless it took me a while before I got it right.
We can write to the unicodePwd attribute which wants the password as a double quoted unicode string. If you look at this attribute with AdsiEdit you’ll see that the type is Octet String and that it can be written only.
I was tricked with Delphi’s QuotedStr function for a while because it doesn’t return a double but single quoted string π
Below a small snippet from the upcoming JwsclActiveDirectory that shows how to use it: Read the rest of this entry »
A few days ago I wrote about Using Windows Dialogs in your own programs, wouldn’t it be nice to be able to use Windows Resource Strings for the same reasons?
Loading a resource string is not difficult, let’s look at some examples:
1 2 3 4 5 6 7 8 9 10 11 12 | function LoadResourceString(const DllName: String; ResourceId: Integer): String; var hDLL: THandle; Buffer: array[0..MAX_PATH] of Char; begin hDLL := LoadLibrary(PChar(DllName)); if hDLL = 0 then Exit; if LoadString(hDll, ResourceId, Buffer, Length(Buffer)) > 0 then Result := Buffer; end; |
This uses the LoadString api to load a Resource String from an Executable or Dll by it’s resource Id. An Example might call might be:
1 | LoadResourceString('dsadmin.dll', 226) |
This loads the string with ResourceId 226 from dsadmin.dll(.mui):
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | STRINGTABLE LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US { 224, "Windows cannot complete the password change for %2 because:\n%1" 225, "Windows cannot access object %2 because:\n%1The object may have been deleted by another administrator in this enterprise." 226, "The New and Confirm passwords must match. Please re-type them." 228, "Object %2 has been disabled." 229, "Windows cannot disable object %2 because:\n%1" 231, "Object %2 has been enabled." 232, "Windows cannot enable object %2 because:\n%1" 233, "Create a new object..." 237, "Mo&ve...\nMoves the selected object" 238, "The password for %2 cannot be set due to insufficient privileges. Windows will attempt to disable this account. If this attempt fails, the account will become a security risk. Contact an administrator as soon as possible to repair this. Before this user can log on, the password should be set, and the account must be enabled." } |
As you can see in this example, some resource strings have identifiers such as %1 and %2 which are used in the FormatMessage Api. How can we use that from Delphi?
I wrote a very simple wrapper for it:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 | function FormatMsg(const Source: String; const Args: array of const): String; var i: Integer; ArgArray: array of Pointer; Buffer: PChar; begin for i := Low(Args) to High(Args) do begin SetLength(ArgArray, i+1); case Args[i].VType of vtExtended:; // not supported, should raise Exception else ArgArray[i] := Args[i].VPointer; end; end; if FormatMessage(FORMAT_MESSAGE_FROM_STRING or FORMAT_MESSAGE_ALLOCATE_BUFFER or FORMAT_MESSAGE_ARGUMENT_ARRAY, PChar(Source), 0, 0, @Buffer, 0, @ArgArray[0]) > 0 then begin Result := Buffer; // replace \n (linefeed) with #13#10 Result := StringReplace(Result, '\n', #13#10, [rfReplaceAll]); LocalFree(DWORD(Buffer)); end else begin SetLength(Result, 0); end; end; |
And here is a usage example:
1 2 3 | Memo1.Lines.Add (FormatMsg( 'Windows cannot complete the password change for %2 because:\n%1', ['the password doesn''t meet complexity requirements', 'John Doe'])); |
The Result of this is:
Windows cannot complete the password change for John Doe because:
the password doesn’t meet complexity requirements
Today I reused a unit I wrote a long time ago for TSAdminEx that shows Resource Dialogs from DLL’s or Executables. I wrote it for a couple of reasons:
- Reusing existing dialogs is conventient since the user already knows it.
- Windows takes care of translating it into the user’s language.
- I am too lazy to recreate them π
The code is hardly rocket science and could probably be improved and made more sophisticated but it works for me. I decided to share it since you may find it usefull.
Here is a small usage example that shows the Reset Password dialog from Active Directory Users & Computers. This dialog is in dsadmin.dll (on Windows Vista/7 you will find it in ds.admin.dll.mui in the language subfolder eg %systemroot%\system32\en-US but you can load it using just the dll name).
It looks like this:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 | 215 DIALOGEX 0, 0, 252, 139 STYLE DS_MODALFRAME | DS_CONTEXTHELP | WS_POPUP | WS_CAPTION | WS_SYSMENU EXSTYLE WS_EX_CONTEXTHELP CAPTION "Reset Password" LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US FONT 8, "MS Shell Dlg" { CONTROL "&New password:", -1, STATIC, SS_LEFT | WS_CHILD | WS_VISIBLE | WS_GROUP, 7, 10, 79, 10 CONTROL "", 220, EDIT, ES_LEFT | ES_PASSWORD | ES_AUTOHSCROLL | WS_CHILD | WS_VISIBLE | WS_BORDER | WS_TABSTOP, 92, 7, 153, 14 CONTROL "&Confirm password:", -1, STATIC, SS_LEFT | WS_CHILD | WS_VISIBLE | WS_GROUP, 7, 28, 79, 10 CONTROL "", 222, EDIT, ES_LEFT | ES_PASSWORD | ES_AUTOHSCROLL | WS_CHILD | WS_VISIBLE | WS_BORDER | WS_TABSTOP, 92, 25, 153, 14 CONTROL "&User must change password at next logon", 261, BUTTON, BS_AUTOCHECKBOX | BS_LEFT | BS_TOP | BS_MULTILINE | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 7, 46, 237, 10 CONTROL "The user must logoff and then logon again for the change to take effect.", -1, STATIC, SS_LEFT | WS_CHILD | WS_VISIBLE | WS_GROUP, 14, 61, 231, 8 CONTROL "", 8327, STATIC, SS_LEFT | WS_CHILD | WS_VISIBLE | WS_GROUP, 7, 76, 238, 16 CONTROL "Unlock the user's &account", 8328, BUTTON, BS_AUTOCHECKBOX | BS_LEFT | BS_TOP | BS_MULTILINE | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 14, 96, 230, 10 CONTROL "OK", 1, BUTTON, BS_DEFPUSHBUTTON | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 140, 118, 50, 14 CONTROL "Cancel", 2, BUTTON, BS_PUSHBUTTON | WS_CHILD | WS_VISIBLE | WS_TABSTOP, 195, 118, 50, 14 } |
Profile
Top Posts
- How rdp passwords are encrypted
- Enable Developer mode on VW Discover Pro with VCDS
- Switch SATA Operation Mode
- ClickOnce Applications in Enterprise Environments
- Running multiple instances of Lync (howto)
- SasLibEx 2.0 Release Announcement
- Wordpress and the Cookie Monster
- VW RNS 510 Navigation Startup Pictures
- RNS 315 Enable Developer Mode
- Patch Windows 2003 Terminal Server to allow more than 2 concurrent sessions
Recent Comments
Featured Downloads
- AClientFix (2895 downloads)
- AddPrinter2.zip (2390 downloads)
- AdProps (2294 downloads)
- AdSample1 (1735 downloads)
- AMD Radeon Crimson ReLive (2796 downloads)
- Atheros Driver (24130 downloads)
- AutoLogonXP 1.0 (1668 downloads)
- CDZA (560 downloads)
- ChDrvLetter.zip (2199 downloads)
- ChDrvLetter.zip (3377 downloads)
Blogroll
- Andrew Morgan
- Arnout’s blog
- Assa’s Blog
- Barry Schiffer
- Delphi Praxis
- Ingmar Verheij
- Jedi Api Blog
- Jedi API Library
- Jeroen Tielen
- Kees Baggerman
Categories
- .NET (3)
- Active Directory (28)
- Altiris (36)
- App-V (1)
- Apple (5)
- Application Compatibility (11)
- Automotive (5)
- AWS (1)
- BootCamp (1)
- C# (5)
- C++ (2)
- Citrix (87)
- Delphi (61)
- Embedded (4)
- Exchange (16)
- General (71)
- iPhone (5)
- Java (8)
- Linux (1)
- Lync (2)
- NetScaler (1)
- Oracle (4)
- Other (1)
- Packaging (19)
- PowerShell (56)
- Programming (79)
- Quest (1)
- RES (7)
- script (22)
- ShareFile (1)
- SQL Server (10)
- Strange Error (3)
- Terminal Server (68)
- ThinApp (3)
- ThinKiosk (1)
- Ubuntu (1)
- Unattended Installation (19)
- Uncategorized (48)
- UWP (2)
- Vista (37)
- Visual Studio (1)
- VMWare (26)
- Windows 10 (2)
- Windows 2003 (30)
- Windows 2008 (37)
- Windows 2008 R2 (16)
- Windows 2012 (2)
- Windows 7 (30)
- Windows 8 (4)
- Windows Internals (12)
- Windows XP (16)
Archives
- July 2022 (1)
- June 2022 (2)
- October 2019 (1)
- March 2018 (1)
- January 2018 (4)
- December 2017 (3)
- April 2017 (1)
- March 2017 (5)
- February 2017 (4)
- May 2016 (3)
- March 2016 (1)
- October 2015 (2)
- September 2015 (1)
- January 2015 (1)
- August 2014 (1)
- July 2014 (8)
- May 2014 (1)
- November 2013 (1)
- October 2013 (2)
- September 2013 (3)
- August 2013 (4)
- June 2013 (2)
- May 2013 (3)
- April 2013 (5)
- March 2013 (5)
- February 2013 (1)
- January 2013 (5)
- December 2012 (9)
- November 2012 (3)
- October 2012 (3)
- August 2012 (4)
- July 2012 (2)
- June 2012 (1)
- May 2012 (6)
- March 2012 (13)
- February 2012 (12)
- January 2012 (9)
- December 2011 (9)
- November 2011 (4)
- October 2011 (5)
- September 2011 (10)
- August 2011 (10)
- July 2011 (2)
- June 2011 (8)
- May 2011 (12)
- April 2011 (4)
- March 2011 (14)
- February 2011 (8)
- January 2011 (32)
- December 2010 (23)
- November 2010 (19)
- October 2010 (10)
- September 2010 (6)
- August 2010 (1)
- July 2010 (1)
- June 2010 (6)
- March 2010 (7)
- February 2010 (3)
- December 2009 (3)
- November 2009 (11)
- September 2009 (2)
- July 2009 (1)
- June 2009 (5)
- May 2009 (1)
- April 2009 (2)
- March 2009 (3)
- February 2009 (6)
- January 2009 (3)
- December 2008 (8)
- November 2008 (5)
- October 2008 (3)
- September 2008 (3)
- August 2008 (3)
- June 2008 (6)
- May 2008 (2)
- April 2008 (3)
- March 2008 (5)
- January 2008 (3)
- December 2007 (3)
- November 2007 (13)
- October 2007 (10)