0

i create an applicaton in c# now i want to make a 1 clicksetup file that includes windows installer,ms sql server 2005 and ,netframewok. Sql server should be automatically configured to sql server authentication mode with a new user name raj and password 123. Plz help me guys

2
Contributors
1
Reply
2
Views
5 Years
Discussion Span
Last Post by sknake
1

See:
Thread #1
Thread #2

And this code snippet:

/// <summary>
    /// Verifies strong password against SQL 2008 settings
    /// </summary>
    /// <param name="password"></param>
    /// <returns></returns>
    [CustomAction]
    public static ActionResult IsSql2008StrongPassword(Session session)
    {
      session[PropertyNames.Apex_SqlFieldsValid] = "0";

      //See: http://msdn.microsoft.com/en-us/library/cc281849.aspx
      #region password validation
      {
        //#1 - Done
        //Strong passwords are not readily guessed by a person, and are not easily hacked using a computer program. 
        //Strong passwords cannot use prohibited conditions or terms, including:

        //#2 - Done
        //Passwords need to be 8-128 characters
        string password = session[PropertyNames.IS_SQLSERVER_PASSWORD] ?? string.Empty;

        if (string.IsNullOrEmpty(password) || string.IsNullOrEmpty(password.Trim()))
        {
          MessageBox.Show("Password cannot be empty.", "SQL 2008", MessageBoxButtons.OK, MessageBoxIcon.Error);
          return ActionResult.Success;
        }

        password = password.Trim();

        if (password.Length < 8)
        {
          MessageBox.Show("Password must be longer than 8 characters.", "SQL 2008", MessageBoxButtons.OK, MessageBoxIcon.Error);
          return ActionResult.Success;
        }
        else if (password.Length > 128)
        {
          MessageBox.Show("Password must be shorter than 128 characters.", "SQL 2008", MessageBoxButtons.OK, MessageBoxIcon.Error);
          return ActionResult.Success;
        }

        string[] invalidWords = new string[] { 
        "Password", 
        "Admin", 
        "Administrator", 
        "sysadmin", 
        Environment.MachineName, 
        Environment.UserName, 
        Environment.UserDomainName };

        foreach (string s in invalidWords)
        {
          if (password.IndexOf(s, StringComparison.CurrentCultureIgnoreCase) >= 0)
          {
            MessageBox.Show(
              string.Format("Password cannot contain the reserved word '{0}'.", s),
              "SQL 2008",
              MessageBoxButtons.OK,
              MessageBoxIcon.Error);
            return ActionResult.Success;
          }
        }

        int score = 0;
        //Must satisfy at least 3/4:
        //1) It must contain uppercase letters.
        //2) It must contain lowercase letters.
        //3) It must contain numbers.
        //4) It must contain non-alphanumeric characters; for example, #, %, or ^.

        if (password.ToLower() != password) //has an uppercase
          score++;
        if (password.ToUpper() != password) //has a lowercase
          score++;
        foreach (char c in password) //has a number
        {
          if (char.IsNumber(c))
          {
            score++;
            break;
          }
        }
        foreach (char c in password) //has a non-alphanumeric
        {
          if (!char.IsLetterOrDigit(c))
          {
            score++;
            break;
          }
        }
        if (score < 3)
        {
          MessageBox.Show("The password must satisfy at least three conditions: " + Environment.NewLine +
            " - It must contain uppercase letters" + Environment.NewLine +
            " - It must contain lowercase letters" + Environment.NewLine +
            " - It must contain numbers" + Environment.NewLine +
            @" - It must contain non-alphanumeric characters; for example, #, %, or ^.",
            "SQL 2008",
            MessageBoxButtons.OK,
            MessageBoxIcon.Error);
          return ActionResult.Success;
        }
      }
      #endregion

      #region installdir validation
      {
        string dir = session[PropertyNames.APEX_SQL2008_INSTALLDIR];
        if (string.IsNullOrEmpty(dir) || string.IsNullOrEmpty(dir.Trim()))
        {
          MessageBox.Show(
            "You must provide an installation directory",
            "SQL 2008",
            MessageBoxButtons.OK,
            MessageBoxIcon.Error);

          const string default_dir = @"%ProgramFiles%\Microsoft SQL Server";
          session[PropertyNames.APEX_SQL2008_INSTALLDIR] = default_dir;

          return ActionResult.Success;
        }

        if (dir.EndsWith(@"\", StringComparison.Ordinal) && !dir.EndsWith(@"\\", StringComparison.Ordinal)) //You have to escape the last backslash
        {
          dir += @"\";
          session[PropertyNames.APEX_SQL2008_INSTALLDIR] = dir;
        }
      }
      #endregion

      #region security token validation
      {
        try
        {
          bool failed = false;
          StringBuilder sb = new StringBuilder();
          using (Process process = Process.GetCurrentProcess())
          {
            Privilege[] checkFor = new Privilege[] { Privilege.Backup, Privilege.Debug, Privilege.Security };
            for (int i1 = 0; i1 < checkFor.Length; i1++)
            {
              Privilege priv = checkFor[i1];
              using (new PrivilegeEnabler(process, priv))
              {
                PrivilegeState state = process.GetPrivilegeState(priv);
                sb.AppendLine(string.Format("{0}: {1}", priv.ToString(), state.ToString()));
                if (state != PrivilegeState.Enabled)
                  failed = true;
              }
            }
          }
          if (failed)
          {
            DialogResult dr = MessageBox.Show(
              "Security tokens SeBackupPrivilege, SeDebugPrivilege and SeSecurityPrivilege are required to install SQL server." + Environment.NewLine +
              "One or more tokens could not be obtained and the SQL installation will likely fail." + Environment.NewLine +Environment.NewLine +
              sb.ToString() + Environment.NewLine +
              @"Further reading: http://blogs.technet.com/b/fort_sql/archive/2009/12/17/installing-reporting-services-2008.aspx" + Environment.NewLine + Environment.NewLine +
              "Would you like to continue the installation?",
              "System Manager",
              MessageBoxButtons.YesNo,
              MessageBoxIcon.Warning);

            if (dr != DialogResult.Yes)
              return ActionResult.Success;
          }
        }
        catch (Exception ex)
        {
          MessageBox.Show("Failed to validate security tokens: " + Environment.NewLine + Environment.NewLine +
            ex.GetErrorText(), "System Manager", MessageBoxButtons.OK, MessageBoxIcon.Error);
        }
      }
      #endregion

      session[PropertyNames.Apex_SqlFieldsValid] = "1";
      return ActionResult.Success;
    }

Two additional items that cause problems not addressed in the code above (when the sql server installer is executed with 'add current user as admin'):
1) The logged on windows user name is the same as the machine name
2) The logged on windows user has a weak password by SQL standards

See strong password guidelines: http://msdn.microsoft.com/en-us/library/cc281849.aspx

Related code from above:

// <copyright file="Enums.cs" company="Nick Lowe">
// Copyright © Nick Lowe 2009
// </copyright>
// <author>Nick Lowe</author>
// <email>nick@int-r.net</email>
// <url>http://processprivileges.codeplex.com/</url>

namespace Vea.Extensions.ProcessPrivileges
{
    using System.Diagnostics.CodeAnalysis;

    /// <summary>Result from a privilege adjustment.</summary>
    public enum AdjustPrivilegeResult
    {
        /// <summary>Privilege not modified.</summary>
        None,

        /// <summary>Privilege modified.</summary>
        PrivilegeModified
    }

    /// <summary>Privilege determining the type of system operations that can be performed.</summary>
    public enum Privilege
    {
        /// <summary>Privilege to replace a process-level token.</summary>
        AssignPrimaryToken,

        /// <summary>Privilege to generate security audits.</summary>
        Audit,

        /// <summary>Privilege to backup files and directories.</summary>
        Backup,

        /// <summary>Privilege to bypass traverse checking.</summary>
        ChangeNotify,

        /// <summary>Privilege to create global objects.</summary>
        CreateGlobal,

        /// <summary>Privilege to create a pagefile.</summary>
        CreatePageFile,

        /// <summary>Privilege to create permanent shared objects.</summary>
        CreatePermanent,

        /// <summary>Privilege to create symbolic links.</summary>
        CreateSymbolicLink,

        /// <summary>Privilege to create a token object.</summary>
        CreateToken,

        /// <summary>Privilege to debug programs.</summary>
        Debug,

        /// <summary>Privilege to enable computer and user accounts to be trusted for delegation.</summary>
        EnableDelegation,

        /// <summary>Privilege to impersonate a client after authentication.</summary>
        Impersonate,

        /// <summary>Privilege to increase scheduling priority.</summary>
        IncreaseBasePriority,

        /// <summary>Privilege to adjust memory quotas for a process.</summary>
        IncreaseQuota,

        /// <summary>Privilege to increase a process working set.</summary>
        IncreaseWorkingSet,

        /// <summary>Privilege to load and unload device drivers.</summary>
        LoadDriver,

        /// <summary>Privilege to lock pages in memory.</summary>
        LockMemory,

        /// <summary>Privilege to add workstations to domain.</summary>
        MachineAccount,

        /// <summary>Privilege to manage the files on a volume.</summary>
        ManageVolume,

        /// <summary>Privilege to profile single process.</summary>
        ProfileSingleProcess,

        /// <summary>Privilege to modify an object label.</summary>
        [SuppressMessage(
            "Microsoft.Naming",
            "CA1704:IdentifiersShouldBeSpelledCorrectly",
            Justification = "Spelling is correct.",
            MessageId = "Relabel")]
        Relabel,

        /// <summary>Privilege to force shutdown from a remote system.</summary>
        RemoteShutdown,

        /// <summary>Privilege to restore files and directories.</summary>
        Restore,

        /// <summary>Privilege to manage auditing and security log.</summary>
        Security,

        /// <summary>Privilege to shut down the system.</summary>
        Shutdown,

        /// <summary>Privilege to synchronize directory service data.</summary>
        SyncAgent,

        /// <summary>Privilege to modify firmware environment values.</summary>
        SystemEnvironment,

        /// <summary>Privilege to profile system performance.</summary>
        SystemProfile,

        /// <summary>Privilege to change the system time.</summary>
        SystemTime,

        /// <summary>Privilege to take ownership of files or other objects.</summary>
        TakeOwnership,

        /// <summary>Privilege to act as part of the operating system.</summary>
        TrustedComputerBase,

        /// <summary>Privilege to change the time zone.</summary>
        TimeZone,

        /// <summary>Privilege to access Credential Manager as a trusted caller.</summary>
        TrustedCredentialManagerAccess,

        /// <summary>Privilege to remove computer from docking station.</summary>
        Undock,

        /// <summary>Privilege to read unsolicited input from a terminal device.</summary>
        UnsolicitedInput
    }

    /// <summary>State of a <see cref="Privilege"/>, derived from <see cref="PrivilegeAttributes"/>.</summary>
    public enum PrivilegeState
    {
        /// <summary>
        /// Privilege is disabled.
        /// </summary>
        Disabled,

        /// <summary>
        /// Privilege is enabled.
        /// </summary>
        Enabled,

        /// <summary>
        /// Privilege is removed.
        /// </summary>
        Removed
    }
}
// <copyright file="PrivilegeEnabler.cs" company="Nick Lowe">
// Copyright © Nick Lowe 2009
// </copyright>
// <author>Nick Lowe</author>
// <email>nick@int-r.net</email>
// <url>http://processprivileges.codeplex.com/</url>

namespace Vea.Extensions.ProcessPrivileges
{
    using System;
    using System.Collections.Generic;
    using System.ComponentModel;
    using System.Diagnostics;
    using System.Linq;
    using System.Security.Permissions;

    /// <summary>Enables privileges on a process in a safe way, ensuring that they are returned to their original state when an operation that requires a privilege completes.</summary>
    /// <example>
    ///     <code>
    /// using System;
    /// using System.Diagnostics;
    /// using ProcessPrivileges;
    /// 
    /// internal static class PrivilegeEnablerExample
    /// {
    ///     public static void Main()
    ///     {
    ///         Process process = Process.GetCurrentProcess();
    /// 
    ///         using (new PrivilegeEnabler(process, Privilege.TakeOwnership))
    ///         {
    ///             // Privilege is enabled within the using block.
    ///             Console.WriteLine(
    ///                 "{0} => {1}",
    ///                 Privilege.TakeOwnership,
    ///                 process.GetPrivilegeState(Privilege.TakeOwnership));
    ///         }
    /// 
    ///         // Privilege is disabled outside the using block.
    ///         Console.WriteLine(
    ///             "{0} => {1}",
    ///             Privilege.TakeOwnership,
    ///             process.GetPrivilegeState(Privilege.TakeOwnership));
    ///     }
    /// }
    ///     </code>
    /// </example>
    /// <remarks>
    ///     <para>When disabled, privileges are enabled until the instance of the PrivilegeEnabler class is disposed.</para>
    ///     <para>If the privilege specified is already enabled, it is not modified and will not be disabled when the instance of the PrivilegeEnabler class is disposed.</para>
    ///     <para>If desired, multiple privileges can be specified in the constructor.</para>
    ///     <para>If using multiple instances on the same process, do not dispose of them out-of-order. Making use of a using statement, the recommended method, enforces this.</para>
    ///     <para>For more information on privileges, see:</para>
    ///     <para><a href="http://msdn.microsoft.com/en-us/library/aa379306.aspx">Privileges</a></para>
    ///     <para><a href="http://msdn.microsoft.com/en-us/library/bb530716.aspx">Privilege Constants</a></para>
    /// </remarks>
    public sealed class PrivilegeEnabler : IDisposable
    {
        static readonly Dictionary<Privilege, PrivilegeEnabler> sharedPrivileges =
            new Dictionary<Privilege, PrivilegeEnabler>();

        static readonly Dictionary<Process, AccessTokenHandle> accessTokenHandles =
            new Dictionary<Process, AccessTokenHandle>();

        AccessTokenHandle accessTokenHandle;

        bool disposed;

        bool ownsHandle;

        Process process;

        /// <summary>Initializes a new instance of the PrivilegeEnabler class.</summary>
        /// <param name="accessTokenHandle">The <see cref="AccessTokenHandle"/> for a <see cref="Process"/> on which privileges should be enabled.</param>
        /// <exception cref="InvalidOperationException">Thrown when another instance exists and has not been disposed.</exception>
        /// <permission cref="SecurityAction.LinkDemand">Requires the immediate caller to have FullTrust.</permission>
        [PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]
        public PrivilegeEnabler(AccessTokenHandle accessTokenHandle)
        {
            this.accessTokenHandle = accessTokenHandle;
        }

        /// <summary>Initializes a new instance of the PrivilegeEnabler class.</summary>
        /// <param name="process">The <see cref="Process"/> on which privileges should be enabled.</param>
        /// <exception cref="InvalidOperationException">Thrown when another instance exists and has not been disposed.</exception>
        /// <permission cref="SecurityAction.LinkDemand">Requires the immediate caller to have FullTrust.</permission>
        [PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]
        public PrivilegeEnabler(Process process)
        {
            lock (accessTokenHandles)
            {
                if (accessTokenHandles.ContainsKey(process))
                {
                    this.accessTokenHandle = accessTokenHandles[process];
                }
                else
                {
                    this.accessTokenHandle =
                        process.GetAccessTokenHandle(TokenAccessRights.AdjustPrivileges | TokenAccessRights.Query);
                    accessTokenHandles.Add(process, this.accessTokenHandle);
                    this.ownsHandle = true;
                }
            }

            this.process = process;
        }

        /// <summary>Initializes a new instance of the PrivilegeEnabler class with the specified privileges to be enabled.</summary>
        /// <param name="accessTokenHandle">The <see cref="AccessTokenHandle"/> for a <see cref="Process"/> on which privileges should be enabled.</param>
        /// <param name="privileges">The privileges to be enabled.</param>
        /// <exception cref="Win32Exception">Thrown when an underlying Win32 function call does not succeed.</exception>
        /// <permission cref="SecurityAction.LinkDemand">Requires the immediate caller to have FullTrust.</permission>
        [PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]
        public PrivilegeEnabler(AccessTokenHandle accessTokenHandle, params Privilege[] privileges)
            : this(accessTokenHandle)
        {
            foreach (Privilege privilege in privileges)
            {
                this.EnablePrivilege(privilege);
            }
        }

        /// <summary>Initializes a new instance of the PrivilegeEnabler class with the specified privileges to be enabled.</summary>
        /// <param name="process">The <see cref="Process"/> on which privileges should be enabled.</param>
        /// <param name="privileges">The privileges to be enabled.</param>
        /// <exception cref="Win32Exception">Thrown when an underlying Win32 function call does not succeed.</exception>
        /// <permission cref="SecurityAction.LinkDemand">Requires the immediate caller to have FullTrust.</permission>
        [PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]
        public PrivilegeEnabler(Process process, params Privilege[] privileges)
            : this(process)
        {
            foreach (Privilege privilege in privileges)
            {
                this.EnablePrivilege(privilege);
            }
        }

        /// <summary>Finalizes an instance of the PrivilegeEnabler class.</summary>
        ~PrivilegeEnabler()
        {
            this.InternalDispose();
        }

        /// <summary>Disposes of an instance of the PrivilegeEnabler class.</summary>
        /// <exception cref="Win32Exception">Thrown when an underlying Win32 function call does not succeed.</exception>
        /// <permission cref="SecurityAction.Demand">Requires the call stack to have FullTrust.</permission>
        [PermissionSetAttribute(SecurityAction.Demand, Name = "FullTrust")]
        public void Dispose()
        {
            this.InternalDispose();
            GC.SuppressFinalize(this);
        }

        /// <summary>Enables the specified <see cref="Privilege"/>.</summary>
        /// <param name="privilege">The <see cref="Privilege"/> to be enabled.</param>
        /// <returns>
        ///     <para>Result from the privilege adjustment.</para>
        ///     <para>If the <see cref="Privilege"/> is already enabled, <see cref="AdjustPrivilegeResult.None"/> is returned.</para>
        ///     <para>If the <see cref="Privilege"/> is owned by another instance of the PrivilegeEnabler class, <see cref="AdjustPrivilegeResult.None"/> is returned.</para>
        ///     <para>If a <see cref="Privilege"/> is removed from a process, it cannot be enabled.</para>
        /// </returns>
        /// <remarks>
        ///     <para>When disabled, privileges are enabled until the instance of the PrivilegeEnabler class is disposed.</para>
        ///     <para>If the privilege specified is already enabled, it is not modified and will not be disabled when the instance of the PrivilegeEnabler class is disposed.</para>
        /// </remarks>
        /// <exception cref="Win32Exception">Thrown when an underlying Win32 function call does not succeed.</exception>
        /// <permission cref="SecurityAction.LinkDemand">Requires the immediate caller to have FullTrust.</permission>
        [PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]
        public AdjustPrivilegeResult EnablePrivilege(Privilege privilege)
        {
            lock (sharedPrivileges)
            {
                if (!sharedPrivileges.ContainsKey(privilege) &&
                    this.accessTokenHandle.GetPrivilegeState(privilege) == PrivilegeState.Disabled &&
                    this.accessTokenHandle.EnablePrivilege(privilege) == AdjustPrivilegeResult.PrivilegeModified)
                {
                    sharedPrivileges.Add(privilege, this);
                    return AdjustPrivilegeResult.PrivilegeModified;
                }

                return AdjustPrivilegeResult.None;
            }
        }

        [PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]
        void InternalDispose()
        {
            if (!this.disposed)
            {
                lock (sharedPrivileges)
                {
                    Privilege[] privileges = sharedPrivileges
                        .Where(keyValuePair => keyValuePair.Value == this)
                        .Select(keyValuePair => keyValuePair.Key)
                        .ToArray();

                    foreach (Privilege privilege in privileges)
                    {
                        this.accessTokenHandle.DisablePrivilege(privilege);
                        sharedPrivileges.Remove(privilege);
                    }

                    if (this.ownsHandle)
                    {
                        this.accessTokenHandle.Dispose();
                        lock (this.accessTokenHandle)
                        {
                            accessTokenHandles.Remove(this.process);
                        }
                    }

                    this.accessTokenHandle = null;
                    this.ownsHandle = false;
                    this.process = null;

                    this.disposed = true;
                }
            }
        }
    }
}
Votes + Comments
Top!
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.