Recently I experienced a bit of confusion over the users you can run a TopShelf service as, in particular, one which started a WCF endpoint.
I would get an error, with a nice stack trace, but research on the Internet didn’t yield me an answer. - Once I had a solution, I thought I would share, so others don’t have to spend as long as I did try to resolve the issue.
So, the error I got was this:
System.ServiceModel.AddressAccessDeniedException: HTTP could not register URL http://+:8082/MyWCFService/. Your process does not have access rights to this namespace (see http://go.microsoft.com/fwlink/?LinkId=70353 for details). ---> System.Net.HttpListenerException: Access is denied
With a pretty long stack trace after!
Now, this does look like a useful error, with a link to a Microsoft post (
http://go.microsoft.com/fwlink/?LinkId=70353). Brilliant I thought until I found clicking the link resulted in this…
This was far from helpful
The first thing that confused me was the URL, which changed from “http://localhost:8082/MyWCFService” changed to “http://+:8082/MyWCFService/”. When looking at URLs, it would seem that the “+” symbol means “Generic host”, therefore it could be anything, as long as it is on this PC. The config could state “http://127.0.0.1:8082/MyWCFService/” whereby localhost and 127.0.0.1 are the same. The log file only shows the 1 value, a “+”.
A little scout around and I was able to understand that the user I was running my service under didn’t have sufficient permissions, and I should run as a more elevated “Administrator” user, sure enough, setting my windows service to run as the system admin did the trick, though, TopShelf doesn’t offer this as a default install address, you can just have:
I eventually decided to work my way through the users to find out which one had sufficient permission to start the service, and it turns out “LocalSystem” does. – Which at the time, I thought was least likely to work!
Sure enough, I could change my TopShelf setup to be:
sc.ConstructUsing(() => new MyWCFService());
sc.WhenStarted(cs => cs.OnStart());
sc.WhenStopped(cs => cs.OnStop());
And this worked like a charm!
This got me thinking about the 3 “RunAs” I had to choose between, and what purpose I would use each of them for, so lifted from a TechNet post (http://technet.microsoft.com/en-us/library/cc782435(v=ws.10).aspx).
The Local Service account is a special, built-in account that is similar to an authenticated user account. The Local Service account has the same level of access to resources and objects as members of the Users group. This limited access helps safeguard your system if individual services or processes are compromised. Services that run as the Local Service account access network resources as a null session with no credentials.
The Network Service account is a special, built-in account that is similar to an authenticated user account. The Network Service account has the same level of access to resources and objects as members of the Users group. This limited access helps safeguard your system if individual services or processes are compromised. Services that run as the Network Service account access network resources using the credentials of the computer account.
The Local System account is a powerful account that has full access to the system, including the directory service on domain controllers. If a service logs on to the Local System account on a domain controller, that service has access to the entire domain. Some services are configured by default to log on to the Local System account. Do not change the default service setting.
I hope that this post will help other to overcome the user problem I encountered faster than I did!
9 months ago I had never heard of, let alone use GIT for source code repository.
My main exposure to SCM systems was through Microsoft SourceSafe 6 at work and SubVersion at Uni.
Then the company I work for decided that SourceSafe was dated, and something new was needed. Introducing GIT.
Having various issues myself with SourceSafe, I welcomed the brave new world, though it would be a learning curve.
Now, having seen and used GIT for quite a few months using GIT extensions for Windows, I’ve found that this does everything I would have wanted source control to do.
With multiple release branches, and also multiple work in-progress branches in use, managing and merging my work between has turned out to be a doddle.
At first, the concept that I had my own local copy of a repository on my machine which I needed to keep in sync with a shared repository seemed a little odd, and often lead to some pretty nasty merge issues. Once I got the hang of using branches, and getting my pulls, commits and pushes in the right order, I truly was cooking on gas.
So, with thousands of changed lines of source code, and over 600 commits, I am happy to say that moving to GIT from SourceSafe 6 was a really good move!
Recently, I found a really nice feature using GIT and GIT extensions, the ability to retrieve a previously deleted branch, very helpful when stupid codist (that’s me!) Thought the branch was a dead stub branch, rather than something to merge in. Thankfully (with the advice of a co-worker) I was able to get back hours, if not days of work.
To round off, if you’re looking to change your source control, then it will be worth checking out GIT (http://git-scm.com/). Also, for a free (on something open source) repository hosting, GitHub is also worth a look (http://github.com).