Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

running aspnet_setreg.exe on a windows 2008 server

Tags:

asp.net

iis

windows-server-2008

I have a site that uses aspnet_setreg.exe to encrypt the username and password of the identity user into the registry. It has always worked fine but when I run it on a Windows 2008 i get this:

C:\aspnet_setreg>aspnet_setreg.exe -k:SOFTWARE\MYCODE\identity -u:"domain\user" -p:"password"

Please edit your configuration to contain the following:

userName="registry:HKLM\SOFTWARE\MYCODE\identity\ASPNET_SETREG,userName" password="registry:HKLM\SOFTWARE\MYCODE\identity\ASPNET_SETREG,password"

The DACL on the registry key grants Full Control to System, Administrators, and Creator Owner.

If you have encrypted credentials for the configuration section, or a connection string for the configuration section, ensure that the process identity has Read access to the registry key. Furthermore, if you have configured IIS to access content on a

UNC share, the account used to access the share will need Read access to the registry key. Regedt32.exe may be used to view/modify registry key permissions.

You may rename the registry subkey and registry value in order to prevent discovery.

Does anyone else use this and have you seen it work on 2008.

Thanks

like image 634
Larry Hipp Avatar asked May 06 '09 16:05

Larry Hipp

2 Answers

Potential issue with aspnet_setreg.exe is that it's a 32 bit process, and will write to the Wow6432Node rather than the places indicated above. If you are running a 64 bit app pool, you will need to copy the reg key to the "real" x64 location.

like image 97
Christopher G. Lewis Avatar answered Nov 15 '22 14:11

Christopher G. Lewis

1) The aspnet_setreg application was putting the registry entry into HKLM\Software\Wow6432Node\rest of path.

As mentioned above, this is the behavior for a 32bit app modifying a 64 bit registry entry.

2) To move the key to the right location, I exported the key to a .reg file and then edited the file and got rid of the Wow6432Node directory in the file.

3) Alternatively, you could just use the Wow6432Node path:

For example:

userName="registry:HKLM\Software\Wow6432Node\MYCODE\identity\ASPNET_SETREG,userName"

password="registry:HKLM\Software\Wow6432Node\MYCODE\identity\ASPNET_SETREG,password"

4) Also, note that you must have admin privileges to run this. On Windows 7, I ran it from command line with using the "run as administrator", and aspnet_setreg stored it in HKEY_USERS[USER SID]\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node.

5) Finally, remember to set the permissions to the registry entry so that your application can read from the registry key.

References: http://support.microsoft.com/kb/329290

like image 2
WWC Avatar answered Nov 15 '22 14:11

WWC
Sign in to Comment

Related questions

Canceling Event (onchange) or retrieving the old value in Blazor
Can we split big ajax calls into multiple smaller calls to load data faster?
JWT Bearer Token not working with ASP.Net Core 3.1 + Identity Server 4
I get a cross-origin error when making a HTTP requests
How to Identify Postback event in Page_Load
Is there an ASP.NET pagination control (Not MVC)?
Should I create a JQuery server control for ASP.net to best use it in my apps?
Can I setup an IIS MIME type in .NET?
asp.net remove unused httpmodules
Trouble encoding a u umlaut with in a .Net http handler
I want a Master UserControl (a Master page, but for UserControls)
ViewState object lost in Master Page Load
How do I create an instance of a class in an ASP.NET application
Validate all ASPX, ASCX and HTML files when building
using asp.net mvc for REST based endpoint
"User Preferences" Database Table Design
Running ASP.NET without viewstate turned on
Add Gridview Row AFTER Header
Bulletproof Sessions for IIS Web Farm
Caching best practices

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!