Struct memory allocation question

I'm doing binary file input and I want to read 4 32-bit values in binary from a file with the read() command as elegantly as possible. Read gives me back a pointer to a char array of 16 chars (16 bytes of binary data representing the 4 32-bit values, called headerValPtr) So I have a simple struct: myStruct { int int float float } My data types in the struct are 32-bit unsigned integers and floating point vals. So I create a pointer to myStruct and allocate memory for it, call it sillyStruct. Will it work to then say sillyStruct = (myStruct*)headerValPtr? I just want to typecast the binary data into the 4 values in the struct. I don't have a good textbook handy to see how struct allocates memory. If the struct pointer simply points to a set of consecutive memory locations that hold all of the data, then I'm good. But I'm not 100% sure that is the case. If you want real code snippets I can throw something together, but this is more of a theoretical question so maybe you can live without? Thanks, --Seth

Yep, I would assume rating to simply be the average of all the values as LongHC said. As for popularity, It really depends on what you're talking popularity relative to. Is an item popular if lots of people have purchased it from you site? Or is it popular if lots of people have viewed it? Or is it just popular because you say it is and you're using it as gimmick to sell things? (Like saying "Hey, this new CD is #1 on the Billboard charts, so we'll put it on top of our list of popular new releases") The question is what data are you basing "popularity" on?

Giving it a little more thought, I'm thinking I could just yank the the logged-in user's name from the registry when said user browses to the page and check that against the relevant active directory groups. My real concern is the potential security hole that is running through my head at the moment: Is it possible that someone else could write code that impersonated an administrator if they figured out where I stashed that info in the registry? Say Bob User was a local admin on Server1 but not Server2. If I had my encrypted account stored on Server1 and Bob found it, could he write an app just like mine that he could execute from Server1, impersonating the encrypted credentials, and use it to perform local admin operations on Server2?

This CP article was quite helpful for me: http://www.codeproject.com/aspnet/AspNetMsgBox.asp

I have a web app that I'm trying to write for use on my company's intranet. The concept is this: We have a lot of servers and a lot of people that need to do certain tasks (start and stop services, kill processes, etc.) on one server or another that all require local administrator rights on a server. We don't want to give these rights to people because that results in more power than the admins want people to have. Enter my app. I've already developed the functionality to do everything these people will need to do using C#. This is the sort of thing I have experience in. What's new to me is the ASP portion of things. My logic is that I need two parts to my authentication. Step one will take a username, password, and server name, check that the user's credentials are valid on the domain, and check that the user is in the appropriate active directory group. If the user passes this test, they will be granted access to the app, which itself will be impersonating a utility account that has full administrative priveliges. I think I have the second part figured out. I have an admin account username and password encrypted in the registry, and the following in web.config to authenticate with it: I think I have this much working, as I've been able to execute all of the fun code that I wouldn't be able to without admin rights. What I'm trying to figure out is how to do the first level of authentication. Basically what I'm trying to do is authenticate a username and password to grant access to an app but make the app impersonate a different username and password. Anybody have any thoughts on this? I haven't had any formal training in this area, so my main concerns are security risks I may be overlooking. Also, any suggestions on how to implement this? Thanks.

Right. I implemented a message box that informs them that other dependent services stopped (and the names of those services), just so they know. The people who will be using this will know what services they want running, and it's simple enough for them to restart dependent services themselves if they so desire. They can handle doing that thinking on their own. Interestingly enough, I've found that (in at least some cases) when you start a service that depends on another service that is stopped, it will start that other service first. The TCP/IP Print Server will start the Print Spooler if it's stopped when you pass it the "StartService" method, for example.

Awesome. That's exactly what I needed. Now I need to decide whether my code should also start any dependent services when it starts a service or if I should leave that to the user... Maybe I'll just notify them. Thanks very much!

I'm working on an app that, among other things, stops the print spooler and clear the print queue. The "ManagementObject.InvokeMethod("StopService", null)" call works with most services, but not the print spooler. When I go into the Management Console and stop the Print Spooler manually a dialog comes up and tells me "When Print Spooler stops, these other services will also stop" (TCP/IP Print Server). I assume that my method call is running into this same thing and doesn't know what to do, so it doesn't stop the service. I know there is a way for me to pass arguments into that method call, but I'm not exactly sure how to pass the command through to say "yes" if it encounters a situation like I mentioned above. Anyone know how to do this? Thanks, Seth

I got it. This Microsoft article walks you through making your web app impersonate any user account you wish: http://support.microsoft.com/default.aspx?scid=kb%3BEN-US%3BQ306158[^] As long as the account your app impersonates has local admin rights on the server you are accessing you have full WMI power from your app. Very cool.

Yes, absolutely, this is an internal use only type deal. Thanks for the article, it sounds like my issue...but I've been running XP SP1 on this particular system since the day I brought it up from a clean format, and if I'm reading that article correctly it says I shouldn't have a problem. Also, I did try the workaround in that document, to no effect.

OK, I'm working on a web application that will allow you to start/stop a service running on a remote server via WMI. Here's the method that does it:

public class GEServices
{ 
    public void Start(string ServiceName)
    {
        Object name;
        foreach (ManagementObject localService in allServices)
        {
            name = localService.GetPropertyValue("Name");
            if (name.ToString() == ServiceName)
            {
                localService.InvokeMethod("StartService", null, null);
                break;
            }
        }
    }
}

Now this method works perfectly fine when I call it from a simple test program. Here's an example of that code: GEServices BoxSvcs = new GEServices("\\\\my-pc"); BoxSvcs.Start("Alerter"); This cause no problems, so I think this code is solid. However, when I run the exact same code from the web application that I'm using this class in, the Alerter won't start and no errors show up. The only thing that I can think of is that the web app running on localhost doesn't have the same level of permissions as a local console app run by me. When I try to pass my credentials in when making the connection, I get an error saying I can't use credentials on connections to localhost. Any ideas out there?

Ah ok. Well, I'm actually rather relieved. My friend may be in a tough situation, however at least now I can go back to not thinking her boyfriend is a sex offender in jail right now. I mean, I knew he was shady, but I didn't think he was that shady. It was too crazy of a coincidence to be true anyhow; I've just been reading too much Douglas Adams. All of that stuff about improbability drives messes with your sense of reality. ;P I suspect my friend will turn up eventually. She knows who she can call if things get out of hand. Thanks, Thespiff

Sir, this would be one of the most wild coincidences known to man, but I am from Pittsburgh, Pennsylvania. A female friend of mine recently ran off to Arizona with her boyfriend who is a very shady character. All of us have been trying to contact her for a few weeks now. We know she has no money and cannot get home. Are you still in contact with this girl? Is her first name Margaret (Margie)? I'm not playing games with you, I am quite serious. I don't see how this could possibly be the same girl, but still, I must ask.

Ian Darling wrote: At least we have three more-or-less sane parties, rather than two insane ones I wouldn't call them insane so much as inadequate. ;)

Brit wrote: Have you seen Fight Club? I'd wager that everyone who's posted in this thread has. :)

You know, my bulls*** detector goes off full blast the minute a man tries to apply to women logic that works when you're dealing with men. His line of thinking goes like this: "If I were female, I would feel subservient to men, and abortion seems like a good way to alleviate that feeling." Of course this stems from the fact that as a man he believes that women are beneath him. This may also hint at the explanation for his trio of divorces...

Fox Sports World is also good for soccer. You just have to cross your fingers and hope that they don't have that absurd Aussie Rules Football stuff on. I caught a good bit of EPL play because I get Fox Sports World on campus. I've been dying without it now that I'm home for the summer, though. Those rare MLS games that you catch on TV on the major networks are just too painful after watching EPL. I've been making up for it by playing soccer 3-4 times a week.

Well, I might as well continue answering my own questions. A bit of searching and I found this problem with WMI queries. Essentially, that report tells me that even though I ran my query looking for local users it still queries my entire domain to find them. My very large network isn't exactly standardized software-wise, so I assume the servers that this script hangs on don't have the proper hotfixes to handle my query. "EXIT FOR" is of course the equivalent to "break" that I was looking for, but I'm still curious about a condition that would break off the loop after a certain amount of inactivity. The query in my code runs server-side, so my end is indeed inactive while it queries endlessly. Another more useful tip would be one that explains how to improve my query. My problem is...essentially...solved, but not nearly to my satisfaction. Any help would still be much appreciated.

Allright, well I've made some progress here. I have a script that runs almost perfectly, but has a habit of getting stuck. Here's the essential code: Set fso = CreateObject("Scripting.FileSystemObject") Set scribe = fso.CreateTextFile("c:\LocalAdminList.txt") Set boxes = fso.OpenTextFile("c:\servers.txt",1,false) DO Set CompConn = GetObject("winmgmts:\\" & box & "\root\cimv2") Set ColUsers = CompConn.ExecQuery("SELECT * FROM Win32_GroupUser WHERE" &_ "GroupComponent='Win32_Group.Domain=\'BUILTIN\',Name=\'Administrators\'' ") FOR EACH User IN ColUsers Username = User.PartComponent scribe.writeline Username (*script gets stuck here*) NEXT LOOP WHILE(boxes.atendofstream = false) Simple enough. Yet when I run the script against a list of a few hundred servers it gets stuck somewhere between the second and third server. Specifically, it never gets out of the FOR loop after it processes the last user in the second server's collection. When I remove this server from the list the script makes it through 5 more servers and then same deal. No errors, it just sits and doesn't do anything. Does anybody have any idea why this script won't drop out of the FOR loop when it ought to? Alternatively, is there any code to make it drop out after a certain period of innactiviy?

I just recently began exploring WMI since you can't do everything with ADSI. My current project is to compile a list of domain users in my company with Local Administrator privileges on our numerous servers so that we may clean out any users who ought not have these powers. The problem is I can't seem to get the records I want from my query. Take a look at the following code: strComputer = "." Set objSWbemServices = GetObject("winmgmts:\\" & strComputer & "\root\cimv2") Set colSWbemObjectSet = objSWbemServices.ExecQuery("SELECT FullName," & _ "Domain, LocalAccount FROM Win32_UserAccount WHERE LocalAccount = false") For Each objSWbemObject In colSWbemObjectSet WScript.Echo " Domain: " & objSWbemObject.Domain & vbCrLf & _ "Full Name: " & objSWbemObject.FullName & vbCrLf Next This query returns what appears to be all of the user accounts in my domain. I assume this is because our general domain users group is a member of the local "Users" group. How can I make the query only collect domain users who are also members of the local "Administrators" group? Thanks, Seth Kelly