Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / .NET Framework / New Users / July 2006

Tip: Looking for answers? Try searching our database.

2.0 smtpclient permission mystery

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Daniel Billingsley - 13 Jun 2006 13:02 GMT
I have an application that has been sending email alerts successfully for a
few months.  Not it has stopped.

My investigation has taken me to some kind of permission issue.

Test #1 - If I use the smtpclient with the defaultCredentials=true option in
the configuration file I get a timeout when I try to perform the send
method.

Test #2 - If I explicitly give it the same credentials with which I am
logged in when I perform test #1, it works perfectly.

What could be going on?
Reply to this Message
Luke Zhang [MSFT] - 14 Jun 2006 07:46 GMT
Hello Daniel,

Is the application a windows form application or a windows service running
under other user account?

Here is a sample to use default Credential sending emails:

   SmtpClient client = new SmtpClient(server, port);
   client.Credentials = CredentialCache.DefaultNetworkCredentials;
   client.Send(message);

Is this similar with your code? If so, you may check the value of
CredentialCache.DefaultNetworkCredentials, is it correct (as your current
logon user account)?

Regards,

Luke Zhang
Microsoft Online Community Support

==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================

(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Reply to this Message
Daniel Billingsley - 14 Jun 2006 12:44 GMT
It is a windows forms application.

My code is just:

SmtpClient client = new SmtpClient();
client.Timeout = 5000;
client.Send(_message);

And in the app.config:
<mailSettings>
  <smtp deliveryMethod="Network">
     <network host="192.168.20.13" port="25" defaultCredentials="true"/>
  </smtp>
</mailSettings>

If I add
client.Credentials = new System.Net.NetworkCredential("name", "password",
"domain");

into the code then it works, even using the credentials identical to what I
used to log in.

> Hello Daniel,
>
[quoted text clipped - 23 lines]
> (This posting is provided "AS IS", with no warranties, and confers no
> rights.)
Reply to this Message
Luke Zhang [MSFT] - 15 Jun 2006 04:04 GMT
If you add the code like:

client.Credentials = CredentialCache.DefaultNetworkCredentials;

instead of

client.Credentials = new System.Net.NetworkCredential("name", "password",
"domain");

Will it fail or work? If it failed, you may check the value of
CredentialCache.DefaultNetworkCredentials, is it in correct value?

Regards,

Luke Zhang
Microsoft Online Community Support

==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================

(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Reply to this Message
Daniel Billingsley - 15 Jun 2006 12:30 GMT
Ok, this is bizarre.

When I add that code and examine with the debugger I find that the Domain,
UserName and Password properties are blank.

Here's where things get weird.  This code is actually part of an alerting
mechanism for two services running on my laptop.  Both services are set to
run under my same login credentials since they're in the beta stage.  Both
services successfully send the emails when I am not logged in, but get the
timeout error when I am.

The testing I'm doing now is in a 3rd windows forms applications.

FYI - the admin did uninstall WINS from a domain controller the day this
started failing.  I can't imagine how that could matter, but it seems like a
strange coincidence.  We even tried putting WINS back on though - no
difference.

> If you add the code like:
>
[quoted text clipped - 20 lines]
> (This posting is provided "AS IS", with no warranties, and confers no
> rights.)
Reply to this Message
Luke Zhang [MSFT] - 16 Jun 2006 04:01 GMT
Hello,

CredentialCache.DefaultNetworkCredentials needs the permission of
EnvironmentPermissionAccess.Read, Is your account an local admin, and the
Code Access Security on the server is not changed sicne the error occur? It
may also be network configuration issue, you may create a VBS file with
following code:

Set WshNetwork = CreateObject("WScript.Network")
msgbox  "Domain = " & WshNetwork.UserDomain
msgbox "Computer Name = " & WshNetwork.ComputerName
msgbox "User Name = " & WshNetwork.UserName

Can it give correct result when you running it on the server?

Regards,

Luke Zhang
Microsoft Online Community Lead

==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================

(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Reply to this Message
Daniel Billingsley - 16 Jun 2006 12:04 GMT
Well, first, there is no "server".  As I explained, the services and the
test program are all running on my laptop using my normal login credentials.

I am in fact a local administrator on the laptop.  Does the
defaultCredentials="true" app.config element require the user be an
administrator as well?  That seems like a requirement that would render this
all rather useless.

I don't believe the local admin membership or the code access security have
changed.  Remember, the service sends emails fine if I am logged off but
times out when I am logged in.

I ran that vbs script on this laptop and it returned all three piece of
information correctly.

> Hello,
>
[quoted text clipped - 24 lines]
> (This posting is provided "AS IS", with no warranties, and confers no
> rights.)
Reply to this Message
Luke Zhang [MSFT] - 19 Jun 2006 04:24 GMT
How about following code:

System.Net.CredentialCache.DefaultCredentials;

Will it also return blank or correct value?

Regards,

Luke Zhang
Microsoft Online Community Lead

==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================

(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Reply to this Message
Daniel Billingsley - 19 Jun 2006 14:11 GMT
Blank in my test windows forms application.

> How about following code:
>
[quoted text clipped - 14 lines]
> (This posting is provided "AS IS", with no warranties, and confers no
> rights.)
Reply to this Message
Luke Zhang [MSFT] - 21 Jun 2006 08:50 GMT
Thank you for update. I am performing more research on this issue and will
update you as soon as possible.

Regards,

Luke Zhang
Microsoft Online Community Lead

==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================

(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Reply to this Message
Luke Zhang [MSFT] - 22 Jun 2006 11:45 GMT
Hello Daniel,

How about following code:

string s = Thread.CurrentPrincipal.Identity.Name + " "
+WindowsIdentity.GetCurrent().Name ;

Will it give you correct result?

BTW, can you let me know your email so we can better communicate on this
issue. To get my actual email, please remove "online" from my display email.

Thanks,

Luke Zhang
Microsoft Online Community Lead

==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================

(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Reply to this Message
Daniel Billingsley - 23 Jun 2006 19:35 GMT
I sent this to your email.  If you didn't get it let me know so we can see
what happened.

Thanks for your help.

I modified your test slightly to show more distinct information since the
result wasn't as expected (I don't think).

string s = "|" + System.Threading.Thread.CurrentPrincipal.Identity.Name +
"|";

string ss = "|" +
System.Security.Principal.WindowsIdentity.GetCurrent().Name + "|";

bool a = System.Threading.Thread.CurrentPrincipal.Identity.IsAuthenticated;

The results for me are:

s = ||

ss = |LA\\dbillingsley|

a = false

ss is correct by the way

If I add

AppDomain.CurrentDomain.SetPrincipalPolicy(System.Security.Principal.PrincipalPolicy.WindowsPrincipal);

before these three lines then a=true and s=ss.

The service I have running on this laptop has been consistent for a week
now.  It runs 24 hours a day and during the day when I am logged in it times
out sending an email, but at night when I am logged out it is successful.
What would be changing from the service's perspective depending on whether
its specified log on account was actually currently also logged in or not to
the console?  That seems very bizarre.

> Hello Daniel,
>
[quoted text clipped - 21 lines]
> (This posting is provided "AS IS", with no warranties, and confers no
> rights.)
Reply to this Message
Luke Zhang [MSFT] - 26 Jun 2006 03:58 GMT
Hi Dan,



Thank you for the information. For further trouble shooting, I suggest you
may perform a network capture while running your application:



1. Download your favorite network capture utility

2. Start the network capture utility

3. Run your test program, with your defaultCredentials set to true (this
should fail)

4. Stop the network capture utility

Review the network capture utility to see if authentication is taking place
between your program and the remote SMTP server. Look for the command AUTH.



Next repeat steps 2 - 4 but change the defaultCredentials to false.  Does
this work? If it does, review and compare the two network captures to see
the differences.



Additionally, can below code:



AppDomain.CurrentDomain.SetPrincipalPolicy(System.Security.Principal.Princip
alPolicy.WindowsPrincipal)



Make the email sent if you use defaultCredentials as true?

Luke Zhang
Microsoft Online Community Lead

==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================

(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Reply to this Message
Daniel Billingsley - 06 Jul 2006 20:41 GMT
Ok, sorry for the delay.  Holidays, vacations and all that fun.  :)

Here's the results of my capture tests.

Test #1:  DefaultCredentials = true

I see the AUTH command going to the server, followed by a Response with some
kind of hash string.  There are a few exchanges of Response and Message Body
messages and then a "Response: 234 2.7.0 Authentication successful".  The
next and final message (before the timeout) is a Message Body going to the
server.

Test #2: DefaultCredentials = false
The email goes through.  There is no AUTH command in the capture.  I
understand this would be sending anonymously.

Test #3: DefaultCredentials = false, client.Credentials =
System.Net.CredentialCache.DefaultNetworkCredentials
Same results as test #1, including the timeout error.

It turns out the code I posted to call SetPrincipalPolicy() didn't work if
DefaultCredentials=true so that really had nothing to do with my test
working or not.

I was researching another problem I'm having and found it may be related to
the fact I've loaded part (workflow) of the WinFX CTP.  Could this be
related by any chance?

> Hi Dan,
>
[quoted text clipped - 36 lines]
> (This posting is provided "AS IS", with no warranties, and confers no
> rights.)
Reply to this Message
Luke Zhang [MSFT] - 07 Jul 2006 08:26 GMT
Thank you for the update. Can you let me know your actual email so we can
better coomunicate on the issue? To get my actual email, please remove
"online" from my display email.

Thanks,

Luke Zhang
Microsoft Online Community Lead

==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================

(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Reply to this Message
Luke Zhang [MSFT] - 11 Jul 2006 07:56 GMT
Hi Dan,

1. Are there any differences in the message body being sent? Try to shorten
the length of the message to see if that resolves the issue. What could be
at play here is that a character could be causing the remote SMTP server to
hang thinking that the message body has not ended. An example of this would
be the <CR><LF> characters

2. Give us the exact error message that is being returned from the remote
SMTP server. This should be available in the network capture.

3. Uninstall the WinFX CTP, does that have any affect on the issue?  As far
as I know the workflow part of the WinFX CTP does have some integration
into SMTP but I am not sure if its the culprit here

4. Check to see if the customer has a SMTP server installed locally on the
machine running the service.

Regards,

Luke Zhang
Microsoft Online Community Lead

==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================

(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Reply to this Message

 Rate this thread:







Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.