I`m working with Avaya IP Office TAPI2 service provider.
I have a question regarding how the lines available to work with are obtained.
If i run a test piece of code from my dev PC, to initiate a TapiManager object and work with the collection of TapiLine objects exposed by TapiManager.Lines
the number of lines returned is more than the number of lines which are exposed on a server running the same test windows forms app. Both machines, i.e. my dev PC and the server have the same TAPI2 provider installed and both are connecting to the same switch IP address under Third Party
dev PC returns something like 460 lines, server has 30 less at 430, and entries which are missing i`m assured by our tech guys that the extentions/lines are configured the same as ones which do appear in the available list.
Thanks
The Avaya TSP exposes two types of IP Office objects:
Users (extensions and TAPI WAV users)
Hunt Groups
The devices listed as available lines, when configured in third-party mode, is dependent on whether the TAPI WAV and ACD queues checkboxes are selected (see Control Panel|Phone and Modem Options).
I would verify that both servers have their TAPI options configured identically in the TSP settings in Phone and Modem Options, e.g. you may not have ACD Queues checked on the server.
FYI - you can also use the Ex Directory attribute (see Users in the IP Office Manager) to control which extensions are visible via TAPI but that will have the same affect on both servers.
The only other thing I think of is whether the machines were restarted after new extensions were added to the IP Office? The TSP will only download a list of lines at startup so extensions added after the TSP is loaded by Windows will not be aware of the new extensions.
If you can enable the TSP logging for the Avaya TSP and include I can review the difference between the two machines.
Related
I'm working on developing an OPC client application for a Windows 7 system which is talking to an OPC server running in Rockwell RSLinx Classic.
The RSLinx Classic package includes an OPC Test Client. The Client program produces a list of OPC Servers to which I can connect (there are a few extra servers on my machine from National Instruments, I'm not sure how they got there). I choose a server and connect. I can monitor items on the server which update in real-time. So I know that I have a working client-server connection.
Now I want to write my own client. How can I get that OPC Server list myself? My research suggests that the Rockwell and/or the National Instruments software installed a program on my computer called OpcEnum.exe in the folder C:\Windows\SysWOW64. It’s not on the PATH. The OpcEnum service shows up on the System Services registry, and it's running. If you execute OpcEnum.exe directly from its folder, it runs... but outputs nothing to the console. What does it do? It has no -h or –help command line option. Presumably, it updates a data file somewhere which enumerates the server names.
I cannot find any documentation which describes OpcEnum.exe in enough detail to understand it.
Any advice you have is appreciated, thanks!
OPCEnum is not specific to Rockwell. It is part of common OPC infrastructure, and described in OPC "Classic" specifications (https://opcfoundation.org/developer-tools/specifications-classic/data-access/ ).
There you will find that it exposes its functionality as a COM component. So, if you want to use it, you need to create an instance of a specific COM object (by its CLSID), acquire the documented interface(s), and use their methods to obtain list of COM servers on the computer, or other information about them.
OPCEnum can be installed as part of some software installation (by Rockwell), but it comes from "OPC Core Components" by OPC Foundation (https://opcfoundation.org/developer-tools/samples-and-tools-classic/core-components/ ).
The information about the servers is stored in the registry. In fact, OPC servers use mainly a standard Microsoft COM registration and their information is stored the same way as other COM components, but OPCEnum know the component category/categories of the servers, so it can filter out just the OPC Servers for you; and in OPC 1.0 the servers were not classified into component category, so OPCEnum relies on an extra registry key ("OPC") to find them.
I want to gather some information from a windows 10 machine over the internet using the thingworx platform.
Here's a scenario:
Admin logs into thingworx app
Exisiting or new computer (windows 10 ) is added (serial number computer)
Thingworx platform creates a thing based on a created template
User receives application key which will be entered on a client which is installed on the computer
Client is started based on event and sends data to thingworx platform
Communication is secured
Is there a best practice or even a client available / open source or Licence based which relieves the headache of security etc.?
Yes, alwaysOn is used mostly as web socket protocol for communication between devices & ThingWorx platform. Apart from these one case also use MQTT.
If you want to use for Demo/Academic Purpose then use Thingworx Academic Simulator. I have been using it for Testing many scenarios.
Download Link - http://apps.ptc.com/schools/software/ThingWorxAcademicSimulatorSetup.exe
We have a product which relies on a thin client installed on users machine. We make an ajax get request to a domain pointing to local host which has a real ssl. This fails in edge, works in every other browser including IE11. Note that same works if there is no ssl involved. It also works on Windows 10 Home edition.
Adding a datatype, content-type or request method does not resolve this. Only way to fix this seems to be running following command.
CheckNetIsolation LoopbackExempt -a -n="Microsoft.MicrosoftEdge_8wekyb3d8bbwe"
If this is expected behavior, can someone explain why microsoft would block this on a enterprise version but it works on home edition ?
Microsoft Edge, and Windows 10 apps in general, use AppContainer Isolation:
Isolating the application from network resources beyond those
specifically allocated, AppContainer prevents the application from
'escaping' its environment and maliciously exploiting network
resources. Granular access can be granted for Internet access,
Intranet access, and acting as a server.
Your thin-client is running on win10 enterprise edge against an intranet ssl service (localhost), so access is by default restricted by this mechanism. With the command
CheckNetIsolation LoopbackExempt -a -n="Microsoft.MicrosoftEdge_8wekyb3d8bbwe"
you are disabling network isolation on that host for the loopback network adapter (localhost) for MS Edge so your app client (and any other locally sourced app) can run on it without restriction against any localhost service.
This fails in edge, works in every other browser including IE11.
They clearly wanted to improve the default security policy of previous versions. It's never too late, MS :) There is actually an Enhanced Protected Mode (EPM) that could prevent your app from running on IE too. Chrome has its Google Chrome Sandbox that can also be tuned like this. Safari and Firefox also have sand-boxing features although I am not familiar with their particularities.
Note that same works if there is no ssl involved.
Typically, if you are using ssl is because you are dealing with sensitive data and/or a critical service. If you are not it is ok to be more lax. Again, just a matter of security policy.
It also works on Windows 10 Home edition. If this is expected behavior, can someone explain why microsoft would block this on a enterprise version but it works on home edition?
Enterprise versions of any product are known to be more restrictive since their target users are more security concerned (IT people typically don't want to expose their company's intranet payroll db service to external attackers, and things like that). Also, in this case the default behavior can be easily defined/altered by experts on the IT department (check out domain security policies) so it's better to leave the default settings to "paranoid" mode and let the experts tweak according to the company's needs.
Note there are other mechanisms at work when you are running a thin client on the browser that make this kind of protection redundant (same domain policy, XSS protection and so on). Nevertheless one can never be too safe: There are ways to work around those defenses such as Self-XSS that require isolation between the browser and the local network to avoid compromising the system. In the end, less exposed surface means less attack vectors, so isolation is good if you can afford it :)
I integrated a small http server in my software distribution, intended to allow access to my installed application from the customer's LAN.
Right now, the customer has to manually update the firewall's list of trusted applications. I want to either open a hole in the firewall at install-time, or to ensure that the firewall prompts the user to allow my web server as a trusted application, able to receive inbound traffic.
Any solution should work with the built-in Windows Firewall at minimum.
Suggestions?
I would start out by reading up on the following sections on MSDN. This should give you enough background to know what you need. In short you could be looking to talk to the INetFwMgr COM object.
XP
http://msdn.microsoft.com/en-us/library/windows/desktop/aa366453%28v=vs.85%29.aspx
Vista or later INetFwPolicy2
http://msdn.microsoft.com/en-us/library/windows/desktop/ff956124(v=vs.85).aspx
Our development team has spent countless hours setting up our individual Windows PCs to work with the corporate network. We work in a large company with tons of bureaucracy involved, which includes network access.
Youtube, Twitter, Facebook, and many programming/forums websites are blocked due to faulty filtering settings, so are many other useful sites for coding.
To get this policy fixed will take months. We are trying to use Ruby Gems, SVN, and GIT, and many other command line tools that won't work due to network restrictions.
Question: Is there a way to socksify the entire Windows environment, so we don't have to individually set the proxy for each individual app?
Our environment is Windows XP.
Thanks,
-John
San Jose, California
Most applications on Windows that use sockets, go through the standard WinInet stack. Setting a proper proxy for Internet Explorer actually sets it for the whole WinInet stack as well, so it should work for other apps as well.
Note however, that you need to explicitly open the Advanced dialog for the proxy settings in IE and uncheck the Use same proxy for all protocols checkbox to be able to enables SOCKS support. Otherwise, the proxy settings only affect couple of protocols, so you would still need to configure your tools to use http: instead of tool-specific protocols like svn:.
If one of you can share his or her net access from home and can operate a PC there as a "server", then you can set up a HTTP tunnel using SSH. See details here: http://www.buzzsurf.com/surfatwork/ or google "how to bypass firewalls at work".