The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,839 other subscribers

Archive for the ‘Software Development’ Category

« Previous Entries
Next Entries »

Life Beyond Distributed Transactions – ACM Queue

Posted by jpluimers on 2018/01/31

This article focuses on how an application developer can build a successful scalable enterprise application when he or she has only a local database or transaction system available. Availability is not addressed, merely scale and correctness.

I’m re-reading [WayBackLife Beyond Distributed Transactions – ACM Queue as it such a great article.

Via: [WayBack] Pat Helland on scaling: If you are not willing to pay the cost of distributed transactions, what options do you have and what are the costs associated with this choice – Kristian Köhntopp – Google+

Executive Summary: embrace uncertainty. It can’t be avoided.

–jeroen

Posted in Design Patterns, Development, Software Development | Leave a Comment »

As Delphi generics are not supported for free functions, wrap them in a record container.

Posted by jpluimers on 2018/01/31

Of the things not possible with generics in Delphi, I already wrote about Impossible: Property using Generics in Delphi.

Now it’s time to write about simulating a free function with generics as this is impossible:

function CreateManaged<T>(const value: T): IManaged<T>;

Usually I create a static record method for these, as records do not have VMT overhead, less RTTI overhead and I’ve been used to see records as helpers for other types long before helpers initially were introduced in Delphi 8 to extend classes..

Spring4D has an excellent example of such a record workaround in the Managed.New<T> commit:

type
  Managed = record
  public
    class function New<T>(const value: T): IManaged<T>; static;
  end;

...

class function Managed.New<T>(const value: T): IManaged<T>;
begin
  Result := TManaged<T>.Create(value);
end;

It basically is a factory for classes implementing the IManaged interface.

In the mean time, Managed has been renamed to Shared but the above code shows my point.

–jeroen

Reference: [WayBackClass Helpers documented in Delphi 2007, introduced in Delphi 8

Posted in Conference Topics, Conferences, Delphi, Development, Event, Software Development | 5 Comments »

Delphi 2009 syntax; not official, but a great start and complement to DelphiAST

Posted by jpluimers on 2018/01/30

A while ago, I found out that [WayBackToon Krijthe made a [Archive.isDelphi 2009 syntax sample which is a great complement to the DelphiAST parser given that Borland/CodeGear/Embarcadero/Idera never published one in the 22+years that Delphi is alive.

–jeroen

Posted in Delphi, Delphi 2009, Development, Software Development | 6 Comments »

Location, location

Posted by jpluimers on 2018/01/26

This is why I try to avoid doing web-development: [WayBack] Location, location: location = location … and a 534 other ways to reload the page with JavaScript.

Via [WayBack] location = location … and a 534 other ways to reload the page with JavaScript – ThisIsWhyICode – Google+

–jeroen

Posted in Development, JavaScript/ECMAScript, Scripting, Software Development, Web Development | Leave a Comment »

mikrotik CRUD examples for all APIs · danikf/tik4net Wiki

Posted by jpluimers on 2018/01/25

tik4net – Connect from .NET C# application to mikrotik router via ADO.NET like API or enjoy O/R mapper like highlevel api.

Source: CRUD examples for all APIs · danikf/tik4net Wiki

[Archive.isC# API – tik4net on GitHub – Page 2 – MikroTik RouterOS

–jeroen

 

 

Posted in .NET, C#, Development, MikroTik, RouterOS, routers, Scripting, Software Development | Leave a Comment »

HTTP Protocol Related Improvements in Delphi 10.2.2

Posted by jpluimers on 2018/01/25

After years of (peer) pressure, Embarcadero finally did some client-side [WayBack] HTTP Protocol Related Improvements in Delphi 10.2.2.

The fixes add some features to THTTPClient that have been available in Indy since version 9 (which however requires 1.0.2 OpenSSL binaries support the required functionality):

We have added a new enumeration, THTTPSecureProtocol with the values (SSL2, SSL3, TLS1, TLS11, TLS12). THPPTClient and related classes have now a SecureProtocols property which is a set based on that enumeration.

References:

–jeroen

Posted in Delphi, Development, Software Development | 2 Comments »

git repository by David Heffernan – sets environment variable DelphiProjectCompileMode to the build type

Posted by jpluimers on 2018/01/25

Interesting repository https://github.com/davidheff/DelphiProjectCompileMode in a response to

[WayBack] I’m trying to use Pre-/Post-Build-Events (Delphi 10.1 Berlin, if that matters). Is there a variable, parameter, option etc to distinguish between a “make” and a “build”… – Achim Kalwa – Google+

This requires an expert as Delphi doesn’t do it out of the box, so I was glad this expert solves that: davidheff/DelphiProjectCompileMode: Delphi IDE add in that sets an environment variable to indicate which compile mode (make, build, etc.) was used to start a compile action

It sets the DelphiProjectCompileMode variable to a value depending on the TOTACompileMode:

cmOTAMake -> Make
cmOTABuild -> Build
cmOTACheck -> Check
cmOTAMakeUnit -> MakeUnit
otherwise -> Unrecognised

–jeroen

Posted in Delphi, Development, Software Development | Leave a Comment »

How to terminate sqlcmd immediately after execution completed? – Stack Overflow

Posted by jpluimers on 2018/01/24

The subtle difference between -q and -Q: the latter will exit after executing the command (regardless of the SQL server version; I think this was introduced in SQL Server 2005 or 2000).

Inside the command, you can use single ' quotes for strings.

C:\Users\jeroenp>sqlcmd /?
Microsoft (R) SQL Server Command Line Tool
Version 10.50.2500.0 NT x64
Copyright (c) Microsoft Corporation.  All rights reserved.

usage: Sqlcmd            [-U login id]          [-P password]
  [-S server]            [-H hostname]          [-E trusted connection]
  [-N Encrypt Connection][-C Trust Server Certificate]
  [-d use database name] [-l login timeout]     [-t query timeout]
  [-h headers]           [-s colseparator]      [-w screen width]
  [-a packetsize]        [-e echo input]        [-I Enable Quoted Identifiers]
  [-c cmdend]            [-L[c] list servers[clean output]]
  [-q "cmdline query"]   [-Q "cmdline query" and exit]
  [-m errorlevel]        [-V severitylevel]     [-W remove trailing spaces]
  [-u unicode output]    [-r[0|1] msgs to stderr]
  [-i inputfile]         [-o outputfile]        [-z new password]
  [-f  | i:[,o:]] [-Z new password and exit]
  [-k[1|2] remove[replace] control characters]
  [-y variable length type display width]
  [-Y fixed length type display width]
  [-p[1] print statistics[colon format]]
  [-R use client regional setting]
  [-b On error batch abort]
  [-v var = "value"...]  [-A dedicated admin connection]
  [-X[1] disable commands, startup script, enviroment variables [and exit]]
  [-x disable variable substitution]
  [-? show syntax summary]

–jeroen

via: [WayBackc# – How to terminate sqlcmd immediately after execution completed? – Stack Overflow

Posted in Database Development, Development, Software Development, SQL, SQL Server, SQL Server 2005, SQL Server 2008, SQL Server 2008 R2, SQL Server 2012, SQL Server 2014 | 1 Comment »

How to do a Debug, Release or both builds with MSBuild – code.dblock.org | tech blog

Posted by jpluimers on 2018/01/24

For my link archive:

In addition I need to put some time in checking out the differences between Clean + Build and Rebuild:

–jeroen

Posted in Continuous Integration, Development, msbuild, Software Development | Leave a Comment »

[MS-DTYP]: Well-Known SID Structures via The mother lode of well-known SIDs – The Old New Thing

Posted by jpluimers on 2018/01/23

Via[WayBackThe mother lode of well-known SIDs – The Old New Thing this great source of information [WayBack[MS-DTYP]: Well-Known SID Structures from which I got the table below.

Later on, I found many more links with this information, for instance:

2.4.2.4 Well-Known SID Structures

Well-known SID structures are a group of SIDs that identify generic users or generic groups. Their values remain constant across all operating systems.

The <root-domain> identifier represents the three sub-authority values associated with the root domain, which is the first domain that is created in an Active Directory forest infrastructure. The <domain> identifier represents the three sub-authority values associated with any domain, and the <machine> identifier represents the three sub-authority values associated with a specific machine. Root domain–based groups like the Enterprise and Schema administrators have forestwide permissions.

For example, given a SID defined in the table below as S-1-5-21-<domain>-513, and the actual instance of the domain having the three sub authority values of 1, 2, and 3:

S-1: Indicates a revision or version 1 SID.

5: SECURITY_NT_AUTHORITY, indicates it’s a Windows specific SID.

21: SECURITY_NT_NON_UNIQUE, indicates a domain id will follow.

1-2-3: The next three SubAuthority arrays contain 32-bit random numbers to uniquely identify the domain.

RID: Indicates a unique object ID within the domain.

The actual constructed SID would be S-1-5-21-1-2-3-513.

The following table lists well-known SID structure values and their matching descriptions.

Constant/value Description
NULL

S-1-0-0

 No Security principal.
EVERYONE

S-1-1-0

 A group that includes all users.
LOCAL

S-1-2-0

 A group that includes all users who have logged on locally.
CONSOLE_LOGON

S-1-2-1

 A group that includes users who are logged on to the physical console. This SID can be used to implement security policies that grant different rights based on whether a user has been granted physical access to the console.<5>
CREATOR_OWNER

S-1-3-0

 A placeholder in an inheritable access control entry (ACE). When the ACE is inherited, the system replaces this SID with the SID for the object’s creator.
CREATOR_GROUP

S-1-3-1

 A placeholder in an inheritable ACE. When the ACE is inherited, the system replaces this SID with the SID for the primary group of the object’s creator.
OWNER_SERVER

S-1-3-2

 A placeholder in an inheritable ACE. When the ACE is inherited, the system replaces this SID with the SID for the object’s owner server.<6>
GROUP_SERVER

S-1-3-3

 A placeholder in an inheritable ACE. When the ACE is inherited, the system replaces this SID with the SID for the object’s group server.<7>
OWNER_RIGHTS

S-1-3-4

 A group that represents the current owner of the object. When an ACE that carries this SID is applied to an object, the system ignores the implicit READ_CONTROL and WRITE_DAC permissions for the object owner.
NT_AUTHORITY

S-1-5

 A SID containing only the SECURITY_NT_AUTHORITY identifier authority.
DIALUP

S-1-5-1

 A group that includes all users who have logged on through a dial-up connection.
NETWORK

S-1-5-2

 A group that includes all users who have logged on through a network connection.
BATCH

S-1-5-3

 A group that includes all users who have logged on through a batch queue facility.
INTERACTIVE

S-1-5-4

 A group that includes all users who have logged on interactively.
LOGON_ID

S-1-5-5-x-y

 A logon session. The X and Y values for these SIDs are different for each logon session and are recycled when the operating system is restarted.
SERVICE

S-1-5-6

 A group that includes all security principals that have logged on as a service.
ANONYMOUS

S-1-5-7

 A group that represents an anonymous logon.
PROXY

S-1-5-8

 Identifies a SECURITY_NT_AUTHORITY Proxy.<8>
ENTERPRISE_DOMAIN_CONTROLLERS

S-1-5-9

 A group that includes all domain controllers in a forest that uses an Active Directory directory service.
PRINCIPAL_SELF

S-1-5-10

 A placeholder in an inheritable ACE on an account object or group object in Active Directory. When the ACE is inherited, the system replaces this SID with the SID for the security principal that holds the account.
AUTHENTICATED_USERS

S-1-5-11

 A group that includes all users whose identities were authenticated when they logged on.
RESTRICTED_CODE

S-1-5-12

 This SID is used to control access by untrusted code. ACL validation against tokens with RC consists of two checks, one against the token’s normal list of SIDs and one against a second list (typically containing RC – the “RESTRICTED_CODE” token – and a subset of the original token SIDs). Access is granted only if a token passes both tests. Any ACL that specifies RC must also specify WD – the “EVERYONE” token. When RC is paired with WD in an ACL, a superset of “EVERYONE”, including untrusted code, is described.
TERMINAL_SERVER_USER

S-1-5-13

 A group that includes all users who have logged on to a Terminal Services server.
REMOTE_INTERACTIVE_LOGON

S-1-5-14

 A group that includes all users who have logged on through a terminal services logon.
THIS_ORGANIZATION

S-1-5-15

 A group that includes all users from the same organization. If this SID is present, the OTHER_ORGANIZATION SID MUST NOT be present.<9>
IUSR

S-1-5-17

 An account that is used by the default Internet Information Services (IIS) user.
LOCAL_SYSTEM

S-1-5-18

 An account that is used by the operating system.
LOCAL_SERVICE

S-1-5-19

 A local service account.
NETWORK_SERVICE

S-1-5-20

 A network service account.
ENTERPRISE_READONLY_DOMAIN_CONTROLLERS

S-1-5-21-<root domain>-498

 A universal group containing all read-only domain controllers in a forest.
COMPOUNDED_AUTHENTICATION

S-1-5-21-0-0-0-496

 Device identity is included in the Kerberos service ticket. If a forest boundary was crossed, then claims transformation occurred.<10>
CLAIMS_VALID

S-1-5-21-0-0-0-497

 Claims were queried for in the account’s domain, and if a forest boundary was crossed, then claims transformation occurred.<11>
ADMINISTRATOR

S-1-5-21-<machine>-500

 A user account for the system administrator. By default, it is the only user account that is given full control over the system.
GUEST

S-1-5-21-<machine>-501

 A user account for people who do not have individual accounts. This user account does not require a password. By default, the Guest account is disabled.
DOMAIN_ADMINS

S-1-5-21-<domain>-512

 A global group whose members are authorized to administer the domain. By default, the DOMAIN_ADMINS group is a member of the Administrators group on all computers that have joined a domain, including the domain controllers. DOMAIN_ADMINS is the default owner of any object that is created by any member of the group.
DOMAIN_USERS

S-1-5-21-<domain>-513

 A global group that includes all user accounts in a domain.
DOMAIN_GUESTS

S-1-5-21-<domain>-514

 A global group that has only one member, which is the built-in Guest account of the domain.
DOMAIN_COMPUTERS

S-1-5-21-<domain>-515

 A global group that includes all clients and servers that have joined the domain.
DOMAIN_DOMAIN_CONTROLLERS

S-1-5-21-<domain>-516

 A global group that includes all domain controllers in the domain.
CERT_PUBLISHERS

S-1-5-21-<domain>-517

 A global group that includes all computers that are running an enterprise certification authority. Cert Publishers are authorized to publish certificates for User objects in Active Directory.
SCHEMA_ADMINISTRATORS

S-1-5-21-<root-domain>-518

 A universal group in a native-mode domain, or a global group in a mixed-mode domain. The group is authorized to make schema changes in Active Directory.
ENTERPRISE_ADMINS

S-1-5-21-<root-domain>-519

 A universal group in a native-mode domain, or a global group in a mixed-mode domain. The group is authorized to make forestwide changes in Active Directory, such as adding child domains.
GROUP_POLICY_CREATOR_OWNERS

S-1-5-21-<domain>-520

 A global group that is authorized to create new Group Policy Objects in Active Directory.
READONLY_DOMAIN_CONTROLLERS

S-1-5-21-<domain>-521

 A global group that includes all read-only domain controllers.
CLONEABLE_CONTROLLERS

S-1-5-21-<domain>-522

 A global group that includes all domain controllers in the domain that can be cloned.
PROTECTED_USERS

S-1-5-21-<domain>-525

 A global group that are afforded additional protections against authentication security threats. <12> For more information, see [MS-APDS] and [MS-KILE].
RAS_SERVERS

S-1-5-21-<domain>-553

 A domain local group for Remote Access Services (RAS) servers. Servers in this group have Read Account Restrictions and Read Logon Information access to User objects in the Active Directory domain local group.
BUILTIN_ADMINISTRATORS

S-1-5-32-544

 A built-in group. After the initial installation of the operating system, the only member of the group is the Administrator account. When a computer joins a domain, the Domain Administrators group is added to the Administrators group. When a server becomes a domain controller, the Enterprise Administrators group also is added to the Administrators group.
BUILTIN_USERS

S-1-5-32-545

 A built-in group. After the initial installation of the operating system, the only member is the Authenticated Users group. When a computer joins a domain, the Domain Users group is added to the Users group on the computer.
BUILTIN_GUESTS

S-1-5-32-546

 A built-in group. The Guests group allows users to log on with limited privileges to a computer’s built-in Guest account.
POWER_USERS

S-1-5-32-547

 A built-in group. Power users can perform the following actions:

  • Create local users and groups.
  • Modify and delete accounts that they have created.
  • Remove users from the Power Users, Users, and Guests groups.
  • Install programs.
  • Create, manage, and delete local printers.
  • Create and delete file shares.
ACCOUNT_OPERATORS

S-1-5-32-548

 A built-in group that exists only on domain controllers. Account Operators have permission to create, modify, and delete accounts for users, groups, and computers in all containers and organizational units of Active Directory except the Built-in container and the Domain Controllers OU. Account Operators do not have permission to modify the Administrators and Domain Administrators groups, nor do they have permission to modify the accounts for members of those groups.
SERVER_OPERATORS

S-1-5-32-549

 A built-in group that exists only on domain controllers. Server Operators can perform the following actions:

  • Log on to a server interactively.
  • Create and delete network shares.
  • Start and stop services.
  • Back up and restore files.
  • Format the hard disk of a computer.
  • Shut down the computer.
PRINTER_OPERATORS

S-1-5-32-550

 A built-in group that exists only on domain controllers. Print Operators can manage printers and document queues.
BACKUP_OPERATORS

S-1-5-32-551

 A built-in group. Backup Operators can back up and restore all files on a computer, regardless of the permissions that protect those files.
REPLICATOR

S-1-5-32-552

 A built-in group that is used by the File Replication Service (FRS) on domain controllers.
ALIAS_PREW2KCOMPACC

S-1-5-32-554

 A backward compatibility group that allows read access on all users and groups in the domain.<13>
REMOTE_DESKTOP

S-1-5-32-555

 An alias. Members of this group are granted the right to log on remotely.<14>
NETWORK_CONFIGURATION_OPS

S-1-5-32-556

 An alias. Members of this group can have some administrative privileges to manage configuration of networking features.<15>
INCOMING_FOREST_TRUST_BUILDERS

S-1-5-32-557

 An alias. Members of this group can create incoming, one-way trusts to this forest.<16>
PERFMON_USERS

S-1-5-32-558

 An alias. Members of this group have remote access to monitor this computer.<17>
PERFLOG_USERS

S-1-5-32-559

 An alias. Members of this group have remote access to schedule the logging of performance counters on this computer.<18>
WINDOWS_AUTHORIZATION_ACCESS_GROUP

S-1-5-32-560

 An alias. Members of this group have access to the computed tokenGroupsGlobalAndUniversal attribute on User objects.<19>
TERMINAL_SERVER_LICENSE_SERVERS

S-1-5-32-561

 An alias. A group for Terminal Server License Servers.<20>
DISTRIBUTED_COM_USERS

S-1-5-32-562

 An alias. A group for COM to provide computer-wide access controls that govern access to all call, activation, or launch requests on the computer.<21>
IIS_IUSRS

S-1-5-32-568

 A built-in group account for IIS users.
CRYPTOGRAPHIC_OPERATORS

S-1-5-32-569

 A built-in group account for cryptographic operators.<22>
EVENT_LOG_READERS

S-1-5-32-573

 A built-in local group.  Members of this group can read event logs from the local machine.<23>
CERTIFICATE_SERVICE_DCOM_ACCESS

S-1-5-32-574

 A built-in local group. Members of this group are allowed to connect to Certification Authorities in the enterprise.<24>
RDS_REMOTE_ACCESS_SERVERS

S-1-5-32-575

 A group that allows members use of Remote Application Services resources.
RDS_ENDPOINT_SERVERS

S-1-5-32-576

 A group that enables member servers to run virtual machines and host sessions.
RDS_MANAGEMENT_SERVERS

S-1-5-32-577

 A group that allows members to access WMI resources over management protocols (such as WS-Management via the Windows Remote Management service).
HYPER_V_ADMINS

S-1-5-32-578

 A group that gives members access to all administrative features of Hyper-V.
ACCESS_CONTROL_ASSISTANCE_OPS

S-1-5-32-579

 A local group that allows members to remotely query authorization attributes and permissions for resources on the local computer.
REMOTE_MANAGEMENT_USERS

S-1-5-32-580

 Members of this group can access Windows Management Instrumentation (WMI) resources over management protocols (such as WS-Management [DMTF-DSP0226]). This applies only to WMI namespaces that grant access to the user.
WRITE_RESTRICTED_CODE

S-1-5-33

 A SID that allows objects to have an ACL that lets any service process with a write-restricted token to write to the object.
NTLM_AUTHENTICATION

S-1-5-64-10

 A SID that is used when the NTLM authentication package authenticated the client.
SCHANNEL_AUTHENTICATION

S-1-5-64-14

 A SID that is used when the SChannel authentication package authenticated the client.
DIGEST_AUTHENTICATION

S-1-5-64-21

 A SID that is used when the Digest authentication package authenticated the client.
THIS_ORGANIZATION_CERTIFICATE

S-1-5-65-1

 A SID that indicates that the client’s Kerberos service ticket’s PAC contained a NTLM_SUPPLEMENTAL_CREDENTIAL structure (as specified in [MS-PAC]section 2.6.4). If the OTHER_ORGANIZATION SID is present, then this SID MUST NOT be present. <25>
NT_SERVICE

S-1-5-80

 An NT Service account prefix.
USER_MODE_DRIVERS

S-1-5-84-0-0-0-0-0

 Identifies a user-mode driver process.
LOCAL_ACCOUNT

S-1-5-113

 A group that includes all users who are local accounts.<26>
LOCAL_ACCOUNT_AND_MEMBER_OF_ADMINISTRATORS_GROUP

S-1-5-114

 A group that includes all users who are local accounts and members of the administrators group.<27>
OTHER_ORGANIZATION

S-1-5-1000

 A group that includes all users and computers from another organization. If this SID is present, THIS_ORGANIZATION SID MUST NOT be present.<28>
ALL_APP_PACKAGES

S-1-15-2-1

 All applications running in an app package context.
ML_UNTRUSTED

S-1-16-0

 An untrusted integrity level.
ML_LOW

S-1-16-4096

 A low integrity level.
ML_MEDIUM

S-1-16-8192

 A medium integrity level.
ML_MEDIUM_PLUS

S-1-16-8448

 A medium-plus integrity level.
ML_HIGH

S-1-16-12288

 A high integrity level.
ML_SYSTEM

S-1-16-16384

 A system integrity level.
ML_PROTECTED_PROCESS

S-1-16-20480

 A protected-process integrity level.
AUTHENTICATION_AUTHORITY_ASSERTED_IDENTITY

S-1-18-1

 A SID that means the client’s identity is asserted by an authentication authority based on proof of possession of client credentials.<29> <30>
SERVICE_ASSERTED_IDENTITY

S-1-18-2

 A SID that means the client’s identity is asserted by a service.<31> <32>
FRESH_PUBLIC_KEY_IDENTITY

S-1-18-3

 A SID that means the client’s identity is asserted by an authentication authority based on proof of current possession of client public key credentials.<33>
KEY_TRUST_IDENTITY

S-1-18-4

 A SID that means the client’s identity is based on proof of possession of public key credentials using the key trust object.<34>
KEY_PROPERTY_MFA

S-1-18-5

 A SID that means the key trust object had the multifactor authentication (MFA) property.<35>
KEY_PROPERTY_ATTESTATION

S-1-18-6

 A SID that means the key trust object had the attestation property.<36>

–jeroen

Posted in .NET, Delphi, Development, Software Development, The Old New Thing, Windows Development | Leave a Comment »

« Previous Entries
Next Entries »