Database Users

File Sharing between 8 & 7

Okay, Im pretty frustrated right now. Ive been looking all over the places for a solution to share file between my win7 pc & win8 tablet.
At the start, I could use the tablet to connect to my files on pc but not vise versa. Though after some twitching with Sharing setting, now I cant even connect to anything, both win 7 & 8...
The normal old way was to set the same name for workgroup doesnt work anymore, so I created a homegroup & got both devices to join but theres seem to be no different, I cant even open shared libraries.
And I believe all sharing settings are correct (network discovery on, file sharing on, use user account to connect, 128bit encryption, password protected sharing off).
Anyone got any other ideas? xD

I remember having similar issues sharing between two computers running 7. Ultimately it came down to the individual permission settings for whatever you are trying to share. I think I had to change the permissions and take ownership of any items I was trying to share. Otherwise when you try to access a devices, it uses that computer's credentials, and if that user account does not explicitly own those files/directories, that's when issues pop up.
Otherwise, what error messages are you getting when you try to access files?

Well, I did set permission to Full Control and even add specific homegroup users, but its still no use. Everytime I tried to access the files, I got the No permission error (not accessible)
Also, I just notice that the status in the folder Sharing tab is still "Not shared" even though theres a shared icon on the folder xD

turn off simple file sharing,
theres nothing simple about it, other than the fact that in all my years of sorting this stuff out it has normally been the main problem and thus simple to fix by turning it off.... that and DNS issues but that's not the issue here
so, clear all the crap you have done to do with sharing and folder permissions etc
go to the CP>folder options>view>untick sharing wizard its called simple file sharing in earlier OS versions.
and start again.

Hidden Administrator Issue

Hi all, i want to ask you a question about the hidden Administrator in Windows 8.. if i enable it (by typing "net user Administrator /active:yes" in cmd with admin rights) i cannot run apps like weather app, picture, video and so on.. it says that the app cannot be run using this profile (???). If i use my personal account, on the other hand, some programs like Bandicam (similar to Fraps) cannot run on boot, because they need Admin privileges (the icon has the windows shield on it).. What should i do? Tell me a way to use my account and boot all the app I want please

Did you try switching to an Online Account in Settings >> Users?
Btw, your main account (the one you created when installing windows) has admin rights. No need to turn on Administrator account.

I havent tested this in Windows 8, but with 7 you could use task scheduler to run a program on login with admin rights.
I think these are the required settings, but again I havent tested this:
Open task scheduler (in control panel\administrator tools)
Create a new task
General: Tick Run with highest privileges. Leave the run as user option as the current user.
Triggers: New -> At log on (any user), dont change anything else
Actions: New -> start a program
Conditions: Untick the AC requirement
Settings: Untick Stop the task if it runs longer than

carlese said:
Hi all, i want to ask you a question about the hidden Administrator in Windows 8.. if i enable it (by typing "net user Administrator /active:yes" in cmd with admin rights) i cannot run apps like weather app, picture, video and so on.. it says that the app cannot be run using this profile (???). If i use my personal account, on the other hand, some programs like Bandicam (similar to Fraps) cannot run on boot, because they need Admin privileges (the icon has the windows shield on it).. What should i do? Tell me a way to use my account and boot all the app I want please
Click to expand...
Click to collapse
You cannot use the Admin account to run metro apps. My first piece of advice is to just not use metro apps.
If you want to do it the "right" way, using your own account, set up a scheduled task to start your programs with administrator privileges.
Edit:
^what he said.

Stupid Simple Interop Unlock?

While I was writing and testing a WP 8 web app, I had it connected via wifi to Fiddler2. When I plugged my Dev Unlocked HTC 8x into my computer, the phone "dialed out" to h ttps://developerservices.windowsphone.com/Services/WindowsPhoneRegistration.svc/01/2010/DeviceStatus?deviceId=deviceid&fulldDeviceId=fulldeviceid The response is an XML packet that tells the phone how many days are left of being DeveloperUnlocked as well as the number of apps that are allowed!
this request/response sequence happens EVERY time I plug my developer unlocked Windows Phone 8 into the USB port of my Dev PC and PIN unlock it.
Keep in mind I installed the root cert that Fiddler generated for my PC a while back, so it can decrypt HTTPS traffic to/from my phone.
If anyone knows what the integer equivalent of "that magic DWORD value" is, I will craft a custom response packet and see if it changes anything.
Please see the attached screenshot for proof!
Edit:
So I did try GoodDayToDie's xaps and it looks like increasing the value from 10 to 2147483647 (I think its the integer equivalent to 0x7FFFFFFF) didn't have any effect that I could see. The InteropCapNoOem xap fails to deploy with error code 0x81030120. This error code normally means you are NOT interop unlocked back in the WP7 days. The OemCapsNoInterop.xap file generates an error telling me to "fix the Capabilities in [the] WMAppMAnifest.xml file.
I wonder if I can sideload more than 10 apps now though?
Maybe we can figure out what app is generating this "call home" and see if there are any other funky things we can stick in the xml tree?

Whoa. I could have sworn they were using cert pinning for that. I'll investigate, though...
EDIT: Couldn't get that connection request even showing up on my work computer. Will try from home.

Here is the service operations page:
https://developerservices.windowsphone.com/Services/WindowsPhoneRegistration.svc/help and (according to API) DeviceStatus call don't have fullDeviceId={FULLDEVICEID} parameter.
BTW, compu829, what is the fullDeviceId parameter, how it looks like?

Wait... You could change the value on the phone? That's a huge improvement. I'm stuck with only 3 apps (stupid dreamspark) and desperately need more!

This is a great find! I, unfortunately have never seen this happen though. Do you happen to know if you had the WP Device Registration program or the Application Deployment program running at the time?
EDIT: I've been debugging multiple apps with Fiddler up and proxy on my phone and I haven't noticed this. I see it now. I feel stupid lol Time to play around
EDIT 2: Microsoft does NOT like when you have fiddler intercepting on Registration. It returns a success result, but the developer registration tool gives an error indicating that it cannot connect to the phone. Grrr and after I went through the work of changing the response value for the number of apps that can be sideloaded. I bet this is a timing thing... I'll see what I can do.

I don't think it's timing. Even if I left the request completely unmodified and just ran it through the proxy to watch the process, the tool said that there was a problem, and the phone did not get unlocked. They're either testing for the presence of a proxy somehow, or there's some side channel that *is* using cert pinning, and is therefore unable to connect through Fiddler.

Also, editing the a:AppsAllowed element doesn't seem to work. The phone doesn't complain or anything, but the registry value doesn't change.

On my phone, I noticed it AFTER I had developer unlocked it. More concrete steps on what I did to reproduce:
1. On test PC, Installed Fiddler.
2. On test PC, exported trusted root certificate that Fiddler installed.
3. Emailed certificate to my phone and installed it.
4. Now enable the proxy on the phone. Things like email, Windows Phone Updates, etc will now work normally!
5. Plug phone in to Visual Studio Development PC, and wait for the PC to detect the device.
6. You will see the phone "dial out".
Without installing the fiddler trusted root certificate, you will see the handshake, but the phone doesn't know what do do with the packet because the certificate generated by fiddler is untrusted.
Using this same technique, you can have some serious fun with Windows Updates

GoodDayToDie said:
Also, editing the a:AppsAllowed element doesn't seem to work. The phone doesn't complain or anything, but the registry value doesn't change.
Click to expand...
Click to collapse
see last post Are you guys installing the trusted root certificate on your phone?

compu829 said:
see last post Are you guys installing the trusted root certificate on your phone?
Click to expand...
Click to collapse
It would be nice if Fiddler's cert was trusted :/. I'm able to see all HTTPS requests, etc but it just hates it when dev unlocking the phone. Which other trust root cert are you speaking about?

more detailed instructions
snickler said:
It would be nice if Fiddler's cert was trusted :/. I'm able to see all HTTPS requests, etc but it just hates it when dev unlocking the phone. Which other trust root cert are you speaking about?
Click to expand...
Click to collapse
this is what I did:
On Development PC:
1. Click Start, click Start Search, type mmc, and then press ENTER.
2. On the File menu, click Add/Remove Snap-in.
3. Under Available snap-ins, click Certificates, click Add, select current user, and then click Finish.
4. click ok to close the add/remove snap-in dialog
5. In the left-hand pane navigate to "Trusted Root Certification Authorities" --> "Certificates"
6. in the right-hand pane, look for the certificates labeled "DO_NOT_TRUST_FiddlerRoot" (I have two for some reason, you may only have 1)
7. Right-click on the certificate and go to "All Tasks" --> "Export".
8. Run through the certificate export wizard, leaving everything as the defaults.
9. Once you have exported your certificates, email them as attachments to your Windows phone.
10. Open the email on your WIndows Phone. Click on the certificate file and wait for it to process. Then when prompted, install it.
11. After that, any https traffic that you intercept/edit will go through as trusted to your Windows phone, provided that the application isn't expecting a specific certificate.
Things this made work:
1. all App communications over https
2. Windows Updates
3. all email accounts.
4. App Store communications (except for actually downloading apps, IIRC).
Things that didn't work:
1. Anything that requires certificate pinning as the certificate is embedded within the app. Therefore it doesn't make a call into the trusted root certificate store. I believe this includes running the actual "Developer Unlock" app.
if you place the following code in the "OnBeforeResponse" section of the CustomRules.js file, you should be able to install more than 3 or 10 apps, provided the program that is "phoning home" isn't using certificate pinning.
Code:
oSession.utilDecodeResponse();
oSession.utilReplaceInResponse("AppsAllowed>10</","AppsAllowed>400</");

... These are steps that have already been taken. You actually did even more steps then necessary. All you have to do is point to your computer's IP address and port that Fiddler is running on within IE Mobile (Make sure Remote IP access in Fiddler is enabled), click on the certificate and it will install on the phone. You'll be able to see the requests from the phone. Everything you listed above is what I've been able to do. Nothing different from what I was saying .

@compu829: Yes, of course I am. If I weren't, it wouldn't be possible to edit that value at all; I wouldn't even see it because the TLS handshake would fail... (FWIW, I work with proxies all the time, usually Burp Suite not Fiddler, but in any case I'm quite familiar with setting up the MitM certs). I do wonder whether there's something changed here (GDR2 change, maybe?) because I could have sworn that intercepting the phone's traffic during unlock didn't work at all before (presumably due to cert pinning). I may be mistaken, though.
In any case, it still doesn't *actually* work. I guess I could try invisible proxying - use ARP spoofing or a custom routing rule on the router to send the data through my PC, and capture/modify it there, without revealing the presence of a proxy - but I don't know if that's the issue or if it's something else entirely.
EDIT: Your steps are way more complex than needed. For example, you can export the root cert from Fiddler by going to Tools menu (in Fiddler) -> Fiddler Options -> HTTPS.

whoops lol. Oh well. I didn't realize it was so easy to export/Import!
Anyways, All I know is that I could pretty much do nothing on my phone when I connected it to the proxy until I emailed myself the root cert. Once I did that, email started flowing, apps started working, and WIndows Updates stopped erroring out.
It is entirely possible that whatever is generating the call is silently rejecting the response packet. I was just shocked when I plugged my phone in to see that packet show up.
I know that Windows Updates lets me modify the requests and responses without complaining, so maybe that is another way in? I assume that must be running elevated lol. Maybe we can get it to launch a background app that is already on the phone.

The way I see it, this will only work temporarily. Next time phone dials home without you running the Fiddler it will reset the AppsAllowed value. Am I right?

@amaric: If you'd actually read the thread, you'd see that it doesn't appear to work at all...
But yes, it would probably reset itself too. We don't have the ability (right now) to edit the registry keys which control that phone-home behavior. However, it might be / have been possible to do that if we had interop-unlock...

on the phone there is the file "PhoneReg.exe", which works with this data, and it check certificate Common Name (must be Microsoft...) and Thumbprint to hardcoded data

Didn't the ChevronWP7 work exactly like this until MS fixed the bug in NoDo?

@snickler, @GoodDayToDie
There is something I can't get out of my head...after the Ativ S devices are interop unlocked, they'd "reset" after a while until we made them stop phoning home...This means that somehow Microsoft is associating the phone's device ID with your interop level...is this something done purely server side, or is there a way to maybe send this info TO Microsoft's servers so they can send the info back to our phones? Just a thought....

That's an interesting research question; we can set the URLs which are used to make those "phone home" checks to a site we control, possibly use HTTP instead of HTTPS, and see if they work. Worst case, cert pinning will cause the connection attempt to fail and we're right where we are now; best case, it's... umm, well it's interesting, but I don't see any likelihood of actually getting *additional* permissions out of this. Still, I've been wrong about things like that before. Somebody want to set up a transparent HTTP -> HTTPS proxy to listen for the request, forward it, record the response and forward it?

[Q] No admin rights - help

I have no admin right to get to disk manager, users and account and anything that requires admin rights. When I try to start something with admin rights I get an error "This file does not have a program associated with it performing this action..."
I lost rights as soon as I deleted my D drive (after restart) which contained programs and personal files. My E drive is a clone on D but I cannot rename E to be the new D drive since I don't have admin rights.
I have tried searching everywhere and couldn't come up with a solution

U can try one thing but not sure if it would work
Open cmd
type net user xyz
where xyz is name of ur pc
This command is used to add a user acc
If it doesnt work for you then u can try this one net user xyz where xyz is any name
this will lead to creation of new user acc and then login with this username
well do it at your own risk
Hope it works
Sent from my GT-S7500 using xda app-developers app

... you do realize that adding a user account also requires Admin, right?
A better bet is to actually log in as the Admin account. This *should* be possible if you use the recovery console (on Win7 and down you could do it from Safe Mode even if the Admin account was disabled, but I think they removed that from Win8 as a security threat).
There are progressively sillier other ways I know of to fix things, such as extracting the computer's hard drive/SSD (assuming it's removable) and editing it using another computer, but there really should be a way to fix the problem. Given what you said, I'm actually kind of shocked you can still sign into your PC as is.
Out of curiosity, what on earth possessed you to delete an in-use drive? That's... um, well, it's like one of those jokes about boneheaded tech support calls. At least you backed it up first...?

How do I give my app administrator permissions?

I am creating a new type of security application that sits at OSI Layer 2/3 and encrypts packets of data flowing between devices. With this proven technology, I can create apps such as Secure Skype, Private Messenger and so forth and I can do things such as blend Triple DES and AES 256 bit encryption (this will eventually be an open source encryption platform) on the same communication channel. We run underneath higher level, more limited, options such as SSL and VPN and we have been working on desktops for years.
The problem is that I cannot figure out how to port my Linux version over to Android due to the need to have admin rights for my app. I do NOT want to try to force people to root their phone and I am looking for some legal option.
In Windows and Apple, you can get your code verified - in Windows it is called Windows Logo verification. In those case, your code is run through a whole series of tests, the source code is signed and that cert is then authorized for admin rights.
Given how Android works, it would seem that a similar option should exist but I cannot find anything.
Can somebody please point me in the right direction?
Thank you very much for your time.

You can give your app administrator permission only for rooted devices.