C#•3mo ago

Named pipe connection over network error (The username or password is incorrect)

When running a solution where one machine runs a server and a second machine runs a client connecting via named pipes I'm having a strange issue. If both machines run the same Microsoft account, the connection is done successfully. However, if the account is not the same, the connection fails with a "The username or password is incorrect" exception on the client side. I already added an access rule where I gave the WorldSid full control so I do not believe it to be a permission issue. I'm however wondering if it is a limitation that I'm not aware of.

1 Reply

João Paul•2mo ago

the following is the code used to create the named pipe on the server side:

// Define security descriptor for the named pipe
        PipeSecurity pipeSecurity = new PipeSecurity();

        var sid = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
        var account = (NTAccount)sid.Translate(typeof(NTAccount));

        // Add an access rule allowing Everyone to connect to the pipe
        pipeSecurity.AddAccessRule(new PipeAccessRule(account.ToString(), PipeAccessRights.FullControl, AccessControlType.Allow));

        PipeServer = NamedPipeServerStreamConstructors.New(CurrentPipeState.PipeName, PipeDirection.InOut, -1, PipeTransmissionMode.Byte, PipeOptions.Asynchronous, 0, 0, pipeSecurity);

// Define security descriptor for the named pipe
        PipeSecurity pipeSecurity = new PipeSecurity();

        var sid = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
        var account = (NTAccount)sid.Translate(typeof(NTAccount));

        // Add an access rule allowing Everyone to connect to the pipe
        pipeSecurity.AddAccessRule(new PipeAccessRule(account.ToString(), PipeAccessRights.FullControl, AccessControlType.Allow));

        PipeServer = NamedPipeServerStreamConstructors.New(CurrentPipeState.PipeName, PipeDirection.InOut, -1, PipeTransmissionMode.Byte, PipeOptions.Asynchronous, 0, 0, pipeSecurity);

Note, that due to using a .Net framework version which lacked the native constructor, I had to use a plugin that copied the constructor that took pipeSecurity as an argument from another version. This should not change anything since the code is the same, but it explains the different naming for the initialization. The client pipe is created with the following code:

CoreEventPipeWrapper = new CoreControlEventNamedPipeWrapper("CorePipe", CoreControlEventNamedPipeWrapper.Type.CLIENT);
            CoreEventPipeWrapper.CurrentPipeState.OriginMachineName = CoreClientName;
            CoreEventPipeWrapper.OnClientConnected += onCoreClientConnection;
            Task.Run(() => CoreEventPipeWrapper.Connect<CoreControlEvent>(CoreServerIp));


The wrapper  being used just "hides" the marshalling of data and uses 

        PipeClient = new NamedPipeClientStream(serverName, CurrentPipeState.PipeName, PipeDirection.InOut, PipeOptions.Asynchronous);

CoreEventPipeWrapper = new CoreControlEventNamedPipeWrapper("CorePipe", CoreControlEventNamedPipeWrapper.Type.CLIENT);
            CoreEventPipeWrapper.CurrentPipeState.OriginMachineName = CoreClientName;
            CoreEventPipeWrapper.OnClientConnected += onCoreClientConnection;
            Task.Run(() => CoreEventPipeWrapper.Connect<CoreControlEvent>(CoreServerIp));


The wrapper  being used just "hides" the marshalling of data and uses 

        PipeClient = new NamedPipeClientStream(serverName, CurrentPipeState.PipeName, PipeDirection.InOut, PipeOptions.Asynchronous);

for the connection To anyone with this issue. After some grueling days of debugging and talking with microsoft techs I came to the conclusion that named pipes use the network sharing protocol from windows and also, they follow the same rules. So basically... removed password from network folders... everything worked after that.

Gaming

Programming

Named pipe connection over network error (The username or password is incorrect)