ReHIPS not AutoStarting

Started by Noverco, June 13, 2016, 08:44:25 PM

Previous topic - Next topic

Noverco

I have just installed ReHips version 2.2.0 RC2 (Thank you Fixer!!!) on Windows 10 64bit Home edition in a Standard User Account and I have ticked the AutoStart option via Settings>Interface tab.

ReHips control centre does not start when Windows 10 starts?

If I check via task manager>Startup no ReHips listed?

Have I miss something?

 

aDVll

No you didn't miss anything. Standard account autostart will happen on next release. It's an open bug but for now you either have to run it manually or use isolation mode which doesn't need gui.

Noverco

Thank you aDVll, for your quick reply and explanation - could I possibly use task scheduler as an alternative workaround?

aDVll

Quote from: Noverco on June 13, 2016, 08:53:58 PM
Thank you aDVll, for your quick reply and explanation - could I possibly use task scheduler as an alternative workaround?
The problem from what i understand is that the gui doesn't accept connection from non admin account. Fixer though mentioned service does so if you manually change xml database it should work. I can't guide you though on how to do it because i never tried it. If you give me 30 min or something i will try to figure it out and tell you.

Noverco

Thank you aDVll, I will certainly appreciate your assistance!!

Thank you once again!

fixer

ReHIPS GUI for security purposes requires administrator account (doesn't matter elevated to the real admin or using limited token) to connect to the Service and control it. The Service checks if the connecting process was started by a user from Administrator group. If not, it disconnects. This was done for security purposes to restrict other non-admin users to control ReHIPS.
Recently there were some changes in this policy. Service now supports connections from both administrators and users from the whitelist. But GUI part doesn't support it yet though, will be implemented later. But if you can't wait, you can edit the xml database manually :)

aDVll

#6
Quote from: fixer on June 13, 2016, 09:19:48 PM
ReHIPS GUI for security purposes requires administrator account (doesn't matter elevated to the real admin or using limited token) to connect to the Service and control it. The Service checks if the connecting process was started by a user from Administrator group. If not, it disconnects. This was done for security purposes to restrict other non-admin users to control ReHIPS.
Recently there were some changes in this policy. Service now supports connections from both administrators and users from the whitelist. But GUI part doesn't support it yet though, will be implemented later. But if you can't wait, you can edit the xml database manually :)
What exactly do you edit in the xml. I am trying to figure it out now but it will save me the trouble.  ;)

Btw Noverco if you launch it from task scheduler it will ask for the admin account password and after you put that it will work.
About the edit part unfortunately we will have to wait for info from fixer because i can't figure it out.  :'(

fixer

First-as far as I remember, this feature is not in current build yet. And second-it wasn't tested at all, even internally.
But as a sneak peek: trusted command lines are stored like ReHIPS-ReHIPSTrustedCmdLines-TrustedCmdLine-CmdLine. And whitelisted users are stored like ReHIPS-ReHIPSTrustedUsers-TrustedUser-Sid. As you probably noticed by name it expects user SID like the one in ReHIPSRulesUsers.

aDVll

Quote from: fixer on June 13, 2016, 09:33:13 PM
First-as far as I remember, this feature is not in current build yet. And second-it wasn't tested at all, even internally.
But as a sneak peek: trusted command lines are stored like ReHIPS-ReHIPSTrustedCmdLines-TrustedCmdLine-CmdLine. And whitelisted users are stored like ReHIPS-ReHIPSTrustedUsers-TrustedUser-Sid. As you probably noticed by name it expects user SID like the one in ReHIPSRulesUsers.
Oh i see now i have an idea what you mean but you are correct the fix it's not in this version. I got confused. Sorry. 

Noverco

Thank you both aDVll and fixer for your help regarding this issue,  I think on the safer side I will start ReHIPS via task scheduler (Thank you aDVll for checking it out!!) and start ReHIPS via task scheduler and enter admin password, until a fix :) 

Umbra

or just do what i did:  put a shortcut on SUA and launch it manually.

Note: if you set ReHIPS on Lockdown Mode, ReHIPS will be launched at startup on SUA, hence protecting you, however the GUI will not show and must be launched manually.