Understanding how MSMQ security blocks RPC traffic

MSMQ makes use of several protocols to do its work, including: MSMQ – confusingly the protocol name is the same as the product name (although Microsoft Message Queuing is the preferred alternative. Not as snappy, mind). This protocol is for sending messages to remote destinations. RPC – used for pulling data from another queue manager. This…

0

MSDN Video covering the removal from MSMQ 5.0 of the Windows 2000 client support service

And 3rd in the trio created for Windows 7 / Windows 2008 R2, we have: Microsoft Message Queuing (MSMQ) – Removal of Windows 2000 Client Support Service where Nancy Strickland discusses the impact of installing Windows 2008 R2 domain controllers on Windows 2000 machines running MSMQ applications.

0

MSDN Video demonstrating MSMQ 5.0 and SHA-2 incompatibility

Just noticed that MSMQ is featured on Microsoft Showcase as part of the “Windows 7 – Known Incompatibilites” series. Microsoft Message Queuing (MSMQ) – SHA-2 is the default Hash Algorithm, and how to overcome it This 8 minute video, voiced by Nancy Strickland, covers the changes to the default hash algorithm used by MSMQ and…

0

Error 0xC00E0033 when you try and install MSMQ with Active Directory Integration

As is the way, when I set up various tests with my trusty servers I bump into problems that haven’t been documented before. The machines are used for many scenarios so have changed domain a few times and been upgraded every now and then. I know I should build fresh ones but the old virtual…

0

Microsoft Security Bulletin MS09-040 – Vulnerability in Message Queuing Could Allow Elevation of Privilege

A new patch came out yesterday for MSMQ: MS09-040 Microsoft Security Bulletin MS09-040 – Important 971032 MS09-040: Vulnerability in Message Queuing could allow elevation of privilege If you are already on the latest service pack then you will be OK for Windows XP and Windows Vista; Windows Server 2008 (R1 and R2) and Windows 7 are also unaffected….

0

Default MSMQ queue permissions have changed in MSMQ 4.0

For Windows Vista and Windows Server 2008, newly created queues may not have the permissions you’re used to. With MSMQ 3.0 and earlier, creating a queue would assign the following defaults: Everyone – Get permissions, Get properties, Send message. Anonymous Logon – Send message. Machine$ – Get permissions, Get properties Creator (owner) – full control….

2

MSMQ and Federal Information Processing Standard (FIPS)

The United States Government has a couple of standards that provide a benchmark for implementing cryptographic software. These are: Federal Information Processing Standard 140-1 (FIPS 140-1)which was published in January 1994, and is superceded by… Federal Information Processing Standard 140-2 (FIPS 140-2)which was published in May 2001. To enable FIPS compliant algorithms in Windows 2003: In…

0

"Can I write a script to create a queue in MSMQ and set the permissions on it?"

The first part is easy enough but the second is tricky. For example, here’s how to create a public queue with ‘Old School’ VBScript: set iq=CreateObject(“MSMQ.MSMQQueueInfo”) iq.PathName=”machine\queue” iq.Label=”The queue” iq.Create (IsTransactional=0)   There’s no way to add permissions to this queue at the same time as the COM/scripting API doesn’t have that functionality. System.Messaging (.Net)…

2

MSMQ won’t install on Windows 2008 with a Fatal Error (0x80070643)

One of my colleagues in support has ventured under the MSMQ spotlight with a post about a permissions/UAC problem preventing installation on Windows 2008: MSMQ installation on Windows 2008 fails with error “Attempt to install Message Queuing Server failed with error code 0x80070643. Fatal error during installation” If you do bump into this problem then…

2

MSMQ 5.0 – Changes introduced with Windows 7 and Windows Server 2008 R2

Quick clarification point to prevent confusion: MSMQ 5.0 means Windows 7 and Windows Server 2008 R2 MSMQ 4.0 means Windows Vista and Windows Server 2008 ‘R1’ Currently there doesn’t seem to be much to worry about – business as usual for most customer. There are two items of interest, though, discussed in the Windows 7 Application Quality…

0