Monday, September 15, 2014

Cookie365 Update

thanks to the test credentials provided by Roel, I was able to reproduce the error "Retrieving Cookies....[ERROR]:Buffer cannot be null" many of you encountered.

As far as I was able to understand, this happens when there is not an ADSF federation in place with Office365.
So I did a change on the code and it seems to be working fine. Please let me know.

I also added the possibility do mount directly a sharepoint disk from the utility.

Regarding the minor bug pointed out by Yu Zhang about cookie expiration, I think this is the correct behavior. The utility is setting in IE the same expiry date/time as it's received from the server. Anyway, just to do some tests, I added a command line option to augment the expiry date. This way the cookies will be stored on disk. However I'm not so sure it will work, since on the server side the validity of the cookie will expire before.

Here is the Cookie365 v0.2 ChangeLog:

  1. Corrected a bug related to non ADSF federated sharepoint sites which caused the ""Retrieving Cookies....[ERROR]:Buffer cannot be null" error
  2. Introduced a feature to mount (-mount [disk]) a sharepoint site as a disk directly from cookie365
  3. Introduced a feature to lengthen the expiration of the cookies stored in the browser (-expire [minutes]). Beware, the correct expiration is set by the server and Cookie365 sets the same expiration in the browser... so changing it on the client side could lead to unexpected behaviors.
  4. Minor revisions to the command line parsing logic

Please let me know how it works.

Here you can download the latest version Cookie365 v.02.
Here you can find the latest Beta version Cookie365 v0.4

Special thanks to Roel for providing me with a test account to reproduce the issues.


Saturday, July 26, 2014

SharePoint Online Cookies Cookie365 - mount SharePoint online share

I was looking for a solution being able to mount a OneDrive for Business share in a ADFS federated environment. So I started googling around to find a way to mount transparently the OneDrive4Business space as a disk drive or a share on terminal server as a logon script.

Unfortunately I found out that the only option seemed to be a manual login to share point before using the usual "net use * \\\DavWWWRoot" which would not be an option for my users...

So I went through reading many articles and blogs, and overnight (I'm not a programmer :-) I decided to adapt and enrich code chunks and C# samples, to build an utility to set the cookies needed to mount the OneDrive share without user intervention.

The following resources were fundamental:
How to Use Fiddler Web Debugger to Analyze a WS-Federation Passive Sign-In
- Troubleshooting Federation, ADFS and more

To make a long story short... I produced an utility, baptized Cookie365, able to set the "FedAuth" and "rtFA" cookies needed to seamlessly mount a SharePoint share from the command line or from a script.

From a domain PC or Domain Server, just launch

Cookie365 -s

and the utility will logon to Office365 using the domain credentials, generating all the SAML tokens and cookies needed to mount the share (e.g. "net use * \\\DavWWWRoot". Beware, in order to use it, you have to have the WebClient service running and your sharepoint site added to the trusted sites inside Internet Explorer).

The utility is also able to manage non-domain PCs, so you can specify the user ("") and password:
Cookie365 -s -user -p password

I was able to test it on Windows server 2012R2 and Windows7SP1, both from domain joined and from workgroup machines, but I don't have extensive test cases, so any feedback is welcome.

I also added the support for NTLM proxy (like ISA and TMG). I have not tried with other proxies... so I don't know if it will work.

Here you can find the source code (VisualStudio2013 solution).
Here you can download the compiled version of Cookie365 (prerequisite = .NET 4.5)

As stated before... I am not a professional programmer.
My last programming was back in 1998 with Java... So.. any suggestion to ameliorate the code will be welcome !

Fabio Cuneaz

PS Just a legal statement.... The source code and the exe version are provide "AS IS" without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.