在域中设置命名管道安全性

发布于 2024-07-27 02:03:38 字数 947 浏览 1 评论 0 原文

我有一个通过命名管道设置的服务器。它对于域管理员来说工作得很好，但是当我在普通用户上测试客户端时，它给出了异常“访问路径被拒绝”。因此，这就是我尝试设置的权限，以授予域中所有经过身份验证的用户访问权限。我在这里做错了什么？

服务器：

        NamedPipeServerStream pipeServer = new NamedPipeServerStream("message-generator", PipeDirection.InOut, pipeThreads, PipeTransmissionMode.Message, PipeOptions.None);
        PipeSecurity pipeSecurity = pipeServer.GetAccessControl();
        pipeSecurity.AddAccessRule(new PipeAccessRule(@"localdomain\Authenticated Users", PipeAccessRights.FullControl, AccessControlType.Allow));
        pipeServer.SetAccessControl(pipeSecurity);

客户端：

NamedPipeClientStream pipeClient = new NamedPipeClientStream("servername", "message-generator", PipeDirection.InOut, PipeOptions.None, TokenImpersonationLevel.Impersonation))

服务器名称和域明显不同，但是在服务器上，当它到达 pipelineServer.SetAccessControl 函数时，它给了我异常“UnauthorizedAccessException”。

任何帮助是极大的赞赏

原文

I have a server that I'm setting up over a named pipe. It works fine for administrators of the domain, but when I test the client on a normal user, it gives the exception "Access to path is denied". So here is what I'm trying to set the permissions to give access to all authenticated users in the domain. What am I doing wrong here?

Server:

        NamedPipeServerStream pipeServer = new NamedPipeServerStream("message-generator", PipeDirection.InOut, pipeThreads, PipeTransmissionMode.Message, PipeOptions.None);
        PipeSecurity pipeSecurity = pipeServer.GetAccessControl();
        pipeSecurity.AddAccessRule(new PipeAccessRule(@"localdomain\Authenticated Users", PipeAccessRights.FullControl, AccessControlType.Allow));
        pipeServer.SetAccessControl(pipeSecurity);

Client:

NamedPipeClientStream pipeClient = new NamedPipeClientStream("servername", "message-generator", PipeDirection.InOut, PipeOptions.None, TokenImpersonationLevel.Impersonation))

The servername and domain are obviously different, but on the server when it gets to the pipeServer.SetAccessControl function it gives me the exception "UnauthorizedAccessException".

Any help is greatly appreciated

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

烟雨凡馨 2024-08-03 02:03:38

您需要使用 NamedPipeServerStream 的构造函数，它允许您指定管道句柄上所需的访问权限：

public NamedPipeServerStream(
    string pipeName,
    PipeDirection direction,
    int maxNumberOfServerInstances,
    PipeTransmissionMode transmissionMode,
    PipeOptions options,
    int inBufferSize,
    int outBufferSize,
    PipeSecurity pipeSecurity,
    HandleInheritability inheritability,
    PipeAccessRights additionalAccessRights
)

当您调用它时，您需要在中请求 PipeAccessRights.ChangePermissions最后一个论点。然后 SetAccessControl 应该会成功。

请参阅我的博客 http://blogs.charteris.com/blogs/chrisdi/archive/2009/12/04/exploring-the-wcf-named-pipe-binding-part-4.aspx 的例子。

You need to use the ctor for NamedPipeServerStream which allows you to specify the desired access rights on the pipe handle:

public NamedPipeServerStream(
    string pipeName,
    PipeDirection direction,
    int maxNumberOfServerInstances,
    PipeTransmissionMode transmissionMode,
    PipeOptions options,
    int inBufferSize,
    int outBufferSize,
    PipeSecurity pipeSecurity,
    HandleInheritability inheritability,
    PipeAccessRights additionalAccessRights
)

When you call it, you need to ask for PipeAccessRights.ChangePermissions in the last argument. Then SetAccessControl should succeed.

See my blog http://blogs.charteris.com/blogs/chrisdi/archive/2009/12/04/exploring-the-wcf-named-pipe-binding-part-4.aspx for an example.

回复收藏 0 原文

~没有更多了~