使用管理员帐户运行asp.net程序
我需要使用管理员帐户并启用桌面交互从 ASP.NET 应用程序运行一个控制台应用程序。我尝试过下面的代码,控制台应用程序运行正常,但在网络服务帐户内。有什么想法如何在管理员帐户下运行控制台吗?
string enginePath = Server.MapPath(@"~/engine/MyConsole.exe");
System.Diagnostics.ProcessStartInfo info = new System.Diagnostics.ProcessStartInfo(enginePath, "");
System.Diagnostics.Process p = System.Diagnostics.Process.Start(info);
p.WaitForExit();
问候, 托马斯
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
你可以使用模拟,有一个例子这里
我个人不喜欢ASP中的模拟。 net,您需要处理密码要么不被更改,要么在代码中更改。有没有办法以 asp.net 用户的身份运行你想要的东西?
编辑:
您可以使用“NETWORK SERVICE”作为用户名来模拟网络服务,这至少会稍微缓解密码问题,
you could use impersonation, there is an example here
personally i dont like impersonation in asp.net, you need to deal with passwords either not being changed or changing them in code. Is there no way to run what you want as the asp.net user?
edit:
You could acyually impersonate the network service by using "NETWORK SERVICE" as the user name, that would at least allieviate the password issues a little,
另一位用户已经建议冒充。如果这足够好,那就可以了。不过,正如他所说,有一些维护难题需要处理,并且存在一些安全隐患。
我过去使用过的一些选项可能适用也可能不适用于您的情况:
如果任务按照可预测的计划进行,只需将其添加到 Windows 中的计划任务中,设置适当的工作人员帐户 (管理员,或者其他什么),然后让她走。我相信还有一些方法可以以编程方式触发计划任务,但我从来没有这样做过。 Google 搜索应该可以帮助您继续。
将控制台应用程序逻辑实现为在适当帐户下运行的服务。然后让该服务侦听来自 Web 应用程序的“触发器”——文件删除或更简单的操作。
无论哪种方式,其想法都是避免在 ASP 页面中存储任何凭据,并且不必授予不需要的进程权限。
Another user already suggested impersonation. If that's good enough, there you go. Like he said, though, there are some maintenance headaches to deal with and some security implications.
Some options that I've used in the past which may or may not be applicable in your situation are:
If the task is on a predictable schedule, just add it to the Scheduled Tasks in Windows, set the appropriate worker account (Administrator, or whatever), and let 'er go. I believe there are also ways to programmatically trigger a scheduled task, but I've never had to do that. A Google search should get you going.
Implement the console app logic as a service running under the appropriate account. Then have the service listen for a "trigger" from your web app--a file drop or something simpler.
Either way the idea is to avoid storing any credientials in your ASP page, and to not have to grant that process rights it doesn't need.
您可以使用清单文件并将其构建到控制台应用程序中,指示它始终在管理员帐户下运行。请参阅此示例。
如果这对您不起作用,那么您可以尝试在 ProcessStartInfo 属性,例如
You can use a manifest file and built it into your console application that will instruct it to always run under an admin account. See this example.
If this doesn't work for you then you could try passing in Admin account credentials in the ProcessStartInfo property e.g.