访问网络驱动器上的文件
背景:我有一个应用程序,必须从网络驱动器 (Z:) 上的文件中读取数据
,这在我的办公室域中运行良好,但在站点上(在不同的域中)不起作用。据我所知,域用户和网络驱动器的设置方式相同,但是我无权访问客户域中的用户等。
当我无法访问网络驱动器时,我想我需要用户的令牌。这就是我模拟用户的方式:
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
...
const string userName = "USER";
const string pass = "PASS";
const string domainName = "VALIDDOMAIN.local" //tried with valid domain name and with null, same result
const int LOGON32_PROVIDER_DEFAULT = 0;
const int LOGON32_LOGON_INTERACTIVE = 2;
IntPtr tokenHandle = new IntPtr(0);
bool returnValue = LogonUser(userName, domainName, pass,
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,
ref tokenHandle);
if (!returnValue)
throw new Exception("Logon failed.");
WindowsImpersonationContext impersonatedUser = null;
try
{
WindowsIdentity wid = new WindowsIdentity(tokenHandle);
impersonatedUser = wid.Impersonate();
}
finally
{
if (impersonatedUser != null) impersonatedUser.Undo();
}
现在这是有趣/奇怪的部分。在我的网络中,应用程序已经可以访问网络驱动器,如果我尝试模拟活动用户(完全相同的用户,包括相同的域),它将无法访问网络驱动器。
这让我很无助,因为现在我不知道什么有效,什么无效,更重要的是,它在现场有效吗?
我缺少什么?
编辑:我在最初提出问题时忘记写这个:我尝试输入有效的域名但它不起作用,所以之后我尝试输入 null 以获得与我相同的用户名没有此代码(因为它在我们的域中默认工作)。这没有帮助,这就是domain = null;的方式。最终出现在这个问题上。
Background: I have an application that has to read from files on a network drive (Z:)
This works great in my office domain, however it does not work on site (in a different domain). As far as I can tell the domain users and network drives are set in the same way, however I do not have access to users etc in the customers domain.
When I couldn't access the network drive I figured I needed a token for a user. This is how I impersionate the user:
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
...
const string userName = "USER";
const string pass = "PASS";
const string domainName = "VALIDDOMAIN.local" //tried with valid domain name and with null, same result
const int LOGON32_PROVIDER_DEFAULT = 0;
const int LOGON32_LOGON_INTERACTIVE = 2;
IntPtr tokenHandle = new IntPtr(0);
bool returnValue = LogonUser(userName, domainName, pass,
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,
ref tokenHandle);
if (!returnValue)
throw new Exception("Logon failed.");
WindowsImpersonationContext impersonatedUser = null;
try
{
WindowsIdentity wid = new WindowsIdentity(tokenHandle);
impersonatedUser = wid.Impersonate();
}
finally
{
if (impersonatedUser != null) impersonatedUser.Undo();
}
Now here is the interesting/weird part. In my network the application can already access the network drive, and if I try to impersonate the active user (exactly the same user, including the same domain) it will not be able to access the network drive.
This leaves me helpless since now I have no idea what works and what doesn't, and more to the point, will it work on site?
What am I missing?
EDIT: I forgot to write this while originally asking the question: I have tried entering a valid domain name and it didn't work, so after that I tried entering null to get the same username as I would without this code (since it works by default in our domain). This did not help, and that's how domain = null; ended up in this question.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
一些想法:
\\SERVER\Share\Filename.ext)。Some thoughts:
\\SERVER\Share\Filename.ext).这可能听起来很愚蠢,但您是否尝试过更改访问驱动器的方式?
也许安装某种形式的虚拟处理程序,它可以让您查看驱动器上的信息。例如 SSH?
This might sound stupid but have you attempted to change the way you are accessing the drive?
Maybe install some form of virtual handler which lets you view information on the drive. SSH for instance?