为什么将 Win32_Shares 枚举为“LOCAL SERVICE”?用户返回空属性?
我有以下代码:
var searcher = new ManagementObjectSearcher("SELECT Name, Path FROM Win32_share");
ManagementObjectCollection coll = searcher.Get();
foreach (var share in coll)
{
Console.WriteLine("share-path: " + share["Path"] + " share-name:" + share["Name"]);
}
以我的身份运行它,我得到合理的输出:
share-path: C:\Windows share-name:ADMIN$
share-path: C:\ share-name:C$
share-path: D:\ share-name:D
share-path: D:\ share-name:D$
share-path: share-name:IPC$
作为本地系统用户从服务运行它,我没有得到 Path 属性:
share-path: share-name:ADMIN$
share-path: share-name:C$
share-path: share-name:D
share-path: share-name:D$
share-path: share-name:IPC$
如果本地服务无法查看共享文件夹路径?我做错了什么? (注意:我也尝试以“NETWORK SERVICE”运行,结果相同。
I have the following code:
var searcher = new ManagementObjectSearcher("SELECT Name, Path FROM Win32_share");
ManagementObjectCollection coll = searcher.Get();
foreach (var share in coll)
{
Console.WriteLine("share-path: " + share["Path"] + " share-name:" + share["Name"]);
}
Running it as me, I get sensible output:
share-path: C:\Windows share-name:ADMIN$
share-path: C:\ share-name:C$
share-path: D:\ share-name:D
share-path: D:\ share-name:D$
share-path: share-name:IPC$
Running it from a service as the local system user, I get no Path property:
share-path: share-name:ADMIN$
share-path: share-name:C$
share-path: share-name:D
share-path: share-name:D$
share-path: share-name:IPC$
Should the LOCAL SERVICE not be able to view shared folder paths? What am I doing wrong?
(Note: I also tried running as "NETWORK SERVICE" with the same results.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我尝试使用 WinApi NetShareEnum 并收到相同的结果。值得注意的是,这段代码在 Windows 2008 R2 上运行正常,但在 Windows 2008 上不起作用。我还没有尝试过早期的平台。
这看起来确实是一个权限问题,因为本地系统帐户有权访问共享路径。无休止的测试和使用本地安全设置并没有带来任何结果。我无法使用 regmon 或 filemon 找到任何可疑活动。我最终将我的应用程序切换到系统帐户。
I tried using WinApi NetShareEnum and received the same results. What is interesting to note is that this code behaves correctly on Windows 2008 R2 and it doesn't work on Windows 2008. I haven't tried earlier platforms.
This does seem like a permissions issue, because local SYSTEM account has access to share paths. Endless testing and playing with local security settings didn't bring any results. I couldn't find any suspicious activity using regmon or filemon. I ended up switching my application to SYSTEM account.
LOCAL SERVICE 无权网络共享。您需要以具有适当权限的用户身份运行服务,很可能是具有共享权限的域用户。
LOCAL SERVICE doesn't have rights to network shares. You need to run your service as a user with appropriate permissions, most likely a domain user with rights to the shares.