Accessing network PCs

[accyboy1981]

Hi,

I'm looking to create a simple application that will copy files from a
folder on one PC on the network to another PC on the network but I am
having a bit of difficulty doing this. The problem is that the network
is not active directory and there is not a common username and
password between the PCs. The only way I can transfer files is if I
first open Windows Explorer and navigate manually to the PC enter the
username and password for access, this is not ideal as I would like
the application to be automated. Is there a way you can access another
PC and pass it a username and password or is there an alternative to
the approach I'm taking.

Any help would be much appreciated.

Thanks

Simon

 

[Larry Smith]

I'm looking to create a simple application that will copy files from a

folder on one PC on the network to another PC on the network but I am
having a bit of difficulty doing this. The problem is that the network
is not active directory and there is not a common username and
password between the PCs. The only way I can transfer files is if I
first open Windows Explorer and navigate manually to the PC enter the
username and password for access, this is not ideal as I would like
the application to be automated. Is there a way you can access another
PC and pass it a username and password or is there an alternative to
the approach I'm taking.

Any help would be much appreciated.

Thanks

This is a deep subject actually. My own expertise is from the WinAPI/C++
world so I'm not sure what .NET function to rely on off-hand but yes, you
can automate this with a different set of credentials than the logged on
(interactive) user. In fact it's the only practical/safe way to do it. Sorry
I don't know the .NET function to use without looking into it but I'd be
very surprised if there wasn't one (that wraps the WinAPI functions
""NetUseAdd()" or "WNetAddConnection2()" and cousins - you can always use
these of course even in .NET but I'm sure .NET provides its own analogue).
Note that you should also understand how authentication works in general and
how it's related to shared folders in particular (especially if this is for
a commercial app). You can get tripped up otherwise, even if things seem to
work at first. Your best bet is to get hold of "Programming Windows
Security" by Keith Brown though I'm not sure if it's in print anymore (it
goes back some years). It's still very relevant however and Chapter 8 in
particular is dedicated to your situation. I can also provide an intro on
this type of authentication in general if you want it. I wrote it some years
ago for a colleague and will post it on request (no API samples however
which I can't post for legal reasons).

 

[Willy Denoyette [MVP]]

Hi,

I'm looking to create a simple application that will copy files from a
folder on one PC on the network to another PC on the network but I am
having a bit of difficulty doing this. The problem is that the network
is not active directory and there is not a common username and
password between the PCs. The only way I can transfer files is if I
first open Windows Explorer and navigate manually to the PC enter the
username and password for access, this is not ideal as I would like
the application to be automated. Is there a way you can access another
PC and pass it a username and password or is there an alternative to
the approach I'm taking.

Any help would be much appreciated.

Thanks

Simon

The easiest solution for this is to create a "use record" for your login
session.
the command should look like:
"net use \\otherpc\sharename passwd /user:validUserOnOtherpc"
The way you do this is by placing a "net use" command in your autoexec.bat
file.
Another option is to execute the above "net use" from your code (using
System.Diagnostics.Process.Start), this way you can delete the network
connection when done with it.
Note that you can use the IPC$ instead of a share name, this gives you
access to all of the resources on the "other" pc.
Willy.

 

[Larry Smith]

The easiest solution for this is to create a "use record" for your login

session.
the command should look like:
"net use \\otherpc\sharename passwd /user:validUserOnOtherpc"
The way you do this is by placing a "net use" command in your autoexec.bat
file.
Another option is to execute the above "net use" from your code (using
System.Diagnostics.Process.Start), this way you can delete the network
connection when done with it.
Note that you can use the IPC$ instead of a share name, this gives you
access to all of the resources on the "other" pc.

There should be a .NET function for this somewhere however since spawning
"net.exe" from code is ugly IMO (and he shouldn't publish his password in a
batch file if he decides to go that route). Also note that IPC$ is really
just a login (authentication) resource for all intents and purposes (unlike
other resources where a DACL check is immediately conducted against the
resource). Once your're authenticated on the remote machine using IPC$, your
network session on that machine is still subject to normal access checks on
whatever resources you touch (which gets into shared resource permissions vs
normal NTFS permissions but that's another story). Access denied can still
occur IOW if you later touch a resource you don't have access to (whereas
access denied will occur right away if you authenticate against the target
resource from the outset, opposed to IPC$).

 

[Willy Denoyette [MVP]]

There should be a .NET function for this somewhere however since spawning
"net.exe" from code is ugly IMO (and he shouldn't publish his password in
a batch file if he decides to go that route). Also note that IPC$ is
really just a login (authentication) resource for all intents and purposes
(unlike other resources where a DACL check is immediately conducted
against the resource). Once your're authenticated on the remote machine
using IPC$, your network session on that machine is still subject to
normal access checks on whatever resources you touch (which gets into
shared resource permissions vs normal NTFS permissions but that's another
story). Access denied can still occur IOW if you later touch a resource
you don't have access to (whereas access denied will occur right away if
you authenticate against the target resource from the outset, opposed to
IPC$).

Unfortunaly there is no .NET API for this, and if there was, you would have
to pass the credentials anyway (as per WNetAddConnection2), Sure, I agree
you shouldn't hard code credentials, but all depends on the security
constraints imposed.
Now I suppose that the OP is talking about a home like environment, so
security is IMO not an issue, he knows the password (guess it's even the
administrators pwd) required to access the other PC's resources, which
implies a non-secured environmant anyway.
In such scenario, storing a pwd in a batch file he owns (say in his user
profile) doesn't impose such a security risk. If it is, or if he cares about
security, he should prompt for the credentials interactively and pass them
to the API he calls whatever this API may be. As to spawning "net use", is
IMO not that ugly, the Process.Start api provides everything to run the
command without showing the command windows, so why you consider this to be
ugly is beyond me, given the fact that there is no .NET API to connect to a
shared resource.


Willy.