remote impersonation issue


U

Ulf

Hi all,

I run into some problems when trying to copy a file to a remote
machine.
I first create with WMI a share on the remote machine (works fine),
then impersonate with admin rights and try to copy the file using the
File.Copy method. But the exception always returns a "(local)file not
found" message. Could someone give me a hint where I make a mistake in
the following code ? many thx in advance :)

Ulf

code :

IntPtr tokenHandle = new IntPtr(0);
tokenHandle = IntPtr.Zero;
LogonUser(UserName, HostName, Password, 2, 0, ref tokenHandle);

WindowsIdentity newId = new WindowsIdentity(tokenHandle);
WindowsImpersonationContext newUser = newId.Impersonate();

try
{
File.Copy(filePath,"\\\\" + HostName + "\\" + shareName + "\\" +
fileName,true);
}
catch(Exception copyEx)
{
MessageBox.Show("Copy failure\n" + copyEx.Message,HostName);
}
finally
{
newUser.Undo();
}
 
Ad

Advertisements

D

Dmytro Lapshyn [MVP]

Hi,

Please make sure the user whom you impresonate has enough rights to access
the file on the local machine.
 
W

Willy Denoyette [MVP]

You are impersonating to gain access to the remote resource, but the
impersonated user is not a local account so you are screwed.
One way to solve this, provided you are running XP or higher, is to create a
logon token with "split identity", that is using
LOGON32_LOGON_NEW_CREDENTIALS as dwLogonType (value 3) and the
LOGON32_PROVIDER_WINNT50 dwLogonProvider (value 3).

Willy.

..
 
U

Ulf

Hi Willy,

thx for your advice, always appreciated. I changed my code to
LogonUser(UserName, HostName, Password, 9, 3, ref tokenHandle);
which works fine as long as I connect from XP to XP boxes. But when the
local machine is W2K and the remote one XP, I always get Logon
failures. I tried several different dwLogonType/dwLongonProvider
combinations, but with no success. Is there something special to be
done when connecting from W2K to XP ?

thx,

Ulf
 
Ad

Advertisements

W

Willy Denoyette [MVP]

That's why I said XP and higher only, that means it's not supprted on W2K.
The only way to get this done is by using a domain account logon, but I
guess you don't run in a domain, so the only thing which is left is to
establish a network session with the remote share or remote server using
"net use" command line command.

net use \\server\share password /user:username
where username and password are the remote users credentials.
Once you have this use record in your logon session you can simply copy
files from local disks to the remote share using the UNC path.

Willy.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top