0

我正在使用 C# 编写一个 Windows 应用程序。我有一个要求,将上传到 Windows 窗体的文件保存到网络共享中,但并非所有用户都可以访问网络共享(\\FileServer\SharedFolder)。只有一个用户 ( FileWriter ) 拥有此文件夹的读/写/执行权限。当前用户EmployeeUser对此共享没有任何权限。我通过打开Start->Run \\FileServer\SharedFolder验证了这一点。这给出了拒绝访问错误框。

我使用了 SO Post 中的这个示例,使用FileWriterWNetAddConnection2的不同凭据连接以使用File.Create保存文件Sample.txt。到目前为止一切正常。被调用,我已经在代码调试中验证过了,程序退出了。现在从当前用户,我打开StartMenu --> Run并键入\\FileServer\SharedFolder并立即打开共享,即使 Windows 用户是EmployeeUser。我关闭了资源管理器,几分钟后(通过尝试随机更改)我打开了Start->Run \\FileServer\SharedFolderWNetCancelConnection2 . 现在它给出了一个拒绝访问错误框。

我无法理解这一点,非常感谢任何帮助。

现在,在“拒绝访问”框之后,我使用相同的步骤再次运行该程序,只是Sample.txt(使用 File.Create)被静默覆盖。它不应该给出文件存在错误吗?

4

1 回答 1

0

您可以改用模仿者:

using (var impersonator = new Impersonator(username, password))
{
    File.Copy(source, destination, true);
}

这是我们实施的副本,因此请调整您的域名

using System;
using System.Runtime.InteropServices;
using System.Security.Principal;

public class Impersonator : IDisposable
{
/// <summary>
///     The Impersonator class is used to access a network share with other credentials.
/// </summary>
private readonly WindowsImpersonationContext _impersonatedUser;

private readonly IntPtr _userHandle;

/// <summary>
///     Constructor
/// </summary>
/// <param name="username">The user of the network share</param>
/// <param name="password">The password of the network share</param>
public Impersonator(string username, string password, string userDomain =   "YOURDOMAIN")
{
    _userHandle = new IntPtr(0);
    bool returnValue = LogonUser(username, userDomain, password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,
                                 ref _userHandle);
    if (!returnValue)
        throw new ApplicationException(
            "The applications wasn't able to impersonate the user with the specified credentials!");
    var newId = new WindowsIdentity(_userHandle);
    _impersonatedUser = newId.Impersonate();
}

#region IDisposable Members

public void Dispose()
{
    if (_impersonatedUser != null)
    {
        _impersonatedUser.Undo();
        CloseHandle(_userHandle);
    }
}

#endregion

#region Interop imports/constants

public const int LOGON32_LOGON_INTERACTIVE = 2;
public const int LOGON32_LOGON_SERVICE = 3;
public const int LOGON32_PROVIDER_DEFAULT = 0;

[DllImport("advapi32.dll", CharSet = CharSet.Auto)]
public static extern bool LogonUser(String lpszUserName, String lpszDomain, String lpszPassword, int dwLogonType,
                                    int dwLogonProvider, ref IntPtr phToken);

[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
public static extern bool CloseHandle(IntPtr handle);

#endregion
}
于 2015-11-19T14:49:22.507 回答