I need to create a folder in the file system owned by an special user
created by my application. The idea is that only my app will have
permissions to delete and create files on that folder.
My app is a redistribuitabl e one, so i need to create the user and give
permissions to my app to that folder programatically .
My questions are:
1) Using c# how can i create a new user account
2) How can i asign permissions to a folder to the new user
3) how can i start my app using this new user ?
Regards,
Marcelo. 11 2160
Marcelo,
I have to say, this generally is a bad idea. You should never, ever
take away the right from a user to do what they wish to their machine. What
happens if your app does something wrong, and writes a file to the directory
that needs to be removed for some reason or another? The user wouldn't be
able to fix it at all, since they wouldn't have the rights to remove the
folder and/or the files. You are making the assumption that your code will
be perfect, and also neglecting other factors that could affect your program
(what if the power goes out while writing one of these files, and it becomes
corrupt, for example).
Also, in order to do this all, if the user is on a network and not an
administrator, then more likely than not, they are not going to have the
rights to do this sort of thing.
That being said, to create a new user account, you will have to call the
NetUserAdd function in the Netapi32 dll through the P/Invoke layer. To
assign permissions to a folder for the new user, check out knowledge base
article 318744, titled "HOWTO: Use Visual Basic to Programmaticall y Change
Ownership of a File or Folder", located at (watch for line wrap): http://support.microsoft.com/default...b;en-us;318744
As for starting your app using this new user, check out the
documentation for the Impersonate method on the WindowsIdentity class.
Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
"Marcelo López" <t-********@infoco rp.com.uy> wrote in message
news:Ov******** ******@TK2MSFTN GP12.phx.gbl... I need to create a folder in the file system owned by an special user created by my application. The idea is that only my app will have permissions to delete and create files on that folder. My app is a redistribuitabl e one, so i need to create the user and give permissions to my app to that folder programatically .
My questions are: 1) Using c# how can i create a new user account 2) How can i asign permissions to a folder to the new user 3) how can i start my app using this new user ?
Regards,
Marcelo.
Ok, Nicholas, what you say sounds reasonable. Thanks for your answer.
So that, What would you do in my case if you had to prevent others to modify
the files in a special folder for your app ?. I'm developing a windows
explorer like application. I have a repository in which I store the files
and I don't want anybody else could delete or rename, move, etc. the files
'cause my repository could become inconsistent.
I'd tried using a file watcher, but restoring information in the bd was too
complicated because it was difficult to manage the watcher 's event queue to
exactly know which operation the user had done. Because for example a file
move throw really 4 events: change-deleted-change-created.
What would you do recomend in my case to do ?
I'm developing a career project and I have to finish to January 30, so I
don't have lot time !!
Thanks !!
Marcelo.
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c om> wrote in
message news:#K******** *****@TK2MSFTNG P10.phx.gbl... Marcelo,
I have to say, this generally is a bad idea. You should never, ever take away the right from a user to do what they wish to their machine.
What happens if your app does something wrong, and writes a file to the
directory that needs to be removed for some reason or another? The user wouldn't be able to fix it at all, since they wouldn't have the rights to remove the folder and/or the files. You are making the assumption that your code
will be perfect, and also neglecting other factors that could affect your
program (what if the power goes out while writing one of these files, and it
becomes corrupt, for example).
Also, in order to do this all, if the user is on a network and not an administrator, then more likely than not, they are not going to have the rights to do this sort of thing.
That being said, to create a new user account, you will have to call
the NetUserAdd function in the Netapi32 dll through the P/Invoke layer. To assign permissions to a folder for the new user, check out knowledge base article 318744, titled "HOWTO: Use Visual Basic to Programmaticall y Change Ownership of a File or Folder", located at (watch for line wrap):
http://support.microsoft.com/default...b;en-us;318744
As for starting your app using this new user, check out the documentation for the Impersonate method on the WindowsIdentity class.
Hope this helps.
-- - Nicholas Paldino [.NET/C# MVP] - mv*@spam.guard. caspershouse.co m
"Marcelo López" <t-********@infoco rp.com.uy> wrote in message news:Ov******** ******@TK2MSFTN GP12.phx.gbl... I need to create a folder in the file system owned by an special user created by my application. The idea is that only my app will have permissions to delete and create files on that folder. My app is a redistribuitabl e one, so i need to create the user and give permissions to my app to that folder programatically .
My questions are: 1) Using c# how can i create a new user account 2) How can i asign permissions to a folder to the new user 3) how can i start my app using this new user ?
Regards,
Marcelo.
Don't use C# for this, Learn to use the command line tools.
1) issue a net user command to check user exists, if not create the user
something like:
@Echo Off
Net User MarceloL >NUL: 2>&1
if ERRORLEVEL 1 goto noSuchUser
goto exists
:noSuchUser
net user MarceloL somePassword /add fullname:"Marce lo López")
:exists
...
2) issue a cacls command to set the folder permissions
3) start your program commandline using the "runas" command.
Put this all nicely in a cmd file, and done.
Willy.
"Marcelo López" <t-********@infoco rp.com.uy> wrote in message
news:Ov******** ******@TK2MSFTN GP12.phx.gbl... I need to create a folder in the file system owned by an special user created by my application. The idea is that only my app will have permissions to delete and create files on that folder. My app is a redistribuitabl e one, so i need to create the user and give permissions to my app to that folder programatically .
My questions are: 1) Using c# how can i create a new user account 2) How can i asign permissions to a folder to the new user 3) how can i start my app using this new user ?
Regards,
Marcelo.
Marcelo,
I think that basically, you should have your directory (create it where
you know you can find it), but do not put permissions on it. Rather, have
extensible error handling which would detect when the files are not as they
should be.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
"Marcelo López" <t-********@infoco rp.com.uy> wrote in message
news:%2******** *********@TK2MS FTNGP12.phx.gbl ... Ok, Nicholas, what you say sounds reasonable. Thanks for your answer.
So that, What would you do in my case if you had to prevent others to
modify the files in a special folder for your app ?. I'm developing a windows explorer like application. I have a repository in which I store the files and I don't want anybody else could delete or rename, move, etc. the files 'cause my repository could become inconsistent.
I'd tried using a file watcher, but restoring information in the bd was
too complicated because it was difficult to manage the watcher 's event queue
to exactly know which operation the user had done. Because for example a file move throw really 4 events: change-deleted-change-created.
What would you do recomend in my case to do ?
I'm developing a career project and I have to finish to January 30, so I don't have lot time !!
Thanks !!
Marcelo.
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c om> wrote
in message news:#K******** *****@TK2MSFTNG P10.phx.gbl... Marcelo,
I have to say, this generally is a bad idea. You should never, ever take away the right from a user to do what they wish to their machine. What happens if your app does something wrong, and writes a file to the directory that needs to be removed for some reason or another? The user wouldn't
be able to fix it at all, since they wouldn't have the rights to remove the folder and/or the files. You are making the assumption that your code will be perfect, and also neglecting other factors that could affect your program (what if the power goes out while writing one of these files, and it becomes corrupt, for example).
Also, in order to do this all, if the user is on a network and not
an administrator, then more likely than not, they are not going to have the rights to do this sort of thing.
That being said, to create a new user account, you will have to call the NetUserAdd function in the Netapi32 dll through the P/Invoke layer. To assign permissions to a folder for the new user, check out knowledge
base article 318744, titled "HOWTO: Use Visual Basic to Programmaticall y
Change Ownership of a File or Folder", located at (watch for line wrap):
http://support.microsoft.com/default...b;en-us;318744
As for starting your app using this new user, check out the documentation for the Impersonate method on the WindowsIdentity class.
Hope this helps.
-- - Nicholas Paldino [.NET/C# MVP] - mv*@spam.guard. caspershouse.co m
"Marcelo López" <t-********@infoco rp.com.uy> wrote in message news:Ov******** ******@TK2MSFTN GP12.phx.gbl... I need to create a folder in the file system owned by an special user created by my application. The idea is that only my app will have permissions to delete and create files on that folder. My app is a redistribuitabl e one, so i need to create the user and
give permissions to my app to that folder programatically .
My questions are: 1) Using c# how can i create a new user account 2) How can i asign permissions to a folder to the new user 3) how can i start my app using this new user ?
Regards,
Marcelo.
Ok, Thanks , i'll try this way.
Where can i find more about using the command tools to create users ?
Regards
Marcelo
"Willy Denoyette [MVP]" <wi************ *@pandora.be> wrote in message
news:eM******** ******@tk2msftn gp13.phx.gbl... Don't use C# for this, Learn to use the command line tools. 1) issue a net user command to check user exists, if not create the user something like: @Echo Off Net User MarceloL >NUL: 2>&1 if ERRORLEVEL 1 goto noSuchUser goto exists :noSuchUser net user MarceloL somePassword /add fullname:"Marce lo López") :exists ... 2) issue a cacls command to set the folder permissions 3) start your program commandline using the "runas" command. Put this all nicely in a cmd file, and done.
Willy.
"Marcelo López" <t-********@infoco rp.com.uy> wrote in message news:Ov******** ******@TK2MSFTN GP12.phx.gbl... I need to create a folder in the file system owned by an special user created by my application. The idea is that only my app will have permissions to delete and create files on that folder. My app is a redistribuitabl e one, so i need to create the user and give permissions to my app to that folder programatically .
My questions are: 1) Using c# how can i create a new user account 2) How can i asign permissions to a folder to the new user 3) how can i start my app using this new user ?
Regards,
Marcelo.
From the command prompt type:
net help command
or net command /help
available commands can be viewed with net help
ex. net help user shows all options available for net user
Willy.
"Marcelo López" <ma******@infoc orp.com.uy> wrote in message
news:%2******** ********@TK2MSF TNGP11.phx.gbl. .. Ok, Thanks , i'll try this way.
Where can i find more about using the command tools to create users ?
Regards Marcelo
"Willy Denoyette [MVP]" <wi************ *@pandora.be> wrote in message news:eM******** ******@tk2msftn gp13.phx.gbl... Don't use C# for this, Learn to use the command line tools. 1) issue a net user command to check user exists, if not create the user something like: @Echo Off Net User MarceloL >NUL: 2>&1 if ERRORLEVEL 1 goto noSuchUser goto exists :noSuchUser net user MarceloL somePassword /add fullname:"Marce lo López") :exists ... 2) issue a cacls command to set the folder permissions 3) start your program commandline using the "runas" command. Put this all nicely in a cmd file, and done.
Willy.
"Marcelo López" <t-ma******@infoco rp.com.uy> wrote in message news:Ov******** ******@TK2MSFTN GP12.phx.gbl... I need to create a folder in the file system owned by an special user created by my application. The idea is that only my app will have permissions to delete and create files on that folder. My app is a redistribuitabl e one, so i need to create the user and
give permissions to my app to that folder programatically .
My questions are: 1) Using c# how can i create a new user account 2) How can i asign permissions to a folder to the new user 3) how can i start my app using this new user ?
Regards,
Marcelo.
Ok, very good.
I just only need to assign permissions to my folder...but i don't know how
to do that.. How can i do that ?
Thanks again !
Marcelo
"Willy Denoyette [MVP]" <wi************ *@pandora.be> wrote in message
news:em******** ******@tk2msftn gp13.phx.gbl... From the command prompt type: net help command or net command /help available commands can be viewed with net help
ex. net help user shows all options available for net user
Willy.
"Marcelo López" <ma******@infoc orp.com.uy> wrote in message news:%2******** ********@TK2MSF TNGP11.phx.gbl. .. Ok, Thanks , i'll try this way.
Where can i find more about using the command tools to create users ?
Regards Marcelo
"Willy Denoyette [MVP]" <wi************ *@pandora.be> wrote in message news:eM******** ******@tk2msftn gp13.phx.gbl... Don't use C# for this, Learn to use the command line tools. 1) issue a net user command to check user exists, if not create the
user something like: @Echo Off Net User MarceloL >NUL: 2>&1 if ERRORLEVEL 1 goto noSuchUser goto exists :noSuchUser net user MarceloL somePassword /add fullname:"Marce lo López") :exists ... 2) issue a cacls command to set the folder permissions 3) start your program commandline using the "runas" command. Put this all nicely in a cmd file, and done.
Willy.
"Marcelo López" <t-ma******@infoco rp.com.uy> wrote in message news:Ov******** ******@TK2MSFTN GP12.phx.gbl... > I need to create a folder in the file system owned by an special
user > created by my application. The idea is that only my app will have > permissions to delete and create files on that folder. > My app is a redistribuitabl e one, so i need to create the user and give > permissions to my app to that folder programatically . > > My questions are: > 1) Using c# how can i create a new user account > 2) How can i asign permissions to a folder to the new user > 3) how can i start my app using this new user ? > > Regards, > > Marcelo. > >
Check the cacls.exe command line utility (w2k, and higher).
Willy.
"Marcelo López" <ma******@infoc orp.com.uy> wrote in message
news:OF******** ******@TK2MSFTN GP10.phx.gbl... Ok, very good. I just only need to assign permissions to my folder...but i don't know how to do that.. How can i do that ?
Thanks again ! Marcelo
Willy, hi.
I did what you recomended to me and it works !
But i found a little problem:
The user i had created for my app is on the select list at the windows start
up !!
So the windows user can see it in the select user list and althought he
can't log in because he doesn't know the pass, and i don't want that he
could see the user at the start up.
I saw that other "limited" users like SQLAgent, doesn`t appears at the start
up (wich is logic), so, my question is:
How can i hide the user from the windows start up ??
Regards and thanks !
Marcelo
"Willy Denoyette [MVP]" <wi************ *@pandora.be> wrote in message
news:#7******** ******@TK2MSFTN GP11.phx.gbl... Check the cacls.exe command line utility (w2k, and higher). Willy.
"Marcelo López" <ma******@infoc orp.com.uy> wrote in message news:OF******** ******@TK2MSFTN GP10.phx.gbl... Ok, very good. I just only need to assign permissions to my folder...but i don't know
how to do that.. How can i do that ?
Thanks again ! Marcelo
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: DC Gringo |
last post by:
Using latest SP Win2k and .NET versions, I have a .NET application running
on server1 with a SQL Server database running on server2. I have the
Windows user account passwords sync'd for server1\aspnet (installed by .NET
Framework and server2\aspnet (created by me--this machine has no .NET
Framework on it). The aspnet user on the database server (server2) has
access to the database.
I still get: Login failed for user '(null)'. Reason:...
|
by: jakobsgaard |
last post by:
It is possible to Map a certificate to a Active Directory User Account from
DotNet?
Please provide an example.
Best regards,
Ejnar Jakobsgaard
-------------------------------------------------
To map a certificate to a user account
Open Active Directory Users and Computers.
|
by: Roshan |
last post by:
Hi,
I wanted a reliable way of detecting if a given NTAccount object
represents a user account or group account. I was using
SecurityIdentifier.IsAccountSid() method but this doesn't work as I
expected. It returns true for user accounts and also for groups created
by administrator. Right now I am using the WMI class
System.Management.ManagementClass to get a list of all local user
accounts and am iterating over them to see if the given...
|
by: Dica |
last post by:
i'm getting an error when trying to perform a file move operation. this
operation worked fine on my dev box after i granted read/write/delete perms
to the asp.net user account on the folders i needed to manipulate. now that
i've put the app into production, i'm getting file access errors, so i tried
to add the asp.net user account, but it's not found and nothing under active
directory. i've got asp.net 2.0 set up on a windows2003 standard...
|
by: Not Me |
last post by:
Hey,
We have an sql server 2000 machine and IIS 6 machine running seperately
but on the same domain. I can connect fine to the database without using
impersonation, but when it's enabled I get the error:
"Login failed for user '(null)'. Reason: Not associated with a trusted SQL
Server connection."
When I check System.Security.Principal.WindowsIdentity.GetCurrent().Name I
get the valid domain user that I would expect, why isn't this...
| |
by: archana |
last post by:
Hi all,
I want to develop one web application. What i want is to allow user to
create account but at that time before giving rights to that user
admin should accept this person's account. So what i want is when user
create any account, adming will decide whether to allow user to use
site or not by sending mail containing account activation link to user
into his mail. Only when user go to that link his account will get
activated.
|
by: klenwell |
last post by:
I'm in the process of refactoring the php code base I've amassed over
the last few years into an object-oriented framework. I'm about to
start in on the authentication/login extension and I've been thinking
about different approaches to the mysql table schema that stores basic
user login information. At present, user authentication is keyed to a
table with the following columns:
TABLE: basic_user
uid - int
handle - varchar *
|
by: Alex |
last post by:
Hi everybody
Is creating of the service, which must be ran under the "user account"
something really tricky? I mean if in ServiceProcessInstaller
properties I'm using account: Local System everything works fine. But
if I select account: User, during the service installation process the
dialog pops up where I have to key in user id and password, which is
fine, but after that I'm getting the message: "An exception occurred
during the...
|
by: =?Utf-8?B?Qi5BaGxzdGVkdA==?= |
last post by:
Hi all,
This is something that I have been toying with for about a week now. What
I want to achieve is Install a Service with Customised parameters (using
InstallUtil.exe) for User Name. Example (C#);
public class MyServiceInstaller : System.Configuration.Install.Installer
{
private System.ServiceProcess.ServiceProcessInstaller
serviceProcessInstaller;
|
by: happyse27 |
last post by:
Hi All,
In perl script(item b below) where we check if html registration form are filled in properly without blank with the necessary fields, how to prompt users that the field are incomplete or blank and then go back to main page(item a below user registration html page) always, something like goggle or msn login page function...
Thanks and Best Rgds,
Andrew
a) script called from user registration html...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
| |
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |