473,398 Members | 2,188 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,398 software developers and data experts.

Impersonation for accessing network resources?

Hi

I have a small WinForms app that needs to copy files from a shared drive on
a network. If I connect to the mapped drive using Explorer, a password dialog
pops-up and I have to provide credentials with permission to access this
resource on the machine where it's hosted. This is once for each desktop
logon session (ie after every reboot). If I do this, my app can access the
network resource fine, but otherwise fails with permission errors.

As my app runs when Windows starts, I don't want to first connect to the
mapped drive each and every time.

I've found some C# code that allows me to impersonate a
domain/account/password context, but it won't work in the scenario I want. I
know the code works because it allows me to impersonate local accounts, just
not access the network resource. When run, the following error occurs:

"Error No: 1326 - Error: Logon failure: unknown user name or bad password."

However, I know the domain/account/password are all correct.

The code is based on Win32 API's LogonUser. Am I barking up the wrong tree?

Thanks

Ben

Dec 14 '05 #1
8 12973

"Ben Fidge" <Be******@discussions.microsoft.com> wrote in message
news:B0**********************************@microsof t.com...
Hi

I have a small WinForms app that needs to copy files from a shared drive
on
a network. If I connect to the mapped drive using Explorer, a password
dialog
pops-up and I have to provide credentials with permission to access this
resource on the machine where it's hosted. This is once for each desktop
logon session (ie after every reboot). If I do this, my app can access the
network resource fine, but otherwise fails with permission errors.

As my app runs when Windows starts, I don't want to first connect to the
mapped drive each and every time.

I've found some C# code that allows me to impersonate a
domain/account/password context, but it won't work in the scenario I want.
I
know the code works because it allows me to impersonate local accounts,
just
not access the network resource. When run, the following error occurs:

"Error No: 1326 - Error: Logon failure: unknown user name or bad
password."

However, I know the domain/account/password are all correct.

The code is based on Win32 API's LogonUser. Am I barking up the wrong
tree?

Thanks

Ben


If you call LogonUser you should specify the credentials of a valid user
that has appropriate privileges to access the remote server.
Willy.

Dec 14 '05 #2
Basically I've been using [domain]\Administrator and [password] the same as
I enter when I try to access the mapped drive from explorer. However it
works in explorer but not my app. However, if I first connect using
Explorer, I then don't need to use LogonUser. Strange!

Ben
"Willy Denoyette [MVP]" <wi*************@telenet.be> wrote in message
news:Ob**************@tk2msftngp13.phx.gbl...

"Ben Fidge" <Be******@discussions.microsoft.com> wrote in message
news:B0**********************************@microsof t.com...
Hi

I have a small WinForms app that needs to copy files from a shared drive
on
a network. If I connect to the mapped drive using Explorer, a password
dialog
pops-up and I have to provide credentials with permission to access this
resource on the machine where it's hosted. This is once for each desktop
logon session (ie after every reboot). If I do this, my app can access
the
network resource fine, but otherwise fails with permission errors.

As my app runs when Windows starts, I don't want to first connect to the
mapped drive each and every time.

I've found some C# code that allows me to impersonate a
domain/account/password context, but it won't work in the scenario I
want. I
know the code works because it allows me to impersonate local accounts,
just
not access the network resource. When run, the following error occurs:

"Error No: 1326 - Error: Logon failure: unknown user name or bad
password."

However, I know the domain/account/password are all correct.

The code is based on Win32 API's LogonUser. Am I barking up the wrong
tree?

Thanks

Ben


If you call LogonUser you should specify the credentials of a valid user
that has appropriate privileges to access the remote server.
Willy.

Dec 15 '05 #3
Beware "domain\\Administrator" or @"domain\administrator" not
"domain\administrator".

Once you have a connected network session it remains valid for the whole
logon session, that is why you should create a session from your domain
logon (through a logon script) or from a batch file that runs when a user
logs on locally instead of impersonating in user applications.

Willy.

"Ben Fidge" <be*******@nospambtopenworld.com> wrote in message
news:%2***************@TK2MSFTNGP15.phx.gbl...
Basically I've been using [domain]\Administrator and [password] the same
as I enter when I try to access the mapped drive from explorer. However it
works in explorer but not my app. However, if I first connect using
Explorer, I then don't need to use LogonUser. Strange!

Ben
"Willy Denoyette [MVP]" <wi*************@telenet.be> wrote in message
news:Ob**************@tk2msftngp13.phx.gbl...

"Ben Fidge" <Be******@discussions.microsoft.com> wrote in message
news:B0**********************************@microsof t.com...
Hi

I have a small WinForms app that needs to copy files from a shared drive
on
a network. If I connect to the mapped drive using Explorer, a password
dialog
pops-up and I have to provide credentials with permission to access this
resource on the machine where it's hosted. This is once for each desktop
logon session (ie after every reboot). If I do this, my app can access
the
network resource fine, but otherwise fails with permission errors.

As my app runs when Windows starts, I don't want to first connect to the
mapped drive each and every time.

I've found some C# code that allows me to impersonate a
domain/account/password context, but it won't work in the scenario I
want. I
know the code works because it allows me to impersonate local accounts,
just
not access the network resource. When run, the following error occurs:

"Error No: 1326 - Error: Logon failure: unknown user name or bad
password."

However, I know the domain/account/password are all correct.

The code is based on Win32 API's LogonUser. Am I barking up the wrong
tree?

Thanks

Ben


If you call LogonUser you should specify the credentials of a valid user
that has appropriate privileges to access the remote server.
Willy.


Dec 15 '05 #4
Hi Willy,

The domain, account and password are all entered via a Form and not
hard-coded. I've tried passing all three to LogonUser as seperate
parameters, to no avail. I've also tried leaving domain param empty (not
null though) and concatenating doman and account together and passing them
in the Account param.

Really starting to frustrate me now.

Ben

"Willy Denoyette [MVP]" <wi*************@telenet.be> wrote in message
news:eS**************@TK2MSFTNGP11.phx.gbl...
Beware "domain\\Administrator" or @"domain\administrator" not
"domain\administrator".

Once you have a connected network session it remains valid for the whole
logon session, that is why you should create a session from your domain
logon (through a logon script) or from a batch file that runs when a user
logs on locally instead of impersonating in user applications.

Willy.

"Ben Fidge" <be*******@nospambtopenworld.com> wrote in message
news:%2***************@TK2MSFTNGP15.phx.gbl...
Basically I've been using [domain]\Administrator and [password] the same
as I enter when I try to access the mapped drive from explorer. However
it works in explorer but not my app. However, if I first connect using
Explorer, I then don't need to use LogonUser. Strange!

Ben
"Willy Denoyette [MVP]" <wi*************@telenet.be> wrote in message
news:Ob**************@tk2msftngp13.phx.gbl...

"Ben Fidge" <Be******@discussions.microsoft.com> wrote in message
news:B0**********************************@microsof t.com...
Hi

I have a small WinForms app that needs to copy files from a shared
drive on
a network. If I connect to the mapped drive using Explorer, a password
dialog
pops-up and I have to provide credentials with permission to access
this
resource on the machine where it's hosted. This is once for each
desktop
logon session (ie after every reboot). If I do this, my app can access
the
network resource fine, but otherwise fails with permission errors.

As my app runs when Windows starts, I don't want to first connect to
the
mapped drive each and every time.

I've found some C# code that allows me to impersonate a
domain/account/password context, but it won't work in the scenario I
want. I
know the code works because it allows me to impersonate local accounts,
just
not access the network resource. When run, the following error occurs:

"Error No: 1326 - Error: Logon failure: unknown user name or bad
password."

However, I know the domain/account/password are all correct.

The code is based on Win32 API's LogonUser. Am I barking up the wrong
tree?

Thanks

Ben
If you call LogonUser you should specify the credentials of a valid user
that has appropriate privileges to access the remote server.
Willy.



Dec 15 '05 #5

"Ben Fidge" <be*******@nospambtopenworld.com> wrote in message
news:eb**************@TK2MSFTNGP10.phx.gbl...
Hi Willy,

The domain, account and password are all entered via a Form and not
hard-coded. I've tried passing all three to LogonUser as seperate
parameters, to no avail. I've also tried leaving domain param empty (not
null though) and concatenating doman and account together and passing them
in the Account param.

Really starting to frustrate me now.

Ben


I understand your frustration, but you need to make sure that
- the user account string you pass to LogonUser() has the correct syntax,
that is, it should contain the accountname "accountname" or the
"account@domainname" in UPN format
- the domain name must refer to your account domain if the user name is NOT
in UPN format, else it must be null or . for local user accounts or the
remote machine name for non local/non domain accounts.
So in your case the call could look like :

LogonUser("Administrator", "YourDomainName", "YourAdminsPwd",...);

Willy.

Dec 15 '05 #6
Hi Willy,

Does LogonUser login the specified user into the local system only, or can
it be used to specify credentials when accessing a network resource. I've
tried everything you've suggested and it's occured to me that I'm trying to
provide credentials for the administrator account of the SERVER where my
files are located. I'm owrried I might actually be trying to logon to my
local machine using credentials it knows nothing about.

Ben

"Willy Denoyette [MVP]" wrote:

"Ben Fidge" <be*******@nospambtopenworld.com> wrote in message
news:eb**************@TK2MSFTNGP10.phx.gbl...
Hi Willy,

The domain, account and password are all entered via a Form and not
hard-coded. I've tried passing all three to LogonUser as seperate
parameters, to no avail. I've also tried leaving domain param empty (not
null though) and concatenating doman and account together and passing them
in the Account param.

Really starting to frustrate me now.

Ben


I understand your frustration, but you need to make sure that
- the user account string you pass to LogonUser() has the correct syntax,
that is, it should contain the accountname "accountname" or the
"account@domainname" in UPN format
- the domain name must refer to your account domain if the user name is NOT
in UPN format, else it must be null or . for local user accounts or the
remote machine name for non local/non domain accounts.
So in your case the call could look like :

LogonUser("Administrator", "YourDomainName", "YourAdminsPwd",...);

Willy.

Dec 16 '05 #7
Found it!!

First of all, I was assuming that LogonUser returned 0 (zero) on success,
wrongly. Secondly, I changed my code to use LOGON32_LOGON_NEW_CREDENTIALS
instead of LOGON32_LOGON_NETWORK, and it works a treat.

Thanks for your help Willy.

Ben

"Ben Fidge" wrote:
Hi Willy,

Does LogonUser login the specified user into the local system only, or can
it be used to specify credentials when accessing a network resource. I've
tried everything you've suggested and it's occured to me that I'm trying to
provide credentials for the administrator account of the SERVER where my
files are located. I'm owrried I might actually be trying to logon to my
local machine using credentials it knows nothing about.

Ben

"Willy Denoyette [MVP]" wrote:

"Ben Fidge" <be*******@nospambtopenworld.com> wrote in message
news:eb**************@TK2MSFTNGP10.phx.gbl...
Hi Willy,

The domain, account and password are all entered via a Form and not
hard-coded. I've tried passing all three to LogonUser as seperate
parameters, to no avail. I've also tried leaving domain param empty (not
null though) and concatenating doman and account together and passing them
in the Account param.

Really starting to frustrate me now.

Ben


I understand your frustration, but you need to make sure that
- the user account string you pass to LogonUser() has the correct syntax,
that is, it should contain the accountname "accountname" or the
"account@domainname" in UPN format
- the domain name must refer to your account domain if the user name is NOT
in UPN format, else it must be null or . for local user accounts or the
remote machine name for non local/non domain accounts.
So in your case the call could look like :

LogonUser("Administrator", "YourDomainName", "YourAdminsPwd",...);

Willy.

Dec 16 '05 #8
You should not use LOGON32_LOGON_NETWORK to obtain an access token to access
remote server resources when impersonating, this type of logon token has no
network access.
LOGON32_LOGON_NEW_CREDENTIALS (w2k and up) uses the supplied credentials to
access the remote server, while using your current logon token to access
local resources.

Willy.
"Ben Fidge" <Be******@discussions.microsoft.com> wrote in message
news:E6**********************************@microsof t.com...
Found it!!

First of all, I was assuming that LogonUser returned 0 (zero) on success,
wrongly. Secondly, I changed my code to use LOGON32_LOGON_NEW_CREDENTIALS
instead of LOGON32_LOGON_NETWORK, and it works a treat.

Thanks for your help Willy.

Ben

"Ben Fidge" wrote:
Hi Willy,

Does LogonUser login the specified user into the local system only, or
can
it be used to specify credentials when accessing a network resource. I've
tried everything you've suggested and it's occured to me that I'm trying
to
provide credentials for the administrator account of the SERVER where my
files are located. I'm owrried I might actually be trying to logon to my
local machine using credentials it knows nothing about.

Ben

"Willy Denoyette [MVP]" wrote:
>
> "Ben Fidge" <be*******@nospambtopenworld.com> wrote in message
> news:eb**************@TK2MSFTNGP10.phx.gbl...
> > Hi Willy,
> >
> > The domain, account and password are all entered via a Form and not
> > hard-coded. I've tried passing all three to LogonUser as seperate
> > parameters, to no avail. I've also tried leaving domain param empty
> > (not
> > null though) and concatenating doman and account together and passing
> > them
> > in the Account param.
> >
> > Really starting to frustrate me now.
> >
> > Ben
> >
>
> I understand your frustration, but you need to make sure that
> - the user account string you pass to LogonUser() has the correct
> syntax,
> that is, it should contain the accountname "accountname" or the
> "account@domainname" in UPN format
> - the domain name must refer to your account domain if the user name is
> NOT
> in UPN format, else it must be null or . for local user accounts or the
> remote machine name for non local/non domain accounts.
> So in your case the call could look like :
>
> LogonUser("Administrator", "YourDomainName", "YourAdminsPwd",...);
>
> Willy.
>
>
>
>

Dec 16 '05 #9

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

23
by: Lamberti Fabrizio | last post by:
Hi all, I've to access to a network file from an asp pages. I've red a lot of things on old posts and on Microsoft article but I can't still solve my problem. I've got two server inside the...
1
by: alojzy b | last post by:
I have problem with network object. When I try to get network resources (for example using metod MapNetworkDrive) I get message that "there is no permission..." But user, browsing my web service,...
1
by: mbah Sumani via .NET 247 | last post by:
(Type your message here) I Think it's the stupidness of Windows. Why the service can't access network drive but console apps or windows application can do it? So my suggestion is make the program...
2
by: Siva | last post by:
Hi, I am trying to run my ASP.Net web app. As part of this app, it needs to create a file in a share in side of the intranet. When I run this app from a machine which is same as the web server,...
1
by: Ganesh | last post by:
I have a web application that is forms authenticated. From one of the web forms in this application i invoke a web service. One of the web methods in this web service accesses database, gets the...
3
by: utabintarbo | last post by:
Is there a way to (programmatically) access network resources from a WinXP client without a user being logged in? I guess I need to know where the fstab file is in Windows. :-P Some more...
1
by: Salty Dog | last post by:
I would like for server-side VBscript code to save a file to a remote server's network share. I've noticed that the exact code that would run from the command prompt does not get access to files...
4
by: accyboy1981 | last post by:
Hi, I'm looking to create a simple application that will copy files from a folder on one PC on the network to another PC on the network but I am having a bit of difficulty doing this. The...
0
by: Sucheta Pawade | last post by:
Hi All, I want to access a folder shared across network which contains very important files and My ASP.NET application is deployed on DMZ and files are shared in other network. Currently...
1
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
1
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
0
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
0
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
0
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
0
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
0
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
0
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
0
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.