Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: .NET3.5 C# Windows .NET Networking , +
Hi
 
I have a app that copies files to a different machine on our network. It's a simple XP machine we use for daily backups. However, you need to login to the machine before you can do anything. So the app doesn't work unless I first open a shared folder with Explorer on the backup PC and enter my logon details. Once I've logged onto the Backup PC, the app runs fine. But if I don't logon first, the app throws an exception stating that it can't access the destination folder.
 
Now I can't seem to find a way to add network credentials to the copy process, so I figured I need to give it to the app somehow??
 
I want to avoid having to setup a FTP server as I feel it's unnecessary for something that should be relatively simple.
 

So I need my app to "login" to the Backup PC before it tries to copy the files.
 
Any help would be appreciated.
Thanks
Posted 14-Oct-10 22:11pm
Edited 14-Oct-10 22:12pm
v2
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 2

How is your application being run? Is it under windows scheduler or something?
 
Say it's running under scheduler, you can define a set of credentials at this point. This will form the security context that the application will run under.
 
Now check your backup machine. Go to 'Manage my Computer' and check under groups \ users. The security context you're using when running your program (e.g MYDOMAIN\AUser) needs to be granted access so that it has rights to the machine.
 
If all that is OK, you won't need 'log on' via explorer. Windows will negotiate this for you and determine that your program has rights to the machine and allow access.
 
Don't forget to use full UNC rather than shared drive names which are specific to user profiles. So instead of using
 
F:\BackupFolder\
 
Use something like
 
\\BackupMachineName\c$\BackupFolder\
 

You can try setting the thread to the current windows principal, have this happen right at the start of your program
 
You'll need using System.Security.Principal; and using System.Threading;
 
WindowsIdentity identity = WindowsIdentity.GetCurrent();
WindowsPrincipal principal = new WindowsPrincipal(identity);
 
Thread.CurrentPrincipal = principal;
 
If you're running this within a domain, you should be able to access the other machine no probs.
 
Can you confirm this?
  Permalink  
v4
Comments
NeCroFire at 15-Oct-10 11:38am
   
WindowsIdentity does not work. The error now get though says that it's a bad username or password.
 
We use one of the Backup PC's local users to login to the machine. So if there is a a User1 on the Backup PC, we will use that with it's correlating password.
 
Is there any way to specify a username and password for WindowsIdentity??
Dylan Morley at 15-Oct-10 11:58am
   
OK that makes sense, the account you are running the program under probably doesn't have rights to access the backup machine.
 
Any reason why you have to run as a local user + password from the backup machine?
 
If not, just add the account you run the program as to a group on the backup machine, 'Users' or 'Power Users' should do it. So if you sign into your domain as MyDomain\AUser, just add that to the group.
 
This approach is better since you won't need to store credentials in config files. Access to the machine is controller by domain account \ local group.
 
You can simply add other users into the group & they will also be able to run the program.
 
If you have any password rotation policies enforced on your domain, it means this is all handled automatically.
NeCroFire at 19-Oct-10 2:57am
   
I guess I'll do that then as I can't find a solution anywhere. We are a very small business and we have a straight forward simple LAN merely to have access to the Backup/File server (Which is actually just a normal XP pro machine). We simply don't need anything more then that. So specifying a username + pass in the app would have been the simplest solution, but I guess not.
 
It's quite silly actually. I mean, If you wrote a browser app like Explorer, how would you specify a username + pass when you try and access a PC on your LAN??
Dylan Morley at 19-Oct-10 4:06am
   
See my other answer below, hth
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 3

It's a normal winforms app that will do a simple copy of files to the shared folder on the backup PC on a button click.
 
I have the same problem whether I use a mapped drive or full UNC.
 
If you were to write a file browser app (Something like Total Commander, or a simple replacement app for explorer), how would you have it authenticate before connecting to a shared folder on another PC?
 
I forgot to add to the first post that I'm working with C# and .NET 3.5 SP1
  Permalink  
v2
Comments
Dylan Morley at 15-Oct-10 9:40am
   
See my edit with code snippet. Add comments to the answer rather than submitting answers.
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 4

OK sure, I was coming at this from a Domain perspective & I always try to keep security functionality within groups where possible.
 
Maybe have a look into Impersonation
 
This is using API calls, but should demonstrate the technique for performing a programmatic logon as a user.
 
http://www.codeproject.com/KB/cs/cpimpersonation1.aspx[^]
 

http://www.codeproject.com/KB/cs/zetaimpersonator[^]
 
This should allow you to take on the security context of another user profile (your local XP machine account) and accessing the resources.
  Permalink  
Comments
NeCroFire at 20-Oct-10 5:08am
   
That worked. Thanks. I did have to set LOGON32_LOGON_INTERACTIVE = 9 to get it to work with the server name instead of a domain name.
 
However, I now have a new problem. If I run LogonUser then all my FolderBrowseDialogs stop working like they should. Now I only have access to folders in the specified RootFolder of the Dialog. By default I have access to everything. One could even browse through the dialog to other PC's on the network, but not if I run LogonUser.
 
It would have been fine if Microsoft added a All(or something similar) option to the list of RootFolders that you could choose from in design view. But noOooOOo... now I have to alternate between the default Identity and the Backup PC's Identity to get the result I want or write my own folder browser dialog.
 
Is there someone at Microsoft whose sole purpose is to think of ways to annoy developers?? Who decided that if the Identity of a app is anything other than Default, the folderbrowsedialog will then only have limited function. And who is the Supervisor/Manager/Project Leader who said: "Yes, this is a good idea.". How long that meeting must have been...
Dylan Morley at 20-Oct-10 5:19am
   
Yeah, because as soon as you run LogonUser you are now running within the security context of that user account which probably has extremely limited access within your LAN
 
Did you look at the 2nd link for 'Zeta Impersonator'?
 
http://www.codeproject.com/KB/cs/zetaimpersonator.aspx
 
I think this wraps everything up in a using block so it's kind of...
 
using (NewSecurityContext context(username, password, domain))
{
// Do something under the new security context....e.g - copy files to backup machine
}
// Exiting the using block reverts to default security context, so you have all of your account rights again.
NeCroFire at 20-Oct-10 6:31am
   
I can't access the 'Zeta Impersonator' link. It says Directory listing denied. But I just notices the '.aspx' was missing from the end of link. That might work for what I want to do. Will give it a go.
 
Thanks
NeCroFire at 20-Oct-10 6:53am
   
It worked! Just finished testing. What a mission though. Anyway, I'm just glad I got it working now.
 
Thanks
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

  Permalink  
Comments
Rahul Dhoble at 21-Oct-10 9:05am
   
did you read this post ?

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 OriginalGriff 6,569
1 Sergey Alexandrovich Kryukov 6,168
2 DamithSL 5,228
3 Manas Bhardwaj 4,717
4 Maciej Los 4,150


Advertise | Privacy | Mobile
Web03 | 2.8.1411022.1 | Last Updated 19 Oct 2010
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100