Click here to Skip to main content
13,042,421 members (137,808 online)
Rate this:
Please Sign up or sign in to vote.

I have a app that copies files to a different machine on our network. It's a simple XP machine we use for daily backups. However, you need to login to the machine before you can do anything. So the app doesn't work unless I first open a shared folder with Explorer on the backup PC and enter my logon details. Once I've logged onto the Backup PC, the app runs fine. But if I don't logon first, the app throws an exception stating that it can't access the destination folder.

Now I can't seem to find a way to add network credentials to the copy process, so I figured I need to give it to the app somehow??

I want to avoid having to setup a FTP server as I feel it's unnecessary for something that should be relatively simple.

So I need my app to "login" to the Backup PC before it tries to copy the files.

Any help would be appreciated.
Posted 14-Oct-10 21:11pm
Updated 14-Oct-10 21:12pm
Rate this: bad
Please Sign up or sign in to vote.

Solution 2

How is your application being run? Is it under windows scheduler or something?

Say it's running under scheduler, you can define a set of credentials at this point. This will form the security context that the application will run under.

Now check your backup machine. Go to 'Manage my Computer' and check under groups \ users. The security context you're using when running your program (e.g MYDOMAIN\AUser) needs to be granted access so that it has rights to the machine.

If all that is OK, you won't need 'log on' via explorer. Windows will negotiate this for you and determine that your program has rights to the machine and allow access.

Don't forget to use full UNC rather than shared drive names which are specific to user profiles. So instead of using


Use something like


You can try setting the thread to the current windows principal, have this happen right at the start of your program

You'll need using System.Security.Principal; and using System.Threading;

WindowsIdentity identity = WindowsIdentity.GetCurrent();
WindowsPrincipal principal = new WindowsPrincipal(identity);
Thread.CurrentPrincipal = principal;

If you're running this within a domain, you should be able to access the other machine no probs.

Can you confirm this?
NeCroFire 15-Oct-10 11:38am
WindowsIdentity does not work. The error now get though says that it's a bad username or password.

We use one of the Backup PC's local users to login to the machine. So if there is a a User1 on the Backup PC, we will use that with it's correlating password.

Is there any way to specify a username and password for WindowsIdentity??
Dylan Morley 15-Oct-10 11:58am
OK that makes sense, the account you are running the program under probably doesn't have rights to access the backup machine.

Any reason why you have to run as a local user + password from the backup machine?

If not, just add the account you run the program as to a group on the backup machine, 'Users' or 'Power Users' should do it. So if you sign into your domain as MyDomain\AUser, just add that to the group.

This approach is better since you won't need to store credentials in config files. Access to the machine is controller by domain account \ local group.

You can simply add other users into the group & they will also be able to run the program.

If you have any password rotation policies enforced on your domain, it means this is all handled automatically.
NeCroFire 19-Oct-10 2:57am
I guess I'll do that then as I can't find a solution anywhere. We are a very small business and we have a straight forward simple LAN merely to have access to the Backup/File server (Which is actually just a normal XP pro machine). We simply don't need anything more then that. So specifying a username + pass in the app would have been the simplest solution, but I guess not.

It's quite silly actually. I mean, If you wrote a browser app like Explorer, how would you specify a username + pass when you try and access a PC on your LAN??
Dylan Morley 19-Oct-10 4:06am
See my other answer below, hth
Rate this: bad
Please Sign up or sign in to vote.

Solution 3

It's a normal winforms app that will do a simple copy of files to the shared folder on the backup PC on a button click.

I have the same problem whether I use a mapped drive or full UNC.

If you were to write a file browser app (Something like Total Commander, or a simple replacement app for explorer), how would you have it authenticate before connecting to a shared folder on another PC?

I forgot to add to the first post that I'm working with C# and .NET 3.5 SP1
Dylan Morley 15-Oct-10 9:40am
See my edit with code snippet. Add comments to the answer rather than submitting answers.
Rate this: bad
Please Sign up or sign in to vote.

Solution 4

OK sure, I was coming at this from a Domain perspective & I always try to keep security functionality within groups where possible.

Maybe have a look into Impersonation

This is using API calls, but should demonstrate the technique for performing a programmatic logon as a user.[^][^]

This should allow you to take on the security context of another user profile (your local XP machine account) and accessing the resources.
NeCroFire 20-Oct-10 5:08am
That worked. Thanks. I did have to set LOGON32_LOGON_INTERACTIVE = 9 to get it to work with the server name instead of a domain name.

However, I now have a new problem. If I run LogonUser then all my FolderBrowseDialogs stop working like they should. Now I only have access to folders in the specified RootFolder of the Dialog. By default I have access to everything. One could even browse through the dialog to other PC's on the network, but not if I run LogonUser.

It would have been fine if Microsoft added a All(or something similar) option to the list of RootFolders that you could choose from in design view. But noOooOOo... now I have to alternate between the default Identity and the Backup PC's Identity to get the result I want or write my own folder browser dialog.

Is there someone at Microsoft whose sole purpose is to think of ways to annoy developers?? Who decided that if the Identity of a app is anything other than Default, the folderbrowsedialog will then only have limited function. And who is the Supervisor/Manager/Project Leader who said: "Yes, this is a good idea.". How long that meeting must have been...
Dylan Morley 20-Oct-10 5:19am
Yeah, because as soon as you run LogonUser you are now running within the security context of that user account which probably has extremely limited access within your LAN

Did you look at the 2nd link for 'Zeta Impersonator'?

I think this wraps everything up in a using block so it's kind of...

using (NewSecurityContext context(username, password, domain))
// Do something under the new security context....e.g - copy files to backup machine
// Exiting the using block reverts to default security context, so you have all of your account rights again.
NeCroFire 20-Oct-10 6:31am
I can't access the 'Zeta Impersonator' link. It says Directory listing denied. But I just notices the '.aspx' was missing from the end of link. That might work for what I want to do. Will give it a go.

NeCroFire 20-Oct-10 6:53am
It worked! Just finished testing. What a mission though. Anyway, I'm just glad I got it working now.

Rate this: bad
Please Sign up or sign in to vote.

Solution 1

Rahul Dhoble 21-Oct-10 9:05am
did you read this post ?

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

Advertise | Privacy | Mobile
Web01 | 2.8.170713.1 | Last Updated 19 Oct 2010
Copyright © CodeProject, 1999-2017
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100