473,327 Members | 1,920 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,327 software developers and data experts.

Impersonation for accessing network resources?

Hi

I have a small WinForms app that needs to copy files from a shared drive on
a network. If I connect to the mapped drive using Explorer, a password dialog
pops-up and I have to provide credentials with permission to access this
resource on the machine where it's hosted. This is once for each desktop
logon session (ie after every reboot). If I do this, my app can access the
network resource fine, but otherwise fails with permission errors.

As my app runs when Windows starts, I don't want to first connect to the
mapped drive each and every time.

I've found some C# code that allows me to impersonate a
domain/account/password context, but it won't work in the scenario I want. I
know the code works because it allows me to impersonate local accounts, just
not access the network resource. When run, the following error occurs:

"Error No: 1326 - Error: Logon failure: unknown user name or bad password."

However, I know the domain/account/password are all correct.

The code is based on Win32 API's LogonUser. Am I barking up the wrong tree?

Thanks

Ben

Dec 14 '05 #1
8 12956

"Ben Fidge" <Be******@discussions.microsoft.com> wrote in message
news:B0**********************************@microsof t.com...
Hi

I have a small WinForms app that needs to copy files from a shared drive
on
a network. If I connect to the mapped drive using Explorer, a password
dialog
pops-up and I have to provide credentials with permission to access this
resource on the machine where it's hosted. This is once for each desktop
logon session (ie after every reboot). If I do this, my app can access the
network resource fine, but otherwise fails with permission errors.

As my app runs when Windows starts, I don't want to first connect to the
mapped drive each and every time.

I've found some C# code that allows me to impersonate a
domain/account/password context, but it won't work in the scenario I want.
I
know the code works because it allows me to impersonate local accounts,
just
not access the network resource. When run, the following error occurs:

"Error No: 1326 - Error: Logon failure: unknown user name or bad
password."

However, I know the domain/account/password are all correct.

The code is based on Win32 API's LogonUser. Am I barking up the wrong
tree?

Thanks

Ben


If you call LogonUser you should specify the credentials of a valid user
that has appropriate privileges to access the remote server.
Willy.

Dec 14 '05 #2
Basically I've been using [domain]\Administrator and [password] the same as
I enter when I try to access the mapped drive from explorer. However it
works in explorer but not my app. However, if I first connect using
Explorer, I then don't need to use LogonUser. Strange!

Ben
"Willy Denoyette [MVP]" <wi*************@telenet.be> wrote in message
news:Ob**************@tk2msftngp13.phx.gbl...

"Ben Fidge" <Be******@discussions.microsoft.com> wrote in message
news:B0**********************************@microsof t.com...
Hi

I have a small WinForms app that needs to copy files from a shared drive
on
a network. If I connect to the mapped drive using Explorer, a password
dialog
pops-up and I have to provide credentials with permission to access this
resource on the machine where it's hosted. This is once for each desktop
logon session (ie after every reboot). If I do this, my app can access
the
network resource fine, but otherwise fails with permission errors.

As my app runs when Windows starts, I don't want to first connect to the
mapped drive each and every time.

I've found some C# code that allows me to impersonate a
domain/account/password context, but it won't work in the scenario I
want. I
know the code works because it allows me to impersonate local accounts,
just
not access the network resource. When run, the following error occurs:

"Error No: 1326 - Error: Logon failure: unknown user name or bad
password."

However, I know the domain/account/password are all correct.

The code is based on Win32 API's LogonUser. Am I barking up the wrong
tree?

Thanks

Ben


If you call LogonUser you should specify the credentials of a valid user
that has appropriate privileges to access the remote server.
Willy.

Dec 15 '05 #3
Beware "domain\\Administrator" or @"domain\administrator" not
"domain\administrator".

Once you have a connected network session it remains valid for the whole
logon session, that is why you should create a session from your domain
logon (through a logon script) or from a batch file that runs when a user
logs on locally instead of impersonating in user applications.

Willy.

"Ben Fidge" <be*******@nospambtopenworld.com> wrote in message
news:%2***************@TK2MSFTNGP15.phx.gbl...
Basically I've been using [domain]\Administrator and [password] the same
as I enter when I try to access the mapped drive from explorer. However it
works in explorer but not my app. However, if I first connect using
Explorer, I then don't need to use LogonUser. Strange!

Ben
"Willy Denoyette [MVP]" <wi*************@telenet.be> wrote in message
news:Ob**************@tk2msftngp13.phx.gbl...

"Ben Fidge" <Be******@discussions.microsoft.com> wrote in message
news:B0**********************************@microsof t.com...
Hi

I have a small WinForms app that needs to copy files from a shared drive
on
a network. If I connect to the mapped drive using Explorer, a password
dialog
pops-up and I have to provide credentials with permission to access this
resource on the machine where it's hosted. This is once for each desktop
logon session (ie after every reboot). If I do this, my app can access
the
network resource fine, but otherwise fails with permission errors.

As my app runs when Windows starts, I don't want to first connect to the
mapped drive each and every time.

I've found some C# code that allows me to impersonate a
domain/account/password context, but it won't work in the scenario I
want. I
know the code works because it allows me to impersonate local accounts,
just
not access the network resource. When run, the following error occurs:

"Error No: 1326 - Error: Logon failure: unknown user name or bad
password."

However, I know the domain/account/password are all correct.

The code is based on Win32 API's LogonUser. Am I barking up the wrong
tree?

Thanks

Ben


If you call LogonUser you should specify the credentials of a valid user
that has appropriate privileges to access the remote server.
Willy.


Dec 15 '05 #4
Hi Willy,

The domain, account and password are all entered via a Form and not
hard-coded. I've tried passing all three to LogonUser as seperate
parameters, to no avail. I've also tried leaving domain param empty (not
null though) and concatenating doman and account together and passing them
in the Account param.

Really starting to frustrate me now.

Ben

"Willy Denoyette [MVP]" <wi*************@telenet.be> wrote in message
news:eS**************@TK2MSFTNGP11.phx.gbl...
Beware "domain\\Administrator" or @"domain\administrator" not
"domain\administrator".

Once you have a connected network session it remains valid for the whole
logon session, that is why you should create a session from your domain
logon (through a logon script) or from a batch file that runs when a user
logs on locally instead of impersonating in user applications.

Willy.

"Ben Fidge" <be*******@nospambtopenworld.com> wrote in message
news:%2***************@TK2MSFTNGP15.phx.gbl...
Basically I've been using [domain]\Administrator and [password] the same
as I enter when I try to access the mapped drive from explorer. However
it works in explorer but not my app. However, if I first connect using
Explorer, I then don't need to use LogonUser. Strange!

Ben
"Willy Denoyette [MVP]" <wi*************@telenet.be> wrote in message
news:Ob**************@tk2msftngp13.phx.gbl...

"Ben Fidge" <Be******@discussions.microsoft.com> wrote in message
news:B0**********************************@microsof t.com...
Hi

I have a small WinForms app that needs to copy files from a shared
drive on
a network. If I connect to the mapped drive using Explorer, a password
dialog
pops-up and I have to provide credentials with permission to access
this
resource on the machine where it's hosted. This is once for each
desktop
logon session (ie after every reboot). If I do this, my app can access
the
network resource fine, but otherwise fails with permission errors.

As my app runs when Windows starts, I don't want to first connect to
the
mapped drive each and every time.

I've found some C# code that allows me to impersonate a
domain/account/password context, but it won't work in the scenario I
want. I
know the code works because it allows me to impersonate local accounts,
just
not access the network resource. When run, the following error occurs:

"Error No: 1326 - Error: Logon failure: unknown user name or bad
password."

However, I know the domain/account/password are all correct.

The code is based on Win32 API's LogonUser. Am I barking up the wrong
tree?

Thanks

Ben
If you call LogonUser you should specify the credentials of a valid user
that has appropriate privileges to access the remote server.
Willy.



Dec 15 '05 #5

"Ben Fidge" <be*******@nospambtopenworld.com> wrote in message
news:eb**************@TK2MSFTNGP10.phx.gbl...
Hi Willy,

The domain, account and password are all entered via a Form and not
hard-coded. I've tried passing all three to LogonUser as seperate
parameters, to no avail. I've also tried leaving domain param empty (not
null though) and concatenating doman and account together and passing them
in the Account param.

Really starting to frustrate me now.

Ben


I understand your frustration, but you need to make sure that
- the user account string you pass to LogonUser() has the correct syntax,
that is, it should contain the accountname "accountname" or the
"account@domainname" in UPN format
- the domain name must refer to your account domain if the user name is NOT
in UPN format, else it must be null or . for local user accounts or the
remote machine name for non local/non domain accounts.
So in your case the call could look like :

LogonUser("Administrator", "YourDomainName", "YourAdminsPwd",...);

Willy.

Dec 15 '05 #6
Hi Willy,

Does LogonUser login the specified user into the local system only, or can
it be used to specify credentials when accessing a network resource. I've
tried everything you've suggested and it's occured to me that I'm trying to
provide credentials for the administrator account of the SERVER where my
files are located. I'm owrried I might actually be trying to logon to my
local machine using credentials it knows nothing about.

Ben

"Willy Denoyette [MVP]" wrote:

"Ben Fidge" <be*******@nospambtopenworld.com> wrote in message
news:eb**************@TK2MSFTNGP10.phx.gbl...
Hi Willy,

The domain, account and password are all entered via a Form and not
hard-coded. I've tried passing all three to LogonUser as seperate
parameters, to no avail. I've also tried leaving domain param empty (not
null though) and concatenating doman and account together and passing them
in the Account param.

Really starting to frustrate me now.

Ben


I understand your frustration, but you need to make sure that
- the user account string you pass to LogonUser() has the correct syntax,
that is, it should contain the accountname "accountname" or the
"account@domainname" in UPN format
- the domain name must refer to your account domain if the user name is NOT
in UPN format, else it must be null or . for local user accounts or the
remote machine name for non local/non domain accounts.
So in your case the call could look like :

LogonUser("Administrator", "YourDomainName", "YourAdminsPwd",...);

Willy.

Dec 16 '05 #7
Found it!!

First of all, I was assuming that LogonUser returned 0 (zero) on success,
wrongly. Secondly, I changed my code to use LOGON32_LOGON_NEW_CREDENTIALS
instead of LOGON32_LOGON_NETWORK, and it works a treat.

Thanks for your help Willy.

Ben

"Ben Fidge" wrote:
Hi Willy,

Does LogonUser login the specified user into the local system only, or can
it be used to specify credentials when accessing a network resource. I've
tried everything you've suggested and it's occured to me that I'm trying to
provide credentials for the administrator account of the SERVER where my
files are located. I'm owrried I might actually be trying to logon to my
local machine using credentials it knows nothing about.

Ben

"Willy Denoyette [MVP]" wrote:

"Ben Fidge" <be*******@nospambtopenworld.com> wrote in message
news:eb**************@TK2MSFTNGP10.phx.gbl...
Hi Willy,

The domain, account and password are all entered via a Form and not
hard-coded. I've tried passing all three to LogonUser as seperate
parameters, to no avail. I've also tried leaving domain param empty (not
null though) and concatenating doman and account together and passing them
in the Account param.

Really starting to frustrate me now.

Ben


I understand your frustration, but you need to make sure that
- the user account string you pass to LogonUser() has the correct syntax,
that is, it should contain the accountname "accountname" or the
"account@domainname" in UPN format
- the domain name must refer to your account domain if the user name is NOT
in UPN format, else it must be null or . for local user accounts or the
remote machine name for non local/non domain accounts.
So in your case the call could look like :

LogonUser("Administrator", "YourDomainName", "YourAdminsPwd",...);

Willy.

Dec 16 '05 #8
You should not use LOGON32_LOGON_NETWORK to obtain an access token to access
remote server resources when impersonating, this type of logon token has no
network access.
LOGON32_LOGON_NEW_CREDENTIALS (w2k and up) uses the supplied credentials to
access the remote server, while using your current logon token to access
local resources.

Willy.
"Ben Fidge" <Be******@discussions.microsoft.com> wrote in message
news:E6**********************************@microsof t.com...
Found it!!

First of all, I was assuming that LogonUser returned 0 (zero) on success,
wrongly. Secondly, I changed my code to use LOGON32_LOGON_NEW_CREDENTIALS
instead of LOGON32_LOGON_NETWORK, and it works a treat.

Thanks for your help Willy.

Ben

"Ben Fidge" wrote:
Hi Willy,

Does LogonUser login the specified user into the local system only, or
can
it be used to specify credentials when accessing a network resource. I've
tried everything you've suggested and it's occured to me that I'm trying
to
provide credentials for the administrator account of the SERVER where my
files are located. I'm owrried I might actually be trying to logon to my
local machine using credentials it knows nothing about.

Ben

"Willy Denoyette [MVP]" wrote:
>
> "Ben Fidge" <be*******@nospambtopenworld.com> wrote in message
> news:eb**************@TK2MSFTNGP10.phx.gbl...
> > Hi Willy,
> >
> > The domain, account and password are all entered via a Form and not
> > hard-coded. I've tried passing all three to LogonUser as seperate
> > parameters, to no avail. I've also tried leaving domain param empty
> > (not
> > null though) and concatenating doman and account together and passing
> > them
> > in the Account param.
> >
> > Really starting to frustrate me now.
> >
> > Ben
> >
>
> I understand your frustration, but you need to make sure that
> - the user account string you pass to LogonUser() has the correct
> syntax,
> that is, it should contain the accountname "accountname" or the
> "account@domainname" in UPN format
> - the domain name must refer to your account domain if the user name is
> NOT
> in UPN format, else it must be null or . for local user accounts or the
> remote machine name for non local/non domain accounts.
> So in your case the call could look like :
>
> LogonUser("Administrator", "YourDomainName", "YourAdminsPwd",...);
>
> Willy.
>
>
>
>

Dec 16 '05 #9

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

23
by: Lamberti Fabrizio | last post by:
Hi all, I've to access to a network file from an asp pages. I've red a lot of things on old posts and on Microsoft article but I can't still solve my problem. I've got two server inside the...
1
by: alojzy b | last post by:
I have problem with network object. When I try to get network resources (for example using metod MapNetworkDrive) I get message that "there is no permission..." But user, browsing my web service,...
1
by: mbah Sumani via .NET 247 | last post by:
(Type your message here) I Think it's the stupidness of Windows. Why the service can't access network drive but console apps or windows application can do it? So my suggestion is make the program...
2
by: Siva | last post by:
Hi, I am trying to run my ASP.Net web app. As part of this app, it needs to create a file in a share in side of the intranet. When I run this app from a machine which is same as the web server,...
1
by: Ganesh | last post by:
I have a web application that is forms authenticated. From one of the web forms in this application i invoke a web service. One of the web methods in this web service accesses database, gets the...
3
by: utabintarbo | last post by:
Is there a way to (programmatically) access network resources from a WinXP client without a user being logged in? I guess I need to know where the fstab file is in Windows. :-P Some more...
1
by: Salty Dog | last post by:
I would like for server-side VBscript code to save a file to a remote server's network share. I've noticed that the exact code that would run from the command prompt does not get access to files...
4
by: accyboy1981 | last post by:
Hi, I'm looking to create a simple application that will copy files from a folder on one PC on the network to another PC on the network but I am having a bit of difficulty doing this. The...
0
by: Sucheta Pawade | last post by:
Hi All, I want to access a folder shared across network which contains very important files and My ASP.NET application is deployed on DMZ and files are shared in other network. Currently...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.