连接到网络共享时如何提供用户名和密码

当连接到当前用户(在本例中为网络服务用户)没有权限的网络共享时,必须提供名称和密码。

我知道如何使用Win32函数(来自mpr.dllWNet*系列)执行此操作,但希望使用.Net(2.0)功能执行此操作。

有什么选择可用?

也许更多的信息可以帮助:

  • 用例是一个windows服务,而不是Asp.Net应用程序。
  • 该服务运行在一个没有共享权限的帐户下。
  • 客户端不知道共享所需的用户帐户。
  • 客户端和服务器不是同一个域的成员。

  • 您可以更改线程标识或P / Invoke WNetAddConnection2。 我更喜欢后者,因为我有时需要为不同位置维护多个凭据。 我将它封装到一个IDisposable中,然后调用WNetCancelConnection2以删除信用(避免多个用户名错误):

    using (new NetworkConnection(@"serverread", readCredentials))
    using (new NetworkConnection(@"server2write", writeCredentials)) {
       File.Copy(@"serverreadfile", @"server2writefile");
    }
    

    我非常喜欢马克·布拉克特的回答,所以我做了我自己的快速实施。 在这里,如果其他人急需它,

    public class NetworkConnection : IDisposable
    {
        string _networkName;
    
        public NetworkConnection(string networkName, 
            NetworkCredential credentials)
        {
            _networkName = networkName;
    
            var netResource = new NetResource()
            {
                Scope = ResourceScope.GlobalNetwork,
                ResourceType = ResourceType.Disk,
                DisplayType = ResourceDisplaytype.Share,
                RemoteName = networkName
            };
    
            var userName = string.IsNullOrEmpty(credentials.Domain)
                ? credentials.UserName
                : string.Format(@"{0}{1}", credentials.Domain, credentials.UserName);
    
            var result = WNetAddConnection2(
                netResource, 
                credentials.Password,
                userName,
                0);
    
            if (result != 0)
            {
                throw new Win32Exception(result, "Error connecting to remote share");
            }   
        }
    
        ~NetworkConnection()
        {
            Dispose(false);
        }
    
        public void Dispose()
        {
            Dispose(true);
            GC.SuppressFinalize(this);
        }
    
        protected virtual void Dispose(bool disposing)
        {
            WNetCancelConnection2(_networkName, 0, true);
        }
    
        [DllImport("mpr.dll")]
        private static extern int WNetAddConnection2(NetResource netResource, 
            string password, string username, int flags);
    
        [DllImport("mpr.dll")]
        private static extern int WNetCancelConnection2(string name, int flags,
            bool force);
    }
    
    [StructLayout(LayoutKind.Sequential)]
    public class NetResource
    {
        public ResourceScope Scope;
        public ResourceType ResourceType;
        public ResourceDisplaytype DisplayType;
        public int Usage;
        public string LocalName;
        public string RemoteName;
        public string Comment;
        public string Provider;
    }
    
    public enum ResourceScope : int
    {
        Connected = 1,
        GlobalNetwork,
        Remembered,
        Recent,
        Context
    };
    
    public enum ResourceType : int
    {
        Any = 0,
        Disk = 1,
        Print = 2,
        Reserved = 8,
    }
    
    public enum ResourceDisplaytype : int
    {
        Generic = 0x0,
        Domain = 0x01,
        Server = 0x02,
        Share = 0x03,
        File = 0x04,
        Group = 0x05,
        Network = 0x06,
        Root = 0x07,
        Shareadmin = 0x08,
        Directory = 0x09,
        Tree = 0x0a,
        Ndscontainer = 0x0b
    }
    

    今天7年后,我面临同样的问题,我想分享我的解决方案版本。

    它是复制和粘贴准备:-)这是它:

    步骤1

    在你的代码中(只要你需要做一些权限)

    ImpersonationHelper.Impersonate(domain, userName, userPassword, delegate
                                {
                                    //Your code here 
                                    //Let's say file copy:
                                    if (!File.Exists(to))
                                    {
                                        File.Copy(from, to);
                                    }
                                });
    

    第2步

    助手文件做了一个魔术

    using System;
    using System.Runtime.ConstrainedExecution;
    using System.Runtime.InteropServices;
    using System.Security;
    using System.Security.Permissions;
    using System.Security.Principal;    
    using Microsoft.Win32.SafeHandles;
    
    
    namespace BlaBla
    {
        public sealed class SafeTokenHandle : SafeHandleZeroOrMinusOneIsInvalid
        {
            private SafeTokenHandle()
                : base(true)
            {
            }
    
            [DllImport("kernel32.dll")]
            [ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)]
            [SuppressUnmanagedCodeSecurity]
            [return: MarshalAs(UnmanagedType.Bool)]
            private static extern bool CloseHandle(IntPtr handle);
    
            protected override bool ReleaseHandle()
            {
                return CloseHandle(handle);
            }
        }
    
        public class ImpersonationHelper
        {
            [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
            private static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword,
            int dwLogonType, int dwLogonProvider, out SafeTokenHandle phToken);
    
            [DllImport("kernel32.dll", CharSet = CharSet.Auto)]
            private extern static bool CloseHandle(IntPtr handle);
    
            [PermissionSet(SecurityAction.Demand, Name = "FullTrust")]
            public static void Impersonate(string domainName, string userName, string userPassword, Action actionToExecute)
            {
                SafeTokenHandle safeTokenHandle;
                try
                {
    
                    const int LOGON32_PROVIDER_DEFAULT = 0;
                    //This parameter causes LogonUser to create a primary token.
                    const int LOGON32_LOGON_INTERACTIVE = 2;
    
                    // Call LogonUser to obtain a handle to an access token.
                    bool returnValue = LogonUser(userName, domainName, userPassword,
                        LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,
                        out safeTokenHandle);
                    //Facade.Instance.Trace("LogonUser called.");
    
                    if (returnValue == false)
                    {
                        int ret = Marshal.GetLastWin32Error();
                        //Facade.Instance.Trace($"LogonUser failed with error code : {ret}");
    
                        throw new System.ComponentModel.Win32Exception(ret);
                    }
    
                    using (safeTokenHandle)
                    {
                        //Facade.Instance.Trace($"Value of Windows NT token: {safeTokenHandle}");
                        //Facade.Instance.Trace($"Before impersonation: {WindowsIdentity.GetCurrent().Name}");
    
                        // Use the token handle returned by LogonUser.
                        using (WindowsIdentity newId = new WindowsIdentity(safeTokenHandle.DangerousGetHandle()))
                        {
                            using (WindowsImpersonationContext impersonatedUser = newId.Impersonate())
                            {
                                //Facade.Instance.Trace($"After impersonation: {WindowsIdentity.GetCurrent().Name}");
                                //Facade.Instance.Trace("Start executing an action");
    
                                actionToExecute();
    
                                //Facade.Instance.Trace("Finished executing an action");
                            }
                        }
                        //Facade.Instance.Trace($"After closing the context: {WindowsIdentity.GetCurrent().Name}");
                    }
    
                }
                catch (Exception ex)
                {
                    //Facade.Instance.Trace("Oh no! Impersonate method failed.");
                    //ex.HandleException();
                    //On purpose: we want to notify a caller about the issue /Pavel Kovalev 9/16/2016 2:15:23 PM)/
                    throw;
                }
            }
        }
    }
    
    链接地址: http://www.djcxy.com/p/36081.html

    上一篇: How to provide user name and password when connecting to a network share

    下一篇: Access to the path is denied