C# windows 7上的模拟
我一直在开发一些通过本地域复制文件的应用程序。当我试图在windows XP上用一个完全没有权限的帐户复制应用程序的文件时,这是在模仿一个拥有权限的帐户,一切都做得很完美。但是,当我在windows 7上使用与上面相同的帐户时,应用程序在第一行返回“拒绝访问” 我使用了相同的代码片段,但下面是我的FileSeek函数:C# windows 7上的模拟,c#,windows-7,impersonation,C#,Windows 7,Impersonation,我一直在开发一些通过本地域复制文件的应用程序。当我试图在windows XP上用一个完全没有权限的帐户复制应用程序的文件时,这是在模仿一个拥有权限的帐户,一切都做得很完美。但是,当我在windows 7上使用与上面相同的帐户时,应用程序在第一行返回“拒绝访问” 我使用了相同的代码片段,但下面是我的FileSeek函数: [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)] publi
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword,
int dwLogonType, int dwLogonProvider, out SafeTokenHandle phToken);
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
public extern static bool CloseHandle(IntPtr handle);
// Test harness.
// If you incorporate this code into a DLL, be sure to demand FullTrust.
[PermissionSetAttribute(SecurityAction.Demand, Name = "FullTrust")]
public impersonateSetting(string userName, string domainName, string password, string pathToSeek)
{
SafeTokenHandle safeTokenHandle;
try
{
const int LOGON32_PROVIDER_DEFAULT = 0;
//This parameter causes LogonUser to create a primary token.
const int LOGON32_LOGON_INTERACTIVE = 2;
// Call LogonUser to obtain a handle to an access token.
bool returnValue = LogonUser(userName, domainName, password,
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,
out safeTokenHandle);
Console.WriteLine("LogonUser called.");
if (false == returnValue)
{
int ret = Marshal.GetLastWin32Error();
Console.WriteLine("LogonUser failed with error code : {0}", ret);
throw new System.ComponentModel.Win32Exception(ret);
}
using (safeTokenHandle)
{
Console.WriteLine("Did LogonUser Succeed? " + (returnValue ? "Yes" : "No"));
Console.WriteLine("Value of Windows NT token: " + safeTokenHandle);
// Check the identity.
Console.WriteLine("Before impersonation: "
+ WindowsIdentity.GetCurrent().Name);
// Use the token handle returned by LogonUser.
using (WindowsIdentity newId = new WindowsIdentity(safeTokenHandle.DangerousGetHandle()))
{
using (WindowsImpersonationContext impersonatedUser = newId.Impersonate())
{
// Check the identity.
Console.WriteLine("After impersonation: "
+ WindowsIdentity.GetCurrent().Name);
fileRunner.fileSeeker(pathToSeek, true);
}
}
// Releasing the context object stops the impersonation
// Check the identity.
Console.WriteLine("After closing the context: " + WindowsIdentity.GetCurrent().Name);
}
}
catch (Exception ex)
{
Console.WriteLine("Exception occurred. " + ex.Message);
}
}
}
public sealed class SafeTokenHandle : SafeHandleZeroOrMinusOneIsInvalid
{
private SafeTokenHandle()
: base(true)
{
}
[DllImport("kernel32.dll")]
[ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)]
[SuppressUnmanagedCodeSecurity]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool CloseHandle(IntPtr handle);
protected override bool ReleaseHandle()
{
return CloseHandle(handle);
}
public static void fileSeeker(string paramFrom, bool copySub)
{
DirectoryInfo dir = new DirectoryInfo(paramFrom);
DirectoryInfo[] dirs = dir.GetDirectories();
try
{
FileInfo[] files = dir.GetFiles();
foreach (FileInfo file in files)
{
string temppath = Path.Combine(paramFrom, file.Name);
try
{
Console.WriteLine("Accessing: " + temppath);
}
catch
{
Console.WriteLine("Cant Access to " + temppath);
}
}
if (copySub)
{
foreach (DirectoryInfo subdir in dirs)
{
string temppath = Path.Combine(paramFrom, subdir.Name);
fileSeeker(subdir.FullName, copySub);
}
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Asterisk);
}
}
}
FileSeek函数:
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword,
int dwLogonType, int dwLogonProvider, out SafeTokenHandle phToken);
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
public extern static bool CloseHandle(IntPtr handle);
// Test harness.
// If you incorporate this code into a DLL, be sure to demand FullTrust.
[PermissionSetAttribute(SecurityAction.Demand, Name = "FullTrust")]
public impersonateSetting(string userName, string domainName, string password, string pathToSeek)
{
SafeTokenHandle safeTokenHandle;
try
{
const int LOGON32_PROVIDER_DEFAULT = 0;
//This parameter causes LogonUser to create a primary token.
const int LOGON32_LOGON_INTERACTIVE = 2;
// Call LogonUser to obtain a handle to an access token.
bool returnValue = LogonUser(userName, domainName, password,
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,
out safeTokenHandle);
Console.WriteLine("LogonUser called.");
if (false == returnValue)
{
int ret = Marshal.GetLastWin32Error();
Console.WriteLine("LogonUser failed with error code : {0}", ret);
throw new System.ComponentModel.Win32Exception(ret);
}
using (safeTokenHandle)
{
Console.WriteLine("Did LogonUser Succeed? " + (returnValue ? "Yes" : "No"));
Console.WriteLine("Value of Windows NT token: " + safeTokenHandle);
// Check the identity.
Console.WriteLine("Before impersonation: "
+ WindowsIdentity.GetCurrent().Name);
// Use the token handle returned by LogonUser.
using (WindowsIdentity newId = new WindowsIdentity(safeTokenHandle.DangerousGetHandle()))
{
using (WindowsImpersonationContext impersonatedUser = newId.Impersonate())
{
// Check the identity.
Console.WriteLine("After impersonation: "
+ WindowsIdentity.GetCurrent().Name);
fileRunner.fileSeeker(pathToSeek, true);
}
}
// Releasing the context object stops the impersonation
// Check the identity.
Console.WriteLine("After closing the context: " + WindowsIdentity.GetCurrent().Name);
}
}
catch (Exception ex)
{
Console.WriteLine("Exception occurred. " + ex.Message);
}
}
}
public sealed class SafeTokenHandle : SafeHandleZeroOrMinusOneIsInvalid
{
private SafeTokenHandle()
: base(true)
{
}
[DllImport("kernel32.dll")]
[ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)]
[SuppressUnmanagedCodeSecurity]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool CloseHandle(IntPtr handle);
protected override bool ReleaseHandle()
{
return CloseHandle(handle);
}
public static void fileSeeker(string paramFrom, bool copySub)
{
DirectoryInfo dir = new DirectoryInfo(paramFrom);
DirectoryInfo[] dirs = dir.GetDirectories();
try
{
FileInfo[] files = dir.GetFiles();
foreach (FileInfo file in files)
{
string temppath = Path.Combine(paramFrom, file.Name);
try
{
Console.WriteLine("Accessing: " + temppath);
}
catch
{
Console.WriteLine("Cant Access to " + temppath);
}
}
if (copySub)
{
foreach (DirectoryInfo subdir in dirs)
{
string temppath = Path.Combine(paramFrom, subdir.Name);
fileSeeker(subdir.FullName, copySub);
}
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Asterisk);
}
}
}
谢谢你的帮助 如果在这里失败,
FileInfo[]files=dir.GetFiles()
,很可能您模拟的帐户没有权限访问正在运行此操作的Win7计算机上的dir
路径,请首先确保此帐户有权访问源路径,模拟代码似乎很好在哪里失败,这里的第一行DirectoryInfo dir=new DirectoryInfo(paramFrom)代码>或者它在其他地方?实际上它根本没有失败。。从一个没有访问权限的会话访问文件,并威胁到一个可以访问的帐户,该帐户在win7上被拒绝访问。但是是的,这条线路的访问被拒绝了,但通常情况下,用户无权访问此文件,但我希望他们能够使用管理员帐户将这些文件从computerA复制到computerB,而不知道的密码it@Jean-PhilippeLépine对我的意思是,您正在模拟的帐户(“管理员帐户”)是否可能无法访问dir
所指向的路径?实际上,使用管理员帐户,我们可以使用“\\computerName\C$\etc”轻松访问这些文件夹和文件但是当我试图在应用程序中使用模拟时,访问被拒绝,这种情况只发生在Windows7上。用户没有访问权限。