• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 983
  • Last Modified:

FindFirstFile/FindNextFile error in network

Hi !
I make a program and I need user the FindFirstFile()
in the network... like:
hHandle = FindFirstFile( "\\\\network\\shared\\*.*",...)

But always I receive the error:
"Access is denied."

In the MSDN... at FindFirstFile() help... there is the following message:


[in] Pointer to a null-terminated string that specifies a valid directory or path and file name, which can contain wildcard characters (* and ?). If the string ends with a wildcard, a period, or a directory name, the user must have access to the root and all subdirectories on the path.


I have full access/permissions in the folder and the drive... and I continue receive the error...

In a console window, I can type:
dir \\network\shared\*.*
and list all files... without problem...

What the problem with the FindFirstFile function ?

I dont know if have problems, but my program is a NT Service...

Thanks
0
masvmasv
Asked:
masvmasv
  • 8
  • 7
1 Solution
 
jkrCommented:
>>but my program is a NT Service

That is the reason why you cannot access the share - services run under the LocalSystem account, which has almost admin privileges, but NO network access. To overcome this, set the service to run under e.g. your user account. You can change these settings using the service's properties or by supplying a valid username/password combination when calling "CreateService()"
0
 
jkrCommented:
BTW, see also http://www.microsoft.com/msj/defaultframe.asp?page=/msj/0398/service2.htm&nav=/msj/0398/newnav.htm ("Why Do Certain Win32 Technologies Misbehave in Windows NT Services?")

"The System account is a special account known only locally to your machine. This means that this account cannot be used to access network resources relying on NT LAN Manager (NTLM) authentication. These resources include file shares, named pipes, the registry, and access to a remote computer's eventlog or Service Control Manager. "

The article provides the same suggestion...
0
 
masvmasvAuthor Commented:
Hi !

Thanks... but what the way for I gain permission for access the network ?

I try access Windows 2000 professional from another Windows 2000 professional...

Sorry for my bad english...

Thanks
0
Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

 
jkrCommented:
>>but what the way for I gain permission for access the network ?

As I said - let the service run under e.g. your own account.
0
 
masvmasvAuthor Commented:
Hi !

I code the following:

  HANDLE hToken = 0;

  LogonUser( "Administrator",
             "Domain",
             "Password",
             LOGON32_LOGON_SERVICE,
             LOGON32_PROVIDER_DEFAULT,
             &hToken );

But the FindFirstFile() have the same message "Access is denied"...

I dont understand ...
Do you have another sugestion ?

Thanks
0
 
jkrCommented:
Well, in your sample, you forgot to 'ImpersonateLoggedOnUser()' before accessing the network. Again, it'd be *much* simpler to go to the control panel->services and set the user account information there...
0
 
masvmasvAuthor Commented:
Hi !

I set the configuratin in the panel, but the error is the same...

I try code this... and the error is the same...
The function log the user (return OK)...

I dont understand:


    HANDLE hToken = 0;

     HANDLE hProcToken;

     LUID Luid;

     if ( ! LookupPrivilegeValue( NULL, SE_TCB_NAME, &Luid ) )
     {  
       return false;
     }

     if ( ! OpenProcessToken( GetCurrentProcess(),
                             TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY | TOKEN_DUPLICATE,
                             &hProcToken ) )
     {
       return false;
     }

    TOKEN_PRIVILEGES TokenPriv;

    TokenPriv.PrivilegeCount           = 1;
    TokenPriv.Privileges[0].Luid       = Luid;
    TokenPriv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

    if ( ! AdjustTokenPrivileges( hProcToken,
                                  FALSE,
                                  &TokenPriv,
                                  0,
                                  NULL,
                                  NULL ) )  
     {
       return false;
     }

    if ( ! LogonUser( "Administrator",
                        "",
                         "password",
                              LOGON32_LOGON_SERVICE,
                            LOGON32_PROVIDER_DEFAULT,
                           &hToken ) )
    {
        return false;
     }

    if ( ! ImpersonateLoggedOnUser( hToken ) )
     {
        return false;
     }



0
 
jkrCommented:
If you set the account info in the control panel, you don't have to 'LogonUser()' (for which you would have to _add_ the SE_TCB_NAME priv for 'LocalSystem' - you cannot enable a privilege that is not granted).
0
 
masvmasvAuthor Commented:
Hi !

In control panel... I change the user to "Adminitrator"...
but the service dont start... why ?
0
 
jkrCommented:
You have to specify the user as

.\Administrator

(for the local machine, it is usually DOMAIN\User)
0
 
masvmasvAuthor Commented:
The service start now...
But the FindFirstFile() return the error:
"Logon failure: unknown user name or bad password."

But the user/password is correct...

But .. how the service make confusion ?!
hehe

Thanks
0
 
jkrCommented:
You don't have to 'LogonUser()' when the service is set to run under the Administrator account! BTW, the Username for 'LogonUser()' also has to be ".\\Administrator"...
0
 
masvmasvAuthor Commented:
Hi !

Thanks...
The problem was solved !

[]'s
0
 
masvmasvAuthor Commented:
The problem was solved...
I increase the points to 250...

Thanks

[]'s
0
 
jkrCommented:
Thank you! :o)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

  • 8
  • 7
Tackle projects and never again get stuck behind a technical roadblock.
Join Now