Solved

FindFirstFile/FindNextFile error in network

Posted on 2002-04-24
15
865 Views
Last Modified: 2008-02-01
Hi !
I make a program and I need user the FindFirstFile()
in the network... like:
hHandle = FindFirstFile( "\\\\network\\shared\\*.*",...)

But always I receive the error:
"Access is denied."

In the MSDN... at FindFirstFile() help... there is the following message:


[in] Pointer to a null-terminated string that specifies a valid directory or path and file name, which can contain wildcard characters (* and ?). If the string ends with a wildcard, a period, or a directory name, the user must have access to the root and all subdirectories on the path.


I have full access/permissions in the folder and the drive... and I continue receive the error...

In a console window, I can type:
dir \\network\shared\*.*
and list all files... without problem...

What the problem with the FindFirstFile function ?

I dont know if have problems, but my program is a NT Service...

Thanks
0
Comment
Question by:masvmasv
  • 8
  • 7
15 Comments
 
LVL 86

Expert Comment

by:jkr
ID: 6967138
>>but my program is a NT Service

That is the reason why you cannot access the share - services run under the LocalSystem account, which has almost admin privileges, but NO network access. To overcome this, set the service to run under e.g. your user account. You can change these settings using the service's properties or by supplying a valid username/password combination when calling "CreateService()"
0
 
LVL 86

Expert Comment

by:jkr
ID: 6967153
BTW, see also http://www.microsoft.com/msj/defaultframe.asp?page=/msj/0398/service2.htm&nav=/msj/0398/newnav.htm ("Why Do Certain Win32 Technologies Misbehave in Windows NT Services?")

"The System account is a special account known only locally to your machine. This means that this account cannot be used to access network resources relying on NT LAN Manager (NTLM) authentication. These resources include file shares, named pipes, the registry, and access to a remote computer's eventlog or Service Control Manager. "

The article provides the same suggestion...
0
 

Author Comment

by:masvmasv
ID: 6967187
Hi !

Thanks... but what the way for I gain permission for access the network ?

I try access Windows 2000 professional from another Windows 2000 professional...

Sorry for my bad english...

Thanks
0
 
LVL 86

Expert Comment

by:jkr
ID: 6967287
>>but what the way for I gain permission for access the network ?

As I said - let the service run under e.g. your own account.
0
 

Author Comment

by:masvmasv
ID: 6968441
Hi !

I code the following:

  HANDLE hToken = 0;

  LogonUser( "Administrator",
             "Domain",
             "Password",
             LOGON32_LOGON_SERVICE,
             LOGON32_PROVIDER_DEFAULT,
             &hToken );

But the FindFirstFile() have the same message "Access is denied"...

I dont understand ...
Do you have another sugestion ?

Thanks
0
 
LVL 86

Expert Comment

by:jkr
ID: 6968482
Well, in your sample, you forgot to 'ImpersonateLoggedOnUser()' before accessing the network. Again, it'd be *much* simpler to go to the control panel->services and set the user account information there...
0
 

Author Comment

by:masvmasv
ID: 6968694
Hi !

I set the configuratin in the panel, but the error is the same...

I try code this... and the error is the same...
The function log the user (return OK)...

I dont understand:


    HANDLE hToken = 0;

     HANDLE hProcToken;

     LUID Luid;

     if ( ! LookupPrivilegeValue( NULL, SE_TCB_NAME, &Luid ) )
     {  
       return false;
     }

     if ( ! OpenProcessToken( GetCurrentProcess(),
                             TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY | TOKEN_DUPLICATE,
                             &hProcToken ) )
     {
       return false;
     }

    TOKEN_PRIVILEGES TokenPriv;

    TokenPriv.PrivilegeCount           = 1;
    TokenPriv.Privileges[0].Luid       = Luid;
    TokenPriv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

    if ( ! AdjustTokenPrivileges( hProcToken,
                                  FALSE,
                                  &TokenPriv,
                                  0,
                                  NULL,
                                  NULL ) )  
     {
       return false;
     }

    if ( ! LogonUser( "Administrator",
                        "",
                         "password",
                              LOGON32_LOGON_SERVICE,
                            LOGON32_PROVIDER_DEFAULT,
                           &hToken ) )
    {
        return false;
     }

    if ( ! ImpersonateLoggedOnUser( hToken ) )
     {
        return false;
     }



0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 86

Expert Comment

by:jkr
ID: 6968837
If you set the account info in the control panel, you don't have to 'LogonUser()' (for which you would have to _add_ the SE_TCB_NAME priv for 'LocalSystem' - you cannot enable a privilege that is not granted).
0
 

Author Comment

by:masvmasv
ID: 6969084
Hi !

In control panel... I change the user to "Adminitrator"...
but the service dont start... why ?
0
 
LVL 86

Expert Comment

by:jkr
ID: 6969143
You have to specify the user as

.\Administrator

(for the local machine, it is usually DOMAIN\User)
0
 

Author Comment

by:masvmasv
ID: 6969218
The service start now...
But the FindFirstFile() return the error:
"Logon failure: unknown user name or bad password."

But the user/password is correct...

But .. how the service make confusion ?!
hehe

Thanks
0
 
LVL 86

Accepted Solution

by:
jkr earned 250 total points
ID: 6969260
You don't have to 'LogonUser()' when the service is set to run under the Administrator account! BTW, the Username for 'LogonUser()' also has to be ".\\Administrator"...
0
 

Author Comment

by:masvmasv
ID: 6969396
Hi !

Thanks...
The problem was solved !

[]'s
0
 

Author Comment

by:masvmasv
ID: 6969401
The problem was solved...
I increase the points to 250...

Thanks

[]'s
0
 
LVL 86

Expert Comment

by:jkr
ID: 6969429
Thank you! :o)
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When writing generic code, using template meta-programming techniques, it is sometimes useful to know if a type is convertible to another type. A good example of when this might be is if you are writing diagnostic instrumentation for code to generat…
Basic understanding on "OO- Object Orientation" is needed for designing a logical solution to solve a problem. Basic OOAD is a prerequisite for a coder to ensure that they follow the basic design of OO. This would help developers to understand the b…
The goal of the tutorial is to teach the user how to use functions in C++. The video will cover how to define functions, how to call functions and how to create functions prototypes. Microsoft Visual C++ 2010 Express will be used as a text editor an…
The goal of the video will be to teach the user the concept of local variables and scope. An example of a locally defined variable will be given as well as an explanation of what scope is in C++. The local variable and concept of scope will be relat…

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now