Solved

Windows Service - Ability to view Mapped Network Folders

Posted on 2008-06-12
8
316 Views
Last Modified: 2012-08-14
How can you change the user access privledges of a windows service after it has already started to perform a specific task such as doing a directory listing on a mapped network drive?
0
Comment
Question by:rronec1
  • 4
  • 3
8 Comments
 
LVL 86

Accepted Solution

by:
jkr earned 500 total points
ID: 21772445
The problem is that services running under the 'LocalSystem' account have almost OS privileges, but are not allowed to use _any_ networking facilities. To overcome this, make sure to assign your service to run under a predefined user account (preferrably one belonging to the admin group) which does have
network access (this is usually done by specifying an account name&password in the call to 'CreateService()', but you're also able to change this from the 'services' control panel applet). Alternatively, you can also use 'LogonUser()' (http://msdn.microsoft.com/en-us/library/aa378184.aspx) and 'ImpersonateLoggedOnUser()' (http://msdn.microsoft.com/en-us/library/aa378612(VS.85).aspx) at runtime.
0
 
LVL 11

Expert Comment

by:DeepuAbrahamK
ID: 21776006
You can give a popup dialog for checking the user credentials every time you call the functions to view the Mapped network folders.
have a look at the following link:
http://support.microsoft.com/kb/180548

Best Regards,
DeepuAbrahamK
0
 

Author Comment

by:rronec1
ID: 21794807
Thanks for the helpful feedback. I am able to use the LogonUser and impersonation successfully or at least it's returning from both as true. However, the following logon info doesn't seem to work in my win32 service:

error C2065: 'LOGON32_LOGON_NEW_CREDENTIALS' : undeclared identifier
error C2065: 'LOGON32_PROVIDER_WINNT50' : undeclared identifier

I can only use the following declaration successfully, but yet still unable to copy a file or do a directory listing.

if(domain.length() > 0) // Domain name was specified
bLoggedOn = LogonUser(userName.c_str(),domain.c_str(),password.c_str(), LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, &userToken_);
else // The following doesn't work!!!!
bLoggedOn = LogonUser(userName.c_str(),domain.c_str(),password.c_str(), LOGON32_LOGON_NEW_CREDENTIALS, LOGON32_PROVIDER_WINNT50, &userToken_);

Any thoughts?? Thanks in advance.
0
 
LVL 86

Expert Comment

by:jkr
ID: 21795376
Make sure that you have your Windows version set correctly for compiling, i.e.

#define _WIN32_WINNT 0x0500 // W2k and above
#include <windows.h>
//...
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:rronec1
ID: 21795488
Thanks again. New to this language. When I updated the declaration, it compiled ok for LOGON32_PROVIDER_WINNT50 but same error on LOGON32_LOGON_NEW_CREDENTIALS. Do I need to declare anything else?

Thanks in advance.
0
 
LVL 86

Expert Comment

by:jkr
ID: 21795886
No, nothing that I could think of right now...
0
 

Author Comment

by:rronec1
ID: 21796187
Could this be something with Visual Studio 6.0 that I am using?
0
 
LVL 86

Expert Comment

by:jkr
ID: 21796274
You will need a new Platform SDK if you are using the files that shipped with VC6 - you can get that at http://support.microsoft.com/default.aspx?pr=psdk
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unlike C#, C++ doesn't have native support for sealing classes (so they cannot be sub-classed). At the cost of a virtual base class pointer it is possible to implement a pseudo sealing mechanism The trick is to virtually inherit from a base class…
Many modern programming languages support the concept of a property -- a class member that combines characteristics of both a data member and a method.  These are sometimes called "smart fields" because you can add logic that is applied automaticall…
The viewer will learn how to user default arguments when defining functions. This method of defining functions will be contrasted with the non-default-argument of defining functions.
The viewer will be introduced to the technique of using vectors in C++. The video will cover how to define a vector, store values in the vector and retrieve data from the values stored in the vector.

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now