Solved

Service isnt seeing files over the network

Posted on 2009-07-15
7
221 Views
Last Modified: 2013-12-23
I have a simple service that reads directory values from the registry, then locates the file they point to and copies it to the local machine.  The service properly installs and runs on all of the machines that are a part of my office domain.

I am currently trying to get it to work on a computer that is part of the office network, but not joined to the domain.  I can successfully UNC to the directory I want (\\myServer\install$\batchfile.bat is what I'm trying to reach).  I wrote a few lines of code in C# and compiled them; I pulled the registry values to form the path as usual, then used System.IO.File.Exists to check that file - and it can be seen fine!  I used the directory object to check multiple directories and list the files therein - and THAT works fine too.  Its only when I'm attempting to use my service that it checks the exact same file path and says file not found.  It makes no sense.

Furthermore, I tried checking ANY machine that is on the local network.  As long as my service is not trying to do the check, I can UNC to the computers, and I can programmatically check for files or directories... its only when the service is trying to do it that it doesnt work.

In the code section below I listed part of the installation I use.  I've tried using ServiceAccount.NetworkService (shown here) and ServiceAccount.LocalSystem (this is how I installed it on the domain machines, all of which are working properly) and neither one helps.  I would really, really like to avoid having to add all of these machines to the domain.  There is no reason for them to be added, as it would drive our costs way up, but I need this program to work, and work now.  My deadline is almost up and I cannot figure out what is wrong.

Help!
ServiceProcessInstaller serviceProcessInstaller = new ServiceProcessInstaller();

ServiceInstaller serviceInstaller = new ServiceInstaller();
 

// Service Account Information

serviceProcessInstaller.Account = ServiceAccount.NetworkService;

serviceProcessInstaller.Username = null;

serviceProcessInstaller.Password = null;

Open in new window

0
Comment
Question by:Skkra
  • 4
  • 3
7 Comments
 
LVL 16

Expert Comment

by:ToddBeaulieu
ID: 24860685
I suspect you need to specify the credentials to use when accessing a machine not on the domain.

I'm doing this for a current project using PowerShell.

Here are a couple of examples:

<%
option explicit
dim WshNetwork
Set WshNetwork = CreateObject("WScript.Network")
WshNetwork.MapNetworkDrive "K:", "\\serverip\share", "false", "user", "password"
%>

    $net.MapNetworkDrive("x:", "\\server\share", $false, "username", "password")

0
 

Author Comment

by:Skkra
ID: 24861021
Maybe I wasn't clear in my original question - the problem is when going FROM a machine not on the domain TO a machine that IS on the domain.  Do you still think its a credentials problem?  My access code simply looks like this:

if (File.Exists(@sMasterServer + @sMasterServerDirectory + @sBatchFile))
        File.Copy(@sMasterServer + @sMasterServerDirectory + @sBatchFile, @sStorageDirectory + @sBatchFile, true);

This same code works perfectly in my little GUI application, where I hit a button to actively check for the existance of the file.  When my installed service does it, however, it fails.

As a final note, the only account on the computer I'm testing this on is an administrative account.  Thanks!!!
0
 
LVL 16

Expert Comment

by:ToddBeaulieu
ID: 24861093
Oh, Sorry. I misunderstood.

I never tried to do that.

I don't think Network Services wil have access to a domain resource.

http://msdn.microsoft.com/en-us/library/ms684272(VS.85).aspx

But, I believe the approach that I mentioned should let you access a domain resource by specifying the desired account to use, including the domain.

Another approach would be to have the service run under a special account that has rights to the shares. This is really the way to go, I think.



0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 

Author Comment

by:Skkra
ID: 24861364
// But, I believe the approach that I mentioned should let you access a domain resource by specifying the desired account to use, including the domain.

Another approach would be to have the service run under a special account that has rights to the shares. This is really the way to go, I think. //

Do you know how/where I would use this in C# programmatically for my service?  Would it go in the service installation information?  I'm not sure where else I could put this kind of authentication information, as I'm not ever logging onto a machine exactly... just trying to access it...
0
 
LVL 16

Expert Comment

by:ToddBeaulieu
ID: 24861469
Thinking about going from a non-domain machine to a domain machine is really hard for me, for whatever reason. :)

Ok...

You have this service running on a non-domain machine under Network Services, right?
And you want it to access a share on a domain server.

You mentioned running a test GUI. Form which machine? Which account?

If you use the approach I originally mentioned in the service, regardless of which account it's running under, it could access a domain resource under a specific account, which you could test with your account, but ultimately it should be a domain account used by this service to reach in. At that point, you could probably just have the service run under that account, avoiding the need to provide credentials when accessing the rosource.

So can you create a new domain account that has access to the share(s)? And then configure the service on one of the boxes to use that account, instead of NS? That should solve the problem. As a test, you can use your own account to prove it out.

Finally, I wonder if best practices would dictate this process run the other way around, with the trusted code living inside the domain and reaching out to the non-domain resources?
0
 

Author Comment

by:Skkra
ID: 24861795
Let me give it a shot.  I have a meeting this afternoon but I will try it at some point.  Thanks for your help; responses forthcoming.
0
 

Accepted Solution

by:
Skkra earned 0 total points
ID: 24934100
Sadly, nothing would make this work.  Programmatically, the network would always reject non-domain attempts to access domain resources, even when shares were made available.  I'm going to have to re-code and find another way to do this.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

937 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now