从C#控制台应用程序查杀Windows进程:我怎么设置权限? [英] Killing a Windows process from a C# console application: how do I set permissions?
问题描述
使用 Process.Kill()从ASP.NET Web应用程序,我得到文本Win32Exception访问被拒绝。
Using Process.Kill() from an ASP.NET web application, I get a Win32Exception with text "Access is denied".
搜索网络已经多次告诉我要设置权限。不过,我并不真正了解Windows XP的用户系统不够好,知道如何开始。
Searching the web has several times told me to set permissions. However I don't really understand the Windows XP User system well enough to know how to get started.
在抛出异常的时候, Thread.CurrentPrincipal.Identity 具有以下明显的特性:
At the time the exception is thrown, Thread.CurrentPrincipal.Identity has the following visible properties:
- AuthenticationType =
- IsAuthenticated =FALSE
- 名称=
WindowsIdentity.GetCurrent()显示我的身份登录NAME \\ ASPNET,但我不认为这是相关的。
WindowsIdentity.GetCurrent() shows me logged in as "NAME\ASPNET" but I don't think that this is relevant.
我需要做什么呢?我能以某种方式获得线程登录一些Windows用户?
What do I need to do? Can I somehow get the thread to log in as some Windows user?
推荐答案
我认为你是在正确的道路,以拒绝访问的问题是由于与ASPNET用户运行ASP.NET进程具有有限的权利,这就是你得到什么错误。你可以做的是建立imersnation为Web应用程序。你可以将它通过更改web.config文件或code。更多关于模拟可以看这里
I think you're on the right way, the problem with "Access denied" is due to ASP.NET process running with ASPNET user which has limited rights and that's what you're getting an error. What you could do is to set up imersnation for your web application. You can it either by changing web.config or in code. More about impersonation you can read here
web.comfig是realtively容易,你需要将下面的行添加到您的web.config的system.web节
web.comfig is realtively easy, you need to add a following line into the system.web section of your web.config
<identity impersonate="true" userName="domain\user" password="password" />
用户需要在服务器上拥有管理权限
user need to have admin rights on the server
如果您想在下面code进行模拟是你如何能做到这一点的例子:
if you would like to perform the impersonation in code below is an example of how you could do this:
...
WindowsImpersonationContext context = ImpersonateUser("domain", "user", "password");
// kill your process
context.Undo();
...
[DllImport("advapi32.dll")]
private static extern bool LogonUser(
String lpszUsername, String lpszDomain, String lpszPassword,
int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
[DllImport("advapi32.dll")]
private static extern bool DuplicateToken(
IntPtr ExistingTokenHandle, int ImpersonationLevel,
ref IntPtr DuplicateTokenHandle);
[DllImport("kernel32.dll")]
private static extern bool CloseHandle(IntPtr hObject);
private enum SecurityImpersonationLevel
{
SecurityAnonymous,
SecurityIdentification,
SecurityImpersonation,
SecurityDelegation
}
private enum LogonTypes
{
LOGON32_PROVIDER_DEFAULT=0,
LOGON32_LOGON_INTERACTIVE=2,
LOGON32_LOGON_NETWORK=3,
LOGON32_LOGON_BATCH=4,
LOGON32_LOGON_SERVICE=5,
LOGON32_LOGON_UNLOCK=7,
LOGON32_LOGON_NETWORK_CLEARTEXT=8,
LOGON32_LOGON_NEW_CREDENTIALS=9
}
public static WindowsImpersonationContext ImpersonateUser(string domain, string username, string password)
{
WindowsImpersonationContext result = null;
IntPtr existingTokenHandle = IntPtr.Zero;
IntPtr duplicateTokenHandle = IntPtr.Zero;
try
{
if (LogonUser(username, domain, password,
(int)LogonTypes.LOGON32_LOGON_NETWORK_CLEARTEXT, (int)LogonTypes.LOGON32_PROVIDER_DEFAULT,
ref existingTokenHandle))
{
if (DuplicateToken(existingTokenHandle,
(int)SecurityImpersonationLevel.SecurityImpersonation,
ref duplicateTokenHandle))
{
WindowsIdentity newId = new WindowsIdentity(duplicateTokenHandle);
result = newId.Impersonate();
}
}
}
finally
{
if (existingTokenHandle != IntPtr.Zero)
CloseHandle(existingTokenHandle);
if (duplicateTokenHandle != IntPtr.Zero)
CloseHandle(duplicateTokenHandle);
}
return result;
}
希望这可以帮助,至于
hope this helps, regards
这篇关于从C#控制台应用程序查杀Windows进程:我怎么设置权限?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
