无法使用户模拟与网络驱动器一起使用 [英] Can't get User Impersonation to work with network drive

问题描述

好吧，我正在尝试使以下内容与VS 2010& Win 2K8服务器:

Ok I''m trying to get the following to work with VS 2010 & Win 2K8 Server:

[Security] - User Impersonation[^]

If I use a local folder it works fine, but when I choose a network mapped drive I get the following:

Result:
        Failed to open the file, error: 3
        The system cannot find the path specified.

我已经在用户名，密码，域和文件中进行了编码，并对main进行了以下更改:

I have coded in the user name, password, domain and file and made the following change in main:

// We support a user name, password, domain (optional) and filename (optional)
if((argc < 3) || (argc > 7))
{
    Usage();
    //return 0;
}

我试图使之起作用的原因是我们正在为网络实现安全性(有一个主意)，我们的高级程序员喜欢将所有内容都放在一个巨大的巨型目录中，因此我们正在尝试限制用户对某些文件夹的访问，但是这样做会使我们的应用程序无法正常工作.因此，我们想给应用程序这样做的权利"，这似乎是最好的方法，但是我无法使其在映射驱动器上工作.

不确定是否重要，但这在终端服务环境中.
在此先感谢!!

The reason I''m trying to get this to work is we are working on implementing security for our network (There''s an idea huh), and our senior programmer likes to have everything is one big giant directory so we are trying to restrict user access to certain folders, but by doing so our applications won''t work. So we would like to give the application the "rights to do so" and this seems like the best way, but I can''t get it to work on mapped drives.

Not sure if it matters but this is in a terminal services enviroment.
Thanks in advance!!

推荐答案

UAC可能是您的问题.默认情况下，在用户会话中映射的网络驱动器不会映射到管理空间(或与此相关的其他用户空间).您必须通过设置以下密钥在客户端上启用链接"连接:(这也应在术语服务器上起作用)

UAC is likely your problem. By default, network drives mapped in a user session are NOT mapped into administrative space(or other user space for that matter). You have to enable "linked" connections on the client by setting the following key: (This should work on term server as well)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]

"EnableLinkedConnections"=dword:00000001

完成此操作后，在用户空间中映射的驱动器将在管理空间中可用，并且您的代码应该可以正常工作.

如果尝试从映射的驱动器复制到必须进行特权提升的另一个映射的或本地位置，则会发生相同的事情.没有链接的连接，您将收到找不到路径"错误，唯一的复制方法是从命名驱动器切换到UNC路径.该密钥也可以解决该问题.

HTH，
Jason

Once you do that, drives mapped in user space will be available in admin space and your code should work.

The same sort of thing happens if you try to copy from a mapped drive to another mapped or local location where privilege elevation has to occur. Without the linked connections, you''ll get a ''path not found'' error and the only way to make the copy go is to switch from a named drive to a UNC path. This key fixes that problem as well.

HTH,
Jason

由在本地系统帐户下运行的应用程序创建的映射驱动器对所有登录会话都是可见的.因此，如果要使映射的驱动器在模拟的用户上下文下可见，请按照说明进行创建.

A mapped drive created by a application running under the local system account is visible to all logon sessions. So if you want to the mapped drive to be visible under the impersonated user context create it as mentioned.

这篇关于无法使用户模拟与网络驱动器一起使用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！