开始从.NET服务.NET应用程序以不同的用户时,权限问题? [英] Permissions problem when starting .NET app from .NET service as a different user?
问题描述
我想在开始从.NET服务不同的用户.NET应用程序。我们的想法是在Windows中创建一个沙盒宿主应用程序。在服务上,我编程创建Windows中的用户,创建一个文件夹的用户,并从服务器到该文件夹下载主机.exe文件。我转念一运行主机.exe文件使用的System.Diagnostics.Process。这里是的StartInfo为过程:
I'm trying to start a .NET application under a different user from a .NET service. The idea is to create a sandboxed hosting application in windows. In the service, I programatically created the user in windows, create a folder for that user, and download the host .exe from a server into that folder. I then I run the host .exe using System.Diagnostics.Process. Here is the StartInfo for the process:
_process = new Process
{
StartInfo =
{
Arguments = " -debug",
FileName = instanceDirectory + "host.exe",
WorkingDirectory = instanceDirectory,
UseShellExecute = false,
RedirectStandardError = true,
RedirectStandardOutput = true,
RedirectStandardInput = true,
UserName = Helpers.GetUserNameForInstance(_hostid),
Password = _hostpass,
Domain = ""
},
EnableRaisingEvents = true
};
当我运行服务作为服务的过程中-1073741502错误code瞬间崩溃。但是当我运行该服务作为窗口服务,但交互式控制台中指定的同一个用户,一切工作正常。这只是发生时运行服务作为一种服务,而不是直接在控制台中。
When I run the service as a SERVICE, the process crashes instantly with an error code of -1073741502. but when I run the service as the same user specified in the windows service but interactively in the console, everything works fine. This only happens whenever running the service as a SERVICE and not directly in the console.
任何帮助将非常AP preciated。这一直是一个头疼的很长一段时间,现在,这是一个不得已而为之:(
Any help would be MUCH appreciated. This has been a headache for a long time now and this is a last resort :(
推荐答案
这似乎是使用新工艺()用户名和密码,以及服务模式没有按T计算:)
It seems like using the new Process() with a username and password and the Service mode "doesn't compute" :)
从MSDN引用:
您可以更改参数 在StartInfo的财产,所指定 给你打电话的启动时间 方法上的过程。你开始后, 的过程中,改变了的StartInfo 值不会影响或重新启动 相关的过程。如果调用 开始(的ProcessStartInfo)方法 在的ProcessStartInfo .. ::。用户名和 的ProcessStartInfo .. ::。密码 属性中设置,非托管 CreateProcessWithLogonW功能 叫,这将启动过程中的一个 新窗口即使CreateNoWindow 属性值为true或 WindowStyle属性值是隐藏的。
You can change the parameters specified in the StartInfo property up to the time that you call the Start method on the process. After you start the process, changing the StartInfo values does not affect or restart the associated process. If you call the Start(ProcessStartInfo) method with the ProcessStartInfo..::.UserName and ProcessStartInfo..::.Password properties set, the unmanaged CreateProcessWithLogonW function is called, which starts the process in a new window even if the CreateNoWindow property value is true or the WindowStyle property value is Hidden.
此外,望着CreateProcessWithLogonW文档:
Furthermore, looking at the CreateProcessWithLogonW documentation:
lpStartupInfo [中]
lpStartupInfo [in]
一个指向一个STARTUPINFO结构。应用程序必须添加 指定用户的权限 帐户到指定的窗口 站和桌面上,即使是 WinSta0 \默认。
A pointer to a STARTUPINFO structure. The application must add permission for the specified user account to the specified window station and desktop, even for WinSta0\Default.
如果该lpDesktop成员为空或空字符串,新工艺 继承了桌面和窗口 它的父进程的车站。该 应用程序必须添加权限 指定的用户帐户的 继承窗口站和桌面。
If the lpDesktop member is NULL or an empty string, the new process inherits the desktop and window station of its parent process. The application must add permission for the specified user account to the inherited window station and desktop.
有一个在.NET STARTUPINFO没有lpDesktop,在另一方面,服务用户没有桌面,这可能导致你的问题。
There is no lpDesktop in the .NET StartupInfo, on the other hand the SERVICE user has no desktop, which could cause your problem.
长话短说,尽量为设置 LoadUserProfile 到真 加载从注册表中用户的信息,或者您需要设置工作目录等。
Long story short, try to set the LoadUserProfile to true to load the user's information from the registry, or maybe you need to set the working directory, etc.
要进一步调查,你应该检查你的环境,也许日志哪些文件正在使用FileMon的访问。
To further investigate, your should check your environment and maybe log which files are accessed using FileMon.
这篇关于开始从.NET服务.NET应用程序以不同的用户时,权限问题?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
