使用 Read/Write 检查连接到 NAS 服务器。模拟失败
Connection to NAS Server with Read/Write Check. Impersonation Fails
我正在开发一个程序,该程序必须检查是否存在与 NAS 的连接以及是否可以从中写入和读取数据。检查连接没有问题。
我 运行 在 Windows 服务器 2012 上并且知道来自 NAS 的凭据。
我尝试使用这些凭据进行模拟,但这没有用。我总是遇到同样的错误。用户名或密码不正确。但是,当我使用相同的凭据连接 windows 资源管理器时,它会起作用。
这是我的 DLL 导入和必要的变量
[DllImport("advapi32.dll", SetLastError = true)]
public static extern bool LogonUser(String lpszUsername, String lpszDomain,
String lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
// Variables
private IntPtr m_Token;
private WindowsImpersonationContext m_Context = null;
private string m_Domain;
private string m_Password;
private string m_Username;
m_Domain与本地域不同
这是真实的模仿
m_Token = IntPtr.Zero;
bool logonSuccessfull = LogonUser(
m_Username,
m_Domain,
m_Password,
(int)LOGON32_TYPE_NETWORK,
(int)LOGON32_PROVIDER_WINNT50,
ref m_Token);
if (logonSuccessfull == false)
{
int error = Marshal.GetLastWin32Error();
throw new Win32Exception(error);
}
WindowsIdentity identity = new WindowsIdentity(m_Token);
m_Context = identity.Impersonate();
LOGON32_TYPE_NETWORK等于3,
LOGON32_PROVIDER_WINNT50 等于 3
此代码以管理员权限执行。
这是抛出的错误:
System.ComponentModel.Win32Exception (0x80004005): The user name or password is incorrect
此错误在
处抛出
if (logonSuccessfull == false)
{
int error = Marshal.GetLastWin32Error();
throw new Win32Exception(error);
}
还有别的方法吗?
或者必须使用其他 LogonType 或 LogonProvider?
这些我也试过了,但都不适合我。
private const int LOGON32_PROVIDER_DEFAULT = 0;
private const int LOGON32_LOGON_INTERACTIVE = 2;
private const int LOGON32_TYPE_NEW_CREDENTIALS = 9;
当使用 LOGON32_TYPE_NEW_CREDENTIALS 时它不会抛出错误但是
模拟的用户根本没有改变。
我可以通过使用网络凭证和 mpr.dll
来解决问题
[DllImport("mpr.dll")]
private static extern int WNetAddConnection2(NetResource netResource,
string password, string username, int flags);
[DllImport("mpr.dll")]
private static extern int WNetCancelConnection2(string name, int flags, bool force);
[StructLayout(LayoutKind.Sequential)]
public class NetResource
{
public ResourceScope Scope;
public ResourceType ResourceType;
public ResourceDisplaytype DisplayType;
public int Usage;
public string LocalName;
public string RemoteName;
public string Comment;
public string Provider;
}
public enum ResourceScope : int
{
Connected = 1,
GlobalNetwork,
Remembered,
Recent,
Context
};
public enum ResourceType : int
{
Any = 0,
Disk = 1,
Print = 2,
Reserved = 8,
}
public enum ResourceDisplaytype : int
{
Generic = 0x0,
Domain = 0x01,
Server = 0x02,
Share = 0x03,
File = 0x04,
Group = 0x05,
Network = 0x06,
Root = 0x07,
Shareadmin = 0x08,
Directory = 0x09,
Tree = 0x0a,
Ndscontainer = 0x0b
}
void ConnectToNas(string username, string password, string networkName){
NetworkCredential cred = new NetworkCredential(username, password);
var netResource = new NetResource
{
Scope = ResourceScope.GlobalNetwork,
ResourceType = ResourceType.Disk,
DisplayType = ResourceDisplaytype.Share,
RemoteName = networkName
};
var result = WNetAddConnection2(netResource, credentials.Password,userName,0);
if (result != 0)
{
throw new Win32Exception(result, "Error while connection to NAS");
}
}
关闭连接:
void CloseConnection(string networkName){
WNetCancelConnection2(networkName, 0, true);
}
通过这种方式,我能够连接到 NAS 并通过向其写入文件、读取它然后删除它来检查它是否可读和可写。
我正在开发一个程序,该程序必须检查是否存在与 NAS 的连接以及是否可以从中写入和读取数据。检查连接没有问题。
我 运行 在 Windows 服务器 2012 上并且知道来自 NAS 的凭据。 我尝试使用这些凭据进行模拟,但这没有用。我总是遇到同样的错误。用户名或密码不正确。但是,当我使用相同的凭据连接 windows 资源管理器时,它会起作用。
这是我的 DLL 导入和必要的变量
[DllImport("advapi32.dll", SetLastError = true)]
public static extern bool LogonUser(String lpszUsername, String lpszDomain,
String lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
// Variables
private IntPtr m_Token;
private WindowsImpersonationContext m_Context = null;
private string m_Domain;
private string m_Password;
private string m_Username;
m_Domain与本地域不同
这是真实的模仿
m_Token = IntPtr.Zero;
bool logonSuccessfull = LogonUser(
m_Username,
m_Domain,
m_Password,
(int)LOGON32_TYPE_NETWORK,
(int)LOGON32_PROVIDER_WINNT50,
ref m_Token);
if (logonSuccessfull == false)
{
int error = Marshal.GetLastWin32Error();
throw new Win32Exception(error);
}
WindowsIdentity identity = new WindowsIdentity(m_Token);
m_Context = identity.Impersonate();
LOGON32_TYPE_NETWORK等于3, LOGON32_PROVIDER_WINNT50 等于 3
此代码以管理员权限执行。
这是抛出的错误:
System.ComponentModel.Win32Exception (0x80004005): The user name or password is incorrect
此错误在
处抛出if (logonSuccessfull == false)
{
int error = Marshal.GetLastWin32Error();
throw new Win32Exception(error);
}
还有别的方法吗? 或者必须使用其他 LogonType 或 LogonProvider?
这些我也试过了,但都不适合我。
private const int LOGON32_PROVIDER_DEFAULT = 0;
private const int LOGON32_LOGON_INTERACTIVE = 2;
private const int LOGON32_TYPE_NEW_CREDENTIALS = 9;
当使用 LOGON32_TYPE_NEW_CREDENTIALS 时它不会抛出错误但是 模拟的用户根本没有改变。
我可以通过使用网络凭证和 mpr.dll
来解决问题[DllImport("mpr.dll")]
private static extern int WNetAddConnection2(NetResource netResource,
string password, string username, int flags);
[DllImport("mpr.dll")]
private static extern int WNetCancelConnection2(string name, int flags, bool force);
[StructLayout(LayoutKind.Sequential)]
public class NetResource
{
public ResourceScope Scope;
public ResourceType ResourceType;
public ResourceDisplaytype DisplayType;
public int Usage;
public string LocalName;
public string RemoteName;
public string Comment;
public string Provider;
}
public enum ResourceScope : int
{
Connected = 1,
GlobalNetwork,
Remembered,
Recent,
Context
};
public enum ResourceType : int
{
Any = 0,
Disk = 1,
Print = 2,
Reserved = 8,
}
public enum ResourceDisplaytype : int
{
Generic = 0x0,
Domain = 0x01,
Server = 0x02,
Share = 0x03,
File = 0x04,
Group = 0x05,
Network = 0x06,
Root = 0x07,
Shareadmin = 0x08,
Directory = 0x09,
Tree = 0x0a,
Ndscontainer = 0x0b
}
void ConnectToNas(string username, string password, string networkName){
NetworkCredential cred = new NetworkCredential(username, password);
var netResource = new NetResource
{
Scope = ResourceScope.GlobalNetwork,
ResourceType = ResourceType.Disk,
DisplayType = ResourceDisplaytype.Share,
RemoteName = networkName
};
var result = WNetAddConnection2(netResource, credentials.Password,userName,0);
if (result != 0)
{
throw new Win32Exception(result, "Error while connection to NAS");
}
}
关闭连接:
void CloseConnection(string networkName){
WNetCancelConnection2(networkName, 0, true);
}
通过这种方式,我能够连接到 NAS 并通过向其写入文件、读取它然后删除它来检查它是否可读和可写。