I have an application, it first maps a network drive using credentials entered by a user. The drives successfully map, however when it tries to run a program from Process.Start(). I get Directory Name is invalid.
From my research I've read to put the working directory for when using a username/password in the StartInfo. However this doesn't work. The working directory is a mapped drive. Before this starts I do a if (File.exists(w:\folder\filename)..Process.start....
I tried to hardcode the working directory to C:\ but it still failed as it stated it could not find the file.
So when running the Process.Start as another user you cannot use a network path, even though that path was mapped by the same account? Am I forced to download the app locally so the Process.Start can work properly?
Any help would be greatly appreciated.
You are correct, network shares are a per user token. Running a process as another user (or as the same user in a elevated state) causes a new user token to be created and therefor all active shares are "unmapped" from the perspective of the new process.
You have a few options. The first thing I would try using is use the full UNC path instead of a mapped network drive letter. It may just work if you try that (the new user you are running as will need permissions to connect to the share)
If you are forced to use a drive letter instead of a UNC path then write a small loader program that you launch as the new user, have that map the network drive in the context of the new user token, then start up your program that relies on the drive.
P.S.) Using C:\ did not work as the working directly likely because C:\ is a protected folder that only administrators can write files to. If you created a sub folder C:\MyTestFolder\ and set the proper permissions on it I bet it would have worked.
Related
I want to read file names of pdfs from a folder on a network share that match certain parameters and provide a link to view them on a details page for my model. All I need to get is the file name. I don't need any file management/read/write at this time.
I'm able to display a .pdf in the browser if I have the path (IE will open "file://" links). The part I'm missing is getting file names from the remote (but same domain) directory at run-time.
We've set up a virtual directory for the app to use and that has worked fine in the past if the resolved physical folder is on the same server, but that is not the case here.
I've tried Impersonation, but that doesn't seem to work as I'm still getting an access is denied error.
I realize this would probably be a security issue and is why it isn't allowed, but is there an IIS configuration or other avenue that needs to be set-up to allow this? I can't seem to find a way with just code that opens the directory for reading.
Example code of how I might normally read some info from one file in a virtual directory:
// This example code is inside a controller action, so Server refers to HttpContextBase
var path = Server.MapPath("~/MyVirtualDirectory/" + fileName);
var fileExists = System.IO.File.Exists(path);
var fileLastModified = System.IO.File.LastWriteTime(path);
To enumerate over matching files in a directory, I've used DirectoryInfo
var pdfFileNames = new List<string>();
var dir = new DirectoryInfo(Server.MapPath("~/VirtualDirectory/"));
var pdfs = dir.EnumerateFiles("*.pdf");
foreach (var pdf in pdfs)
{
pdfFileNames.Add(pdf.Name);
}
As I mentioned, these methods work fine when the physical folder is on the same server, but once the directory is on a remote drive, then it no longer works. I have permissions to open the desired directory and my collegue said he gave the appropriate permissions to the virtual directory and server. Not sure what else to try at this point.
Edit: Now that it is working, I display the files using the Virtual Directory
http://server/appName/virtualDirectory/pdfFileName
By default, IIS application pools run under a specific local Windows identity named IIS APPPOOL\[NameOfYourAppPool]. This is a local user and it will not be possible to grant permissions to this identity to access resources located on a different machine.
If both servers are inside the same domain, you can try the following solutions:
Run the IIS application under a domain user and grant the required permissions to this domain user.
Run the IIS application under the NetworkService identity and grant permissions to the DOMAIN\MACHINENAME$ account of the IIS server.
I have the following code:
var saveFolder = Path.Combine(Properties.Settings.Default.DropBoxFolder, guid.ToString("N"));
// Create folder, if it does not exist (for the first attachment, it shouldn't exist)
if (!Directory.Exists(saveFolder))
{
Directory.CreateDirectory(saveFolder);
}
var saveFilePath = Path.Combine(saveFolder, file.FileName);
file.SaveAs(saveFilePath);
I'm using GUIDs to generate folders for uploads on my IIS server. The .NET web application is configured to impersonate the user. I granted modify permissions to the target folder (it is a local path on the web server) for Domain Users, Local Service and Everyone, but some users still can't upload files. I can and other people on my team can.
The weird part is that the exception says this:
Could not find a part of the path 'C:\Users\USERID\Desktop\FILENAME'
That path is the path to the file the user selected to upload (their local file path). I feel it is safe to say that the user has permission to his own file on his own desktop. I don't use user impersonation much, so I am wondering what I missed in my configuration or permissions. Any suggestions for debugging this issue? Thanks!
Note: the CreateDirectory method works just fine, even when the exception is thrown. I would have thought that if the user didn't have permission the directory creation would have failed first.
I am using Directory.Exists() in my windows service (that is programmed in C#, 3.5 framework)to check to see whether a particular directory exists in the drive. When I run in local machine it works fine, meaning I am able to access the directory.
But when I deploy the windows service on a Virtual Machine, and start the service, it is not able to find the directory even though the directory exists. The directory is mapped on as
Q: drive, Q:\\temp\\local\\ folder
But the windows services always returns false for the Directory.Exists().
However when I give C:\ drive in place of Q:\ it works, but does not work for a mapped drive. I have tried with the UNC path, and I have made sure the mapped drive have the administrative rights and infact the read, write and execute permission. But it still returns false.
Can anyone please tell me why? And how to resolve?
Make sure the drive is mapped under the same user as the Service is running. If you map the drive as user A, it is not automatically mapped for anyone else too.
Mapped drives are only restored during interactive login which services generally do not perform:
Map a network drive to be used by a service
Short version: You can't do it, use the full UNC path instead.
This is most probably a problem with privileges. Your Windows service is probably running under an account which doesn´t have enough privileges to access the network path.
This is a possible duplicate: Accessing mapped folder from a Windows Service written in C#
Another possible solution is to use impersonation, check it out:
http://msdn.microsoft.com/en-us/library/w070t6ka(v=vs.90).aspx
UPDATE
Came to think of it;
Try changing the identity of the application pool to a user with the same rights as your user.
As #Sriram pointed out the Directory.Exists() method will fail if any error occurs. What sort of exception do you get if you try to access the path?
Eg (for both mapped and UNC in case there is something going on there):
DirectoryInfo diMapped = new DirectoryInfo(#"Q:\temp\local\folder");
DirectoryInfo diUNC = new DirectoryInfo(#"\\servername\fnsw\tmp\126");
Note: Assuming that the white space before 'folder' in your path is a typo?
Steps to troubleshoot
Try accessing the network path manually in "Run" [WindowKey + R]
Try to access your map drive i.e.: M:\
Make sure you are the account owner of the mapping (mapping should be done under your account)
Go to Property and see if "Run As Administrator" is unchecked.
Remove mapping and re-add the mapping.
Make sure available offline (or sync offline) is turned off and folder is available from another computer.
Hope this helps!
I have made a little app that's running on a Win7-PC. All it does, is to check the content of a network drive at 1:00 O'clock in the morning (and compare it to a folder on its local hard drive), and if there´s differences, copy the differences to this folder.
The problem is, sometimes it can not find the network drive.
When the app starts up, the network drive is found using a button on the app which starts OpenFileDialog, and the resulting drive letter is put into a textbox beside the button. From that point it should just run by itself. The PC is never turned off.
When it says the network drive can not be found, I can manually press the button on the very same app, select the drive in the OpenFileDialog (the drive letter never changes), and the app will run flawless in a couple of days. Then the problem occurs again.
The question is: Why can the network drive be accessed through the OpenFileDialog on my app, but my app can not?
My app start the copy-process using this function (called with "Y:\") to determine whether the drive is present or not:
public bool fn_drive_exists(string par_string)
{
DirectoryInfo di_dir = new DirectoryInfo(par_string);
if (di_dir.Exists)
{
return true;
}
return false;
}
...and sometimes it returns a False, until I "wake it up" using the OpenFileDialog.
What does OpenFileDialog do, that my app do not?
According to this SO post, the problem should be gone if you use UNC path instead of mapped network drive.
If your destination has a static ip address, I suggest you use that ip address instead of domain name for network drive
This SO post describes a similar scenario to what you've described.
One of the links posted as a response to that question led me to this MSDN article which provides a variety of reasons as to why one might encounter errors when trying to access shared network drives by using a mapped drive letter.
Microsoft's suggestion (see below) is to simply use a UNC path.
A service (or any process running in a different security context) that must access a remote resource should use the Universal Naming Convention (UNC) name to access the resource.
To answer your actual question more specifically, with regards to why it suddenly can't access the network share, I would venture a guess to say that the network share is being disconnected by Windows due to an idle timeout, as discussed in KB297684. Any attempt to access the disconnected drive will be met with a small wait as the connection to the network share is re-established, which could presumably be what is causing your issue.
To test this theory, try writing some data to a file on the network drive at a relatively short interval (every 10 minutes, perhaps?) to try and convince Windows that the drive is still active.
You can also try to use:
System.IO.Directory.Exists(par_string);
instead of writing Your own method for the same thing. I would expect a framework method to be able to "wake" the network drive.
Note: Method also works for UNC paths (something like \\<server name or IP address>\<shared folder>)
Like Harvey says, use the UNC path to access the folder, for instance \\server\sharedfolder. In place of \\server use the name of the server. Your computer has a name and so does the server. You can also use the IP address if you know it. You replace \sharedfolder with the path to the files. Some examples:
\\AppsServer\c$\Program Files(x86)
\\FileServer1\d$\Users\John\My Documents
The c$ represents that the C drive is the shared folder. If the entire drive is not shared, you will need to share the specific folder. You can do that by logging onto the server, right clicking the folder, and selecting Properties. Then you go to the Sharing tab and check the Share this folder checkbox. If your shared folder is called MyShare, then your UNC path to access the folder will be
\\server\MyShare
I have a Windows service, running using the login localhost\administrator. This service is meant to invoke another executable (MyProcess.exe), which is supposed to write some stuff to a log file. The service uses Process.Start() to create the process, like so:
var p = new Process();
p.StartInfo.FileName = processFileName;
p.StartInfo.Arguments = arg;
p.Start();
Problem is, it appears that MyProcess.exe is being denied rights to write to the log file, even though localhost\administrator unquestionably has rights to the log folder. If I run MyProcess.exe from a command line, it works perfectly.
So, is it possible that the process is being executed using a different user login?
Can you think of any other reason why MyProcess.exe is being denied rights to write the log file?
UPDATE: the log file is being written to the local machine, but using a network address, i.e. \\MyPC\LogFolder. When I change the code to refer to C:\MyFolder, everything works fine. It's obviously having a problem with the network address (even though it's local).
What sharing settings do I need to put on the folder so that the local system account can access the file?
If you are using impersonating, than it impersonates a user that can be the currrent or a specified user. if not it will run under the Local System, with the privileges of the local system.
p.StartInfo.Domain = "UserName";
p.StartInfo.Password = "Passw0rd!";
You can get the username from:
Thread.CurrentPrincipal.Identity.Name
I've worked it out.
The problem, as noted in my update, is that the process was addressing the log folder using a network share address, \\MyPC\LogFolder, and when we switched the configuration so that it wrote instead to c:\Logfolder, it worked fine.
So it seems that when you address a local folder, the localhost\Administrator account is deemed to have sufficient rights. But when you go via the network share, you need to present valid network credentials, and localhost\Administrator just doesn't cut it. If you change to use MYDOMAIN\MyUser, it works even using the network share address.