我的系统已经运行了一年,非常愉快。最近客户在XP上重命名了一些用户帐户,现在我们得到安全例外,我只想了解原因。
问题似乎是帐户的“重命名”只会更改“显示的”用户名,即它仍然从原始用户路径/帐户运行。我认为这会以某种方式打破凭据。客户说他们必须坚持这个用户重命名,所以我能看到的唯一解决方案是关闭系统安全性吗?
这是绑定:
<bindings>
<customBinding>
<binding name="NetTcpBinding_Custom" openTimeout="00:10:00" receiveTimeout="00:20:00" closeTimeout="00:01:00" sendTimeout="00:04:00" >
<transactionFlow />
<binaryMessageEncoding />
<windowsStreamSecurity protectionLevel="EncryptAndSign" />
<reliableSession maxPendingChannels="512" maxRetryCount="16" maxTransferWindowSize="512" flowControlEnabled="True"/>
<tcpTransport maxBufferPoolSize="524288" maxReceivedMessageSize="99999998"
connectionBufferSize="16384" hostNameComparisonMode="StrongWildcard"
channelInitializationTimeout="00:01:00" maxBufferSize="99999998"
maxPendingConnections="100" maxOutputDelay="00:00:00.2000000" maxPendingAccepts="100"
transferMode="Buffered" listenBacklog="400" portSharingEnabled="false"
teredoEnabled="false">
<connectionPoolSettings groupName="default" leaseTimeout="00:05:00" idleTimeout="00:02:00" maxOutboundConnectionsPerEndpoint="100" />
</tcpTransport>
</binding>
</customBinding>
</bindings>
现在使用此重命名的用户帐户:
2011-01-14 08:57:12,912 [99716] ERROR Wolfhaus.BrokerDashboard.Client.StaticData - Error in GetRawData: System.ServiceModel.Security.SecurityNegotiationException: The server has rejected the client credentials. ---> System.Security.Authentication.InvalidCredentialException: The server has rejected the client credentials. ---> System.ComponentModel.Win32Exception: The logon attempt failed
--- End of inner exception stack trace ---
at System.Net.Security.NegoState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.Security.NegotiateStream.AuthenticateAsClient(NetworkCredential credential, ChannelBinding binding, String targetName, ProtectionLevel requiredProtectionLevel, TokenImpersonationLevel allowedImpersonationLevel)
at System.Net.Security.NegotiateStream.AuthenticateAsClient(NetworkCredential credential, String targetName, ProtectionLevel requiredProtectionLevel, TokenImpersonationLevel allowedImpersonationLevel)
at System.ServiceModel.Channels.WindowsStreamSecurityUpgradeProvider.WindowsStreamSecurityUpgradeInitiator.OnInitiateUpgrade(Stream stream, SecurityMessageProperty& remoteSecurity)
--- End of inner exception stack trace ---
Server stack trace:
at System.ServiceModel.Channels.WindowsStreamSecurityUpgradeProvider.WindowsStreamSecurityUpgradeInitiator.OnInitiateUpgrade(Stream stream, SecurityMessageProperty& remoteSecurity)
at System.ServiceModel.Channels.StreamSecurityUpgradeInitiatorBase.InitiateUpgrade(Stream stream)
无论如何我可以在系统上保持一定的安全性,或者假设他们不会“撤消”他们的用户重命名,我必须禁用它才能让它再次运行吗?
谢谢, 将