冒充后拒绝访问

时间:2016-02-26 16:53:40

标签: c# impersonation

我的帐户是非管理员帐户,我冒充管理员帐户,模拟似乎有效,但每当我执行string [] theFolders = Directory.GetDirectories(“serverPath”);我收到了拒绝访问错误消息...我给了我的帐户和帐户我冒充路径阅读权以防万一,但我仍然收到错误消息

        string[] theFolders = Directory.GetDirectories("serverPath");
[DllImport("advapi32.dll", SetLastError = true)]
    public static extern bool LogonUser(string pszUsername, string pszDomain, string pszPassword,
    int dwLogonType, int dwLogonProvider, ref IntPtr phToken);

    // closes open handes returned by LogonUser
    [DllImport("kernel32.dll", CharSet = CharSet.Auto)]
    public extern static bool CloseHandle(IntPtr handle);

    public void DoWorkUnderImpersonation()
    {
        //elevate privileges before doing file copy to handle domain security
        WindowsImpersonationContext impersonationContext = null;
        IntPtr userHandle = IntPtr.Zero;
        const int LOGON32_PROVIDER_DEFAULT = 0;
        const int LOGON32_LOGON_INTERACTIVE = 2;


        string domain = "Domain";
        string user = "username";
        string password = "password";

        try
        {
            Console.WriteLine("windows identify before impersonation: " + WindowsIdentity.GetCurrent().Name);

            // if domain name was blank, assume local machine
            if (domain == "")
                domain = System.Environment.MachineName;

            // Call LogonUser to get a token for the user
            bool loggedOn = LogonUser(user,
                                        domain,
                                        password,
                                        LOGON32_LOGON_INTERACTIVE,
                                        LOGON32_PROVIDER_DEFAULT,
                                        ref userHandle);

            if (!loggedOn)
            {
                Console.WriteLine("Exception impersonating user, error code: " + Marshal.GetLastWin32Error());
                return;
            }

        // Begin impersonating the user
        using (WindowsIdentity.Impersonate(userHandle))
        { 

            Console.WriteLine("Main() windows identify after impersonation: " + WindowsIdentity.GetCurrent().Name);

        //run the program with elevated privileges (like file copying from a domain server)
        string[] theFolders = Directory.GetDirectories("serverPath");
        using (ZipFile myZip = new ZipFile())
        {
            foreach (string folder in theFolders)
            {
                myZip.AddItem(folder, folder);
            }
            bool exists = Directory.Exists("TargetServerPath");

            if (!exists)
                Directory.CreateDirectory("TargetServerPath");
            myZip.Save(TargetServerPath.zip);
        }
        }


    }
        catch (Exception ex)
        {
            Console.WriteLine("Exception impersonating user: " + ex.Message);
        }
        finally
        {
            // Clean up
            if (impersonationContext != null)
            {
                impersonationContext.Undo();
            }

            if (userHandle != IntPtr.Zero)
            {
                CloseHandle(userHandle);
            }
        }
    }

0 个答案:

没有答案