如何通过ManagementScope使用用户名/密码/域进行身份验证

时间:2018-11-13 21:59:12

标签: c# .net authentication

我编写了一个实用程序,该实用程序可以(其中包括)最后一次重新引导一组服务器。只要服务器都在我的域内并且启动应用程序的用户对服务器具有权限,此方法就很好用。添加了一个部分,用户可以在其中指定备用凭据,在本例中,该凭据专门用于处理其他域。我输入的凭据在目标域上具有域管理员权限,但是我的代码却收到访问被拒绝(未经授权的访问)错误。

谢谢!

private void btnLastReboot_Click(object sender, EventArgs e)
    {
        ConnectionOptions conOpts = new ConnectionOptions();

        if (selectedList.Count > 0)
        {
            Cursor currentCursor = Cursor.Current;
            Cursor.Current = Cursors.WaitCursor;

            stripProgress.Visible = true;
            stripProgress.Minimum = 0;
            stripProgress.Maximum = selectedList.Count();
            stripProgress.Step = 1;
            stripProgress.Value = 0;

            rtfOut.SelectionTabs = new int[] { 100, 200 };
            rtfOut.Text = "";

            var sq = new SelectQuery("Win32_OperatingSystem");

            if (prefs.useCurrentUser == true)
            {
                // Setting all fields to NULL causes current user info to be used
                conOpts.Username = null;
                conOpts.Password = null;
                conOpts.Authority = null;
            }
            else
            {
                conOpts.Username = prefs.userName;
                conOpts.Password = prefs.password.ToString();
                conOpts.Authority = "ntlmdomain:" + prefs.domain;

            }

            foreach (ServerList anEntry in selectedList)
            {
                stripProgress.Value++;

                try
                {
                    var mgmtScope = new ManagementScope("\\\\" + anEntry.ServerName + "\\root\\cimv2", conOpts);
                    mgmtScope.Connect();
                    var mgmtSearcher = new ManagementObjectSearcher(mgmtScope, sq);
                    foreach (var item in mgmtSearcher.Get())
                    {
                        var lastBoot = item.GetPropertyValue("LastBootUpTime").ToString();
                        DateTime lboot = ManagementDateTimeConverter.ToDateTime(lastBoot);
                        rtfOut.Text += anEntry.ServerName + "\t";
                        if(anEntry.ServerName.Length <= 9)
                        {
                            rtfOut.Text += "\t";
                        }
                        rtfOut.Text += lboot.ToLongDateString() + " (" + lboot.ToLongTimeString() + ")\r\n";
                    }
                }
                catch (Exception ex)
                {
                    if (ex is UnauthorizedAccessException)
                    {
                        rtfOut.Text += anEntry.ServerName + "\t <Access Denied>\r\n";
                    }
                    else
                    {
                        rtfOut.Text += anEntry.ServerName + "\t <not responding>\r\n";
                    }
                }
            }

            stripProgress.Visible = false;
            Cursor.Current = currentCursor;
        }
    }

1 个答案:

答案 0 :(得分:0)

不得不睡觉,但是答案终于在淋浴中打了我……

我将用户提供的密码存储在SecureString变量中,但是ConnectionOptions的password字段希望该值是纯字符串。我可以通过临时对密码进行硬编码来测试此密码,然后该密码可以正常工作。最终的解决方案是将SecureString转换为纯字符串,然后将其分配给ConnectionOption。

如果有人好奇,我可以使用此位将密码转换回去:

string password = new System.Net.NetworkCredential(string.Empty, securePassword).Password;
相关问题
最新问题