堆栈内存溢出
  简体   繁体   English

以编程方式以管理员身份删除文件夹

[英]Delete folder programmatically as admin

 原文  2015-07-01 23:53:46       c#/ asp.net

问题描述

I'm trying to delete a user profile folder suing C# and ASP.net, when i do this through windows UI i get a UAC prompt which is fine. 我试图通过C#和ASP.net删除用户配置文件文件夹,当我通过Windows UI执行此操作时,出现UAC提示,这很好。

I wish to this programmatically using ASP.net & C# . 我希望以编程方式使用ASP.net和C#进行此操作。 The objective is for admin users to launch a webform and do this remotely on workstation but i'm currently getting permission errors. 目标是让管理员用户启动一个Webform并在工作站上远程执行此操作,但是我目前遇到权限错误。 (im running visual studio as admin in my debugging environment to delete local users) (即在我的调试环境中以管理员身份运行Visual Studio以删除本地用户)

{"Access to the path 'C:\\Users\\nzsp2013admin\\AppData\\Local\\Microsoft\\Windows\\Application ..... is denied."} {“拒绝访问路径'C:\\ Users \\ nzsp2013admin \\ AppData \\ Local \\ Microsoft \\ Windows \\ Application.....。”}

code: 码:

var dir = new DirectoryInfo("C:\\Users\\nzsp2013admin"); var dir = new DirectoryInfo(“ C:\\ Users \\ nzsp2013admin”);

dir.Attributes = dir.Attributes & ~FileAttributes.ReadOnly; dir.Attributes = dir.Attributes&〜FileAttributes.ReadOnly;
dir.Delete(true); dir.Delete(真); // true => recursive delete // true =>递归删除

3 个解决方案

解决方案1
 1 已采纳  2015-07-02 00:14:38

This has to do with the permissions which are configured in IIS. 这与IIS中配置的权限有关。

Every ASP.NET application that you run in IIS will be run using an identity that can be managed in the Application Pools section in IIS Manager . 在IIS中运行的每个ASP.NET应用程序都将使用可以在IIS Manager的“ Application Pools部分中进行管理的身份来运行。

By default, each Application Pool that is created (including the default one) will have permissions within a limited scope. 默认情况下,创建的每个Application Pool (包括默认的Application Pool )将在有限范围内具有权限。

If I'm honest, the phrase Application Pool makes things sound more complicated than what they actually are. 老实说,短语“ Application Pool使事情听起来比实际情况更复杂。 An application pool is just an identity exactly like the one that you use to sign on to your PC, and in your case an identity with normal user permissions is attempting to perform an action that requires a set of higher permissions. 应用程序池只是一个与您登录PC所使用的身份完全相同的身份,在这种情况下,具有正常用户权限的身份正在尝试执行需要一组更高权限的操作。

To resolve this, open up IIS. 要解决此问题,请打开IIS。

  1. Click on Application Pools 单击应用程序池
  2. Select the Application Pool that your web application is running under 选择您的Web应用程序正在其下运行的应用程序池
  3. Click on Advanced Settings 点击高级设置
  4. Click on identity and select Custom identity 单击身份并选择自定义身份
  5. Enter the credentials of an account that has administrative privileges. 输入具有管理特权的帐户的凭据。

配置权限的步骤

在此处输入图片说明

However, I do have to warn you that you could be opening yourself up to a wide range of security concerns and that there are alternatives such as adding explicit permissions to specific directories that include the identity which the ASP.NET application is running from. 但是,我确实要警告您,您可能会面临各种各样的安全问题,并且还有其他选择,例如向特定目录添加显式权限,其中包括运行ASP.NET应用程序的身份。

解决方案2
 0  2015-07-02 00:22:16

I used this approach and it works very well. 我使用了这种方法,并且效果很好。 With this approach you dont use an account with high level privileges all the time just when required and not for the application execution. 使用这种方法,您不必始终在需要时才使用具有高级别特权的帐户,而不是始终用于应用程序的执行。

Try to use a domain account and add privileges to the folder or lacation you required. 尝试使用域帐户并将特权添加到所需的文件夹或分片中。 And share the folder so you can use an unc path. 并共享文件夹,以便您可以使用unc路径。

Accessing a Shared File (UNC) From a Remote, Non-Trusted Domain With Credentials 从具有凭据的远程非受信任域访问共享文件(UNC)

解决方案3
 0  2015-07-02 00:29:27

You could use code impersonation: 您可以使用代码模拟:

http://csharptuning.blogspot.com/2007/06/impersonation-in-c.html http://csharptuning.blogspot.com/2007/06/impersonation-in-c.html
http://www.codeproject.com/Articles/14358/User-Impersonation-in-NET http://www.codeproject.com/Articles/14358/User-Impersonation-in-NET

regardless, whomever you use as the impersonation must be able to read/write to the location. 无论如何,无论您用作模拟的人,都必须能够读取/写入该位置。 We use this method in applications for delete/create folder across network but in theory, you should be able to wrap this around any piece of code, check to see if the user is an admin, and if so use the impersonated user to delete the folder, or however you prefer to do it. 我们在应用程序中使用此方法在整个网络上删除/创建文件夹,但从理论上讲,您应该可以将此方法包装在任何代码中,检查用户是否为管理员,如果是,则使用模拟用户删除该文件。文件夹,或者您更喜欢这样做。

Also, I noticed you mention that you are wanting to do it remotely, but your examples have the local path. 另外,我注意到您提到您想远程执行此操作,但是您的示例具有本地路径。

You may also find this useful: Deleting Windows user accounts remotely WCF and C# 您可能还会发现这很有用: 远程删除Windows用户帐户WCF和C#

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 非管理员用户以编程方式创建和删除任务 - Non admin user to create and delete task programmatically 无法使用UAC和管理员帐户在C#中以编程方式删除文件 - Cannot delete file programmatically in C# with UAC and admin account 如何获得管理员权限以删除文件/文件夹? - How can I get admin permissions to delete a file/folder? 尝试以编程方式删除文件夹时“目录不为空”错误 - “Directory is not empty” error when trying to programmatically delete a folder 以编程方式向文件夹添加权限 - Programmatically Adding Permissions to a Folder 以编程方式获取文件夹位置 - Programmatically get the folder location 如何以编程方式删除文件? - How to delete files programmatically? 以编程方式删除excel工作表 - delete excel worksheets programmatically 如何以编程方式删除列? - How to Delete a Column Programmatically? Yammer API:以编程方式添加管理员 - Yammer API:Add admin programmatically
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM