[英]Impersonation in Windows Server 2008
我試圖模擬特定的用戶在我們的服務器中執行一些sql操作。 這不是一個ASP.Net應用程序。 我之前使用了提供的代碼,並且可以正常工作。 但是,最近我們將環境從Windows Server 2000升級到Windows Server 2008 R2。 升級之后,此代碼對我不起作用。 我需要一些幫助來理解此問題並幫助解決它。 任何幫助將不勝感激。 謝謝。
提供的代碼是偽代碼,試圖寫入文件並執行sql操作。
using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Runtime.InteropServices;
using System.Text;
using System.IO;
using System.Security.Principal;
using System.Security.Permissions;
[assembly: SecurityPermissionAttribute(SecurityAction.RequestMinimum, UnmanagedCode = true)]
[assembly: PermissionSetAttribute(SecurityAction.RequestMinimum, Name = "FullTrust")]
public class Test
{
const int LOGON32_LOGON_INTERACTIVE = 2;
const int LOGON32_LOGON_NETWORK = 3;
const int LOGON32_LOGON_BATCH = 4;
const int LOGON32_LOGON_SERVICE = 5;
const int LOGON32_LOGON_UNLOCK = 7;
const int LOGON32_LOGON_NETWORK_CLEARTEXT = 8;
const int LOGON32_LOGON_NEW_CREDENTIALS = 9;
const int LOGON32_PROVIDER_DEFAULT = 0;
const int SecurityImpersonation = 2;
[DllImport("advapi32.dll", SetLastError = true)]
public static extern int LogonUser(
string lpszUsername,
string lpszDomain,
string lpszPassword,
int dwLogonType,
int dwLogonProvider,
out IntPtr phToken
);
[DllImport("advapi32.dll", SetLastError = true)]
public static extern int ImpersonateLoggedOnUser(
IntPtr hToken
);
[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public extern static bool DuplicateToken(IntPtr ExistingTokenHandle,
int SECURITY_IMPERSONATION_LEVEL, ref IntPtr DuplicateTokenHandle);
[DllImport("advapi32.dll", SetLastError = true)]
static extern int RevertToSelf();
[DllImport("kernel32.dll", SetLastError = true)]
static extern int CloseHandle(IntPtr hObject);
public void TestImpersonation()
{
IntPtr lnToken = new IntPtr(0);
IntPtr dupeTokenHandle = new IntPtr(0);
StringBuilder sb = new StringBuilder();
int TResult = LogonUser("itservices", "DFC", "St4hls345t", LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT, out lnToken);
if (TResult > 0)
{
bool retVal = DuplicateToken(lnToken, SecurityImpersonation, ref dupeTokenHandle);
if (false == retVal)
{
CloseHandle(lnToken);
Console.WriteLine("Exception thrown in trying to duplicate token.");
return;
}
WindowsIdentity newId = new WindowsIdentity(dupeTokenHandle);
WindowsImpersonationContext impersonatedUser = newId.Impersonate();
writeLog(DateTime.Now.ToString(@"MM-dd-yyyy HH:mm:ss") + " - Impersonation Applied" + Environment.NewLine);
runQuery();
impersonatedUser.Undo();
writeLog(DateTime.Now.ToString(@"MM-dd-yyyy HH:mm:ss") + " - Impersonation Reverted" + Environment.NewLine);
runQuery();
CloseHandle(lnToken);
}
else
{
writeLog(DateTime.Now.ToString(@"MM-dd-yyyy HH:mm:ss") + " - Impersonation not Applied" + Environment.NewLine);
}
return;
}
void writeLog(string message)
{
try
{
string filePath = @"E:\Impersonate\Testlog.txt";
File.AppendAllText(filePath, message);
}
catch
{
Console.WriteLine();
}
}
void runQuery()
{
SQLOperations sqlUtill = new SQLOperations();
string cmdTxt = "SELECT * FROM [tblChildOrder] where [StahlsWorkOrderID] = 'DREAMFUL0015799'";
DataTable dt = sqlUtill.executeQuery(cmdTxt);
if (dt != null)
{
Console.WriteLine();
}
else
{
Console.WriteLine();
}
}
}
破壞我的代碼的大多數升級通常是由升級更改用戶權限引起的。 仔細檢查用戶及其權限,您應該會發現問題。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.