CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Results 1 to 4 of 4
  1. February 19th, 2003, 09:44 AM #1
    ctsinger
    ctsinger is offline Junior Member
    Join Date
    Feb 2003
    Posts
    5

    Question WinXP service : security/permissions question

    Hi,
    I have written a windows service. It has several jobs, one of which is VERY simple : create a directory on a mapped network drive.
    This service has been around for several months, running on Win2000. It runs fine on Win2000.
    I am now migrating to WinXP (Pro). The service is unable to create the directory on the same network drive that Win2000 clients are able to.
    By default, I have the service "log on" as LocalSystem.
    As part of my experimentation, I have found that simply running the service as an .exe as user Administrator, it works just fine. However, if I tell the service to "log on" as Administrator (w/correct password), it will not create the directory!
    I am assuming that some default permissions are different in the WinXP security model, but I am at a loss to figure out which is blocking me.
    Any suggestions would be appreciated!
    Thanks,
    Charlie
    Reply With Quote Reply With Quote
  2. February 19th, 2003, 11:23 AM #2
    Kdr Kane's Avatar
    Kdr Kane
    Kdr Kane is offline Member
    Join Date
    May 2002
    Location
    Texas
    Posts
    222
    Security has been tightened up a bit on XP.

    Your problem is not the security on the XP machine. It's the mapped drive.

    The user account you're running in interactive mode has permission to create directories on the mapped drive. The local administrator and local system accounts do not have permission to create directories on the mapped drive.

    In your service, use the account and password of a remote account that has permission to create directories on the destination drive.
    Reply With Quote Reply With Quote
  3. February 20th, 2003, 04:35 PM #3
    ctsinger
    ctsinger is offline Junior Member
    Join Date
    Feb 2003
    Posts
    5
    Thanks for the suggestion.
    Still - I am puzzled. I have enabled probably more permissions on the network drive than I would like, yet the service is still unabled to access it.
    When I run the service as an executable, I am running as user "Administrator".
    When I run the service as a service, I tell it to "log on" as ".\Administrator".
    I was unable to specify the user in the form "RemoteComputerName\Administrator" - the OS told me that the combination of user/password was incorrect (it was correct).
    Also, in my reading of XP security, it would seem that the default LocalSystem that the service originally had should have access to the network drive.

    I should add at this point that my systems are not on a domain, just a workgroup.

    More suggestions are welcome!
    Thanks,
    Charlie
    Reply With Quote Reply With Quote
  4. March 13th, 2003, 05:13 PM #4
    ctsinger
    ctsinger is offline Junior Member
    Join Date
    Feb 2003
    Posts
    5

    Smile

    The problem had nothing to do with permissions!
    The problem is that WinXP does not share drive mappings among different logons. So a mapped drive created by user X is not visible to the services. See
    http://msdn.microsoft.com/library/de...ted_drives.asp
    for more info.

    I ended up mapping the drives using WNetAddConnection2() in my service, and now it's happy (and so am I!!).
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules




Click Here to Expand Forum to Full Width

Featured