D
developers2008
Guest
"select Name,Path from Win32_Share" permissions required by ASP.NET to return paths,
I'm tripping over ASP.NET local machine permissions with the following
on an inside the firewall app:
List<SharePathEntry> allLocalShares = new List<SharePathEntry>(); // a
container for share=local path string pairs
WqlObjectQuery objectQuery = new WqlObjectQuery ("select Name,Path from
Win32_Share��) ;
ManagementScope scope = new ManagementScope(@\\.\root\cimv2); //[1]
scope.Options.Impersonation = ImpersonationLevel.Impersonate; //[1]
scope.Options.EnablePriveleges = true; //[1]
ManagementObjectServer searcher = new
ManagementObjectSearcher(scope,objectQuery);
foreach(ManagementObject share in searcher.Get())
{
object objName = share["Name"];
object objPath = share["Path"];
if(null!=objName)
{
if(null!=objPath)
{
AllLocalShares.Add(new SharePathEntry(objName.ToString(),
objPath.ToString());
}
else
{
// non-null Name returned, null Path retruned only when running totally
[ 3 ] under ASP.NET...[ 4 ]
}
}
}
[ 1 ] I've tried with and without these
[ 2 ] I'm running as admin when I hit webservice that uses this object
[ 3 ] If I run webservice in F5 debug mode, works normally and can
trace above.
[ 4 ] If I run as webservice, condition [4] occurs.
[ 5 ] If I run as webservice, then attach debug to asp.net process, I
can trace above and see [4] occur.
[ 6 ] Same code behind object running under NETWORK_SERVICE credentials
on same local machine works normally.
[ 7 ] I've randomly tried permissions as follows:
Local Security Policy
LocalPolicies:User Rights Assignment : Profile system performance
(Added ASP.NET) : does not fix the problem.
LocalPolicies:User Rights Assignment : Perform volume maintenance tasks
(Added ASP.NET) : does not fix the problem.
Full permissions granted to ASP.NET in security tab for:
Computer Management: Services and Applications: WMI Control :
Properties : Security : Root : CIMV2 and WMI : does not fix the problem
The only thing that has worked so far is to add asp.net account to
local administrators, run as admin. This is a dedicated/private inside
the firewall application, so OK-ish, but I'm hoping to just add the
required permission to asp.net account as is.
--
developers2008
I'm tripping over ASP.NET local machine permissions with the following
on an inside the firewall app:
List<SharePathEntry> allLocalShares = new List<SharePathEntry>(); // a
container for share=local path string pairs
WqlObjectQuery objectQuery = new WqlObjectQuery ("select Name,Path from
Win32_Share��) ;
ManagementScope scope = new ManagementScope(@\\.\root\cimv2); //[1]
scope.Options.Impersonation = ImpersonationLevel.Impersonate; //[1]
scope.Options.EnablePriveleges = true; //[1]
ManagementObjectServer searcher = new
ManagementObjectSearcher(scope,objectQuery);
foreach(ManagementObject share in searcher.Get())
{
object objName = share["Name"];
object objPath = share["Path"];
if(null!=objName)
{
if(null!=objPath)
{
AllLocalShares.Add(new SharePathEntry(objName.ToString(),
objPath.ToString());
}
else
{
// non-null Name returned, null Path retruned only when running totally
[ 3 ] under ASP.NET...[ 4 ]
}
}
}
[ 1 ] I've tried with and without these
[ 2 ] I'm running as admin when I hit webservice that uses this object
[ 3 ] If I run webservice in F5 debug mode, works normally and can
trace above.
[ 4 ] If I run as webservice, condition [4] occurs.
[ 5 ] If I run as webservice, then attach debug to asp.net process, I
can trace above and see [4] occur.
[ 6 ] Same code behind object running under NETWORK_SERVICE credentials
on same local machine works normally.
[ 7 ] I've randomly tried permissions as follows:
Local Security Policy
LocalPolicies:User Rights Assignment : Profile system performance
(Added ASP.NET) : does not fix the problem.
LocalPolicies:User Rights Assignment : Perform volume maintenance tasks
(Added ASP.NET) : does not fix the problem.
Full permissions granted to ASP.NET in security tab for:
Computer Management: Services and Applications: WMI Control :
Properties : Security : Root : CIMV2 and WMI : does not fix the problem
The only thing that has worked so far is to add asp.net account to
local administrators, run as admin. This is a dedicated/private inside
the firewall application, so OK-ish, but I'm hoping to just add the
required permission to asp.net account as is.
--
developers2008