补充一句:GetLastError得到的错误是:126
具体意思就是:缺少模块,缺少哪一个? The specified module could not be found.
具体意思就是:缺少模块,缺少哪一个? The specified module could not be found.
解决方案 »
- ControlTemplate只能有一个Line?
- 如何克隆panel及子控件的事件,求助!!!
- 超市销售库存管理系统
- 谁有Window Form应用程序开发相关的教学视频啊
- [有点难度]请问如何把WPF做出来的漂亮效果应用到已有的C# winform软件里面去?
- 现在公司要做一个网站了,不知道该用什么工具软件的好
- 欢迎讨论:在win98下发布.net程序的完美解决方案(兼谈微软给我的痛)
- 玩来玩去,还是觉得微软的东西好啊
- 在windows程序中,如何访问服务器上的文件?
- 非UI线程访问UI线程里的控件但不更新它需要invoke吗
- 求助:用C#做一个简单的数据库应用程序(100分)
- 大家好我是刚刚学电脑语言 给点提示吗 c++/c/c#/java 啊 谢谢
INFO: Implementing Impersonation in an ASP.NET Application
http://support.microsoft.com/default.aspx?scid=kb;ZH-CN;Q306158
also try (from http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&threadm=%23pFiEFy4BHA.1752%40tkmsftngp02&rnum=1&prev=/groups%3Fq%3Dasp.net%2Blogonuser%2BSE_TCB_NAME%2B126%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26selm%3D%2523pFiEFy4BHA.1752%2540tkmsftngp02%26rnum%3D1)
using System;
using System.Runtime.InteropServices;public class WebForm1 : System.Web.UI.Page
{
[DllImport("C:\\Windows\\System32\\advapi32.dll")]
public static extern bool LogonUser(String lpszUsername, String
lpszDomain, String lpszPassword,
int dwLogonType, int dwLogonProvider, out int phToken);
[DllImport("C:\\Windows\\System32\\Kernel32.dll")]
public static extern int GetLastError();
private void Page_Load(object sender, System.EventArgs e)
{
int token1;
bool loggedOn = LogonUser(
// User name.
"junsu",
// Domain
"Domain1",
// Password.
"*****",
// Logon type = LOGON32_LOGON_NETWORK_CLEARTEXT.
3,
// Logon provider = LOGON32_PROVIDER_DEFAULT.
0,
// The user token for the specified user is returned here.
out token1);
Response.Write("LogonUser called");
// Call GetLastError to try to determine why logon failed if it did not succeed. int ret = GetLastError();
Response.Write("LogonUser Success? " + loggedOn);
Response.Write("NT Token Value: " + token1);
} // some functions omit.
}
1) 平台,在windows200和xp下,这个函数有些不同.
2) LogonUser的格式
3)GetLastError得位置,就紧挨着LogonUser吗?
一个人钻往往比较慢,如果不介意的话,把你的源码发到[email protected]. 我还在研究,直到有人解决.
saucer(思归),佩服佩服.
http://www.csdn.net/expert/topic/1010/1010031.xml?temp=.6753961
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/frlrfsystemsecurityprincipalwindowsimpersonationcontextclasstopic.asp//Whisper: 弄不好是.NET/Asp.net的bug。
http://support.microsoft.com/default.aspx?scid=kb;ZH-CN;Q306158".....
The identity of the process that impersonates a specific user on a thread must have the "Act as part of the operating system" privilege. By default, the Aspnet_wp.exe process runs under a computer account named ASPNET. However, this account does not have the required privileges to impersonate a specific user. You receive an error message if you try to impersonate a specific user.To work around this problem, use one of the following methods:
1. Grant the "Act as part of the operating system" privilege to the ASPNET account.
2. Change the account that the Aspnet_wp.exe process runs under to the System account in the <processModel> configuration section of the Machine.config file.
....."
to grant the "Act as part of the operating system" privilege to the ASPNET account, go to Administrative Tools, open Local Security Policy, go to Local Policies->User Rights Assignment, right click on "Act as part of the operating system" in the right pane, select Security..., add ASPNET account to it, click on OK, restart your web server (use iisreset command in DOS prompt), re-try....
1314
A required privilege is not held by the client. ERROR_PRIVILEGE_NOT_HELD
那段代码是MSDN上的,我查过了。在console与Winform中没有问题,现在是要用于Web,所以问题就来了:(to:larson(Unkonwn)
就是因为了有了白鸟兄弟的代码,我才敢确认可以在Web中使用LogonUser,只是他的代码,返回亦是Falseto:TheAres(阿瑞斯)
发那个贴的人也是我...我是没有办法了,想在微软上,他们会回答吧..to:秋叶一知.
你说的那段代码,和思归说的是一样的,是微软给出的标准格式。
你那停aspnet_wp的方法还没有试,先去看一下:)万一不行,就直接改identity吧看看能不能把这个权限锁定在一个文件吧。
分析得出这样的结论:
既然可以在Console和WinFrom中运行
那说名是没问题的,应该是ASP.NET里的工作方式有些不同
不知道说的对不对!!!
我在中文组里看到你的帖子.
我说得是英文组里的.一个叫"Michael S. Collier"发的帖子.帖子的标题是"LogonUser() always returns 126". 他的问题已经被解决了. 你自己去搜搜看.
我是通过machine.config改aspnet_wp权限的,用SYSTEM不是Machine。如果改回去的话,报错的Error Code就是1314,权限不足。
我要身份验证,就是为了有别人的权限来做事情.但是现在要使用LogonUser,就得给aspnet的帐号加权限,而这个权限就已经很大了...
我测试了一下,加虚拟目录,删除文件等等,什么权限都有了.那我还要身份模拟干什么:(
而且,我觉得Impersonation的目的也可以是缩小权限,在需要的最小权限集下工作安全性更好一些。所以可以这样理解,首先赋予aspnet系统权限,然后使用impersonation来限制它的权限到你真正需要的部分。