Anonymous_User Absent Member.
Absent Member.
766 views

New View of Old File Access Problem

Hi all,

Here is my issue and I hope someone can point me in the right
direction.

Situation:
C# web application trying to read an access.mdb file stored on the
netware file server (v6). I am getting an access file error.

I have reviewed all the MS documentation about setting up IUSR_MACHINE

name on the root of the server container where the file resides and
then modifying the IUSR_MACHINENAME account on the IIS server.

*** THIS SOLUTION WILL NOT WORK FOR ME ***

I am in an environment where I cannot add the IUSR_MACHINE name to the

server container nor can I turn off the policy regarding disallowing
password changes (I don't have that much power!).

I have seen a programmatic soltution for authenticating to windows
servers and then performing work within the application thread as theauthenticated user -- sample code below :

*Windows Impersonation Code * - C#

#region "Security Impersonation Protocol"

// The following example of using the impersonation feature in c#

// if(impersonateValidUser("user", "domain", "password"))

// {

// Dosomething();

// undoImpersonation();

// }

// else

// {

// //Your impersonation failed. Therefore, include a fail-safe
mechanism here.

// }

public const int LOGON32_LOGON_INTERACTIVE = 2;

public const int LOGON32_PROVIDER_DEFAULT = 0;

WindowsImpersonationContext impersonationContext;

[DllImport("advapi32.dll", CharSet=CharSet.Auto)]

public static extern int LogonUser(String lpszUserName,

String lpszDomain,

String lpszPassword,

int dwLogonType,

int dwLogonProvider,

ref IntPtr phToken);


[DllImport("advapi32.dll",
CharSet=System.Runtime.InteropServices.CharSet.Auto,

SetLastError=true)]

public extern static int DuplicateToken(IntPtr hToken,

int impersonationLevel,

ref IntPtr hNewToken);

private bool impersonateValidUser(String userName, String domain,
String password)

{

WindowsIdentity tempWindowsIdentity;

IntPtr token = IntPtr.Zero;

IntPtr tokenDuplicate = IntPtr.Zero;

if(LogonUser(userName, domain, password, LOGON32_LOGON_INTERACTIVE,

LOGON32_PROVIDER_DEFAULT, ref token) != 0)

{

if(DuplicateToken(token, 2, ref tokenDuplicate) != 0)

{

tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);

impersonationContext = tempWindowsIdentity.Impersonate();

if (impersonationContext != null)

return true;

else

return false;

}

else

return false;

}

else

return false;

}


private void undoImpersonation()

{

impersonationContext.Undo();

}

#endregion


** END SAMPLE CODE **

-- WHAT I WOULD LIKE --
(hope everyone can see that:)

I want to be able to do this type of programmatic authentication on aNovell 6 Server. I doubt that my organization has LDAP correctly
running on these file servers...

I would really appreciate any information -- regarding a programmaticsolution IN ANY PROGRAMMING LANGUAGE that would allow me to perform
the same type of operation as my Windows code above.

Sincerely,
Tired Tom
(I have been busting my chops on this one for several weeks)



Labels (1)
0 Likes
1 Reply
Anonymous_User Absent Member.
Absent Member.

Re: New View of Old File Access Problem

Please post this on the developer support forums at
developer.novell.com .
Thanks.
--
Andrew C Taubman
Novell Support Forums Volunteer SysOp
http://support.novell.com/forums
(Sorry, support is not provided via e-mail)

Opinions expressed above are not
necessarily those of Novell Inc.





0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.