|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
How to find out file owner?The following code doesn't work for mapped drives: using System; using System.Text; using System.Threading; using System.Security.AccessControl; using System.Security.Principal; using System.IO; namespace ConsoleApplication1 { class Program { static void Main(string[] args) { FileInfo fi = new FileInfo(@"c:\boot.ini"); FileSecurity fs = fi.GetAccessControl(); IdentityReference ir = fs.GetOwner(typeof(NTAccount)); Console.WriteLine(ir.Value); } } } What should I do to make it work for mapped drives or UNC (like \\10.0.61.22\c$\boot.ini)? (Windows XP network; logged on using domain administrator account) Thanks I'm not sure what the problem is, but can you explain more about what
doesn't work? Does it crash? Can you not access the security descriptor? Can you just not access the owner or does the translation of the SID into an NTAccount fail? Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- "Dmitry Nogin" <dmitryno***@hotmail.com> wrote in message news:e9Lr0EKQHHA.4172@TK2MSFTNGP03.phx.gbl... > Hi, > The following code doesn't work for mapped drives: > > using System; > using System.Text; > using System.Threading; > using System.Security.AccessControl; > using System.Security.Principal; > using System.IO; > > namespace ConsoleApplication1 > { > class Program > { > static void Main(string[] args) > { > FileInfo fi = new FileInfo(@"c:\boot.ini"); > FileSecurity fs = fi.GetAccessControl(); > IdentityReference ir = fs.GetOwner(typeof(NTAccount)); > Console.WriteLine(ir.Value); > } > } > } > > What should I do to make it work for mapped drives or UNC (like > \\10.0.61.22\c$\boot.ini)? > > (Windows XP network; logged on using domain administrator account) > > Thanks > Yes, the problem is about SID translation. I can acquire SID but translation
into an NTAccount fails. BTW, I can see actual value in Windows Explorer. Show quoteHide quote "Joe Kaplan" <joseph.e.kap***@removethis.accenture.com> wrote in message news:uRGy8LaQHHA.4476@TK2MSFTNGP05.phx.gbl... > I'm not sure what the problem is, but can you explain more about what > doesn't work? Does it crash? Can you not access the security descriptor? > Can you just not access the owner or does the translation of the SID into > an NTAccount fail? > > Joe K. > > -- > Joe Kaplan-MS MVP Directory Services Programming > Co-author of "The .NET Developer's Guide to Directory Services > Programming" > http://www.directoryprogramming.net > -- > "Dmitry Nogin" <dmitryno***@hotmail.com> wrote in message > news:e9Lr0EKQHHA.4172@TK2MSFTNGP03.phx.gbl... >> Hi, >> The following code doesn't work for mapped drives: >> >> using System; >> using System.Text; >> using System.Threading; >> using System.Security.AccessControl; >> using System.Security.Principal; >> using System.IO; >> >> namespace ConsoleApplication1 >> { >> class Program >> { >> static void Main(string[] args) >> { >> FileInfo fi = new FileInfo(@"c:\boot.ini"); >> FileSecurity fs = fi.GetAccessControl(); >> IdentityReference ir = fs.GetOwner(typeof(NTAccount)); >> Console.WriteLine(ir.Value); >> } >> } >> } >> >> What should I do to make it work for mapped drives or UNC (like >> \\10.0.61.22\c$\boot.ini)? >> >> (Windows XP network; logged on using domain administrator account) >> >> Thanks >> > > If the SID is local to the machine that it is coming from, then that might
explain it. The current machine may have no way to determine who that user is. I can't explain why Windows explorer would be able to do it as they should be using the same APIs, but sometimes things aren't that obvious. What is the SID in this case? Does it belong to a specific local machine user? Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- "Dmitry Nogin" <dmitryno***@hotmail.com> wrote in message news:%23io%23iH5QHHA.488@TK2MSFTNGP06.phx.gbl... > Yes, the problem is about SID translation. I can acquire SID but > translation into an NTAccount fails. > > BTW, I can see actual value in Windows Explorer. > > > "Joe Kaplan" <joseph.e.kap***@removethis.accenture.com> wrote in message > news:uRGy8LaQHHA.4476@TK2MSFTNGP05.phx.gbl... >> I'm not sure what the problem is, but can you explain more about what >> doesn't work? Does it crash? Can you not access the security >> descriptor? Can you just not access the owner or does the translation of >> the SID into an NTAccount fail? >> >> Joe K. >> >> -- >> Joe Kaplan-MS MVP Directory Services Programming >> Co-author of "The .NET Developer's Guide to Directory Services >> Programming" >> http://www.directoryprogramming.net >> -- >> "Dmitry Nogin" <dmitryno***@hotmail.com> wrote in message >> news:e9Lr0EKQHHA.4172@TK2MSFTNGP03.phx.gbl... >>> Hi, >>> The following code doesn't work for mapped drives: >>> >>> using System; >>> using System.Text; >>> using System.Threading; >>> using System.Security.AccessControl; >>> using System.Security.Principal; >>> using System.IO; >>> >>> namespace ConsoleApplication1 >>> { >>> class Program >>> { >>> static void Main(string[] args) >>> { >>> FileInfo fi = new FileInfo(@"c:\boot.ini"); >>> FileSecurity fs = fi.GetAccessControl(); >>> IdentityReference ir = fs.GetOwner(typeof(NTAccount)); >>> Console.WriteLine(ir.Value); >>> } >>> } >>> } >>> >>> What should I do to make it work for mapped drives or UNC (like >>> \\10.0.61.22\c$\boot.ini)? >>> >>> (Windows XP network; logged on using domain administrator account) >>> >>> Thanks >>> >> >> > > I checked all the possible situations:
BULTIN\Administrator MYDOMAIN\Administrator etc... Sometimes it works, sometimes - no. I couldn't find any dependancy on the origin of the account. Show quoteHide quote "Joe Kaplan" <joseph.e.kap***@removethis.accenture.com> wrote in message news:ugxNDI8QHHA.1364@TK2MSFTNGP06.phx.gbl... > If the SID is local to the machine that it is coming from, then that might > explain it. The current machine may have no way to determine who that > user is. I can't explain why Windows explorer would be able to do it as > they should be using the same APIs, but sometimes things aren't that > obvious. > > What is the SID in this case? Does it belong to a specific local machine > user? > > Joe K. > > -- > Joe Kaplan-MS MVP Directory Services Programming > Co-author of "The .NET Developer's Guide to Directory Services > Programming" > http://www.directoryprogramming.net > -- > "Dmitry Nogin" <dmitryno***@hotmail.com> wrote in message > news:%23io%23iH5QHHA.488@TK2MSFTNGP06.phx.gbl... >> Yes, the problem is about SID translation. I can acquire SID but >> translation into an NTAccount fails. >> >> BTW, I can see actual value in Windows Explorer. >> >> >> "Joe Kaplan" <joseph.e.kap***@removethis.accenture.com> wrote in message >> news:uRGy8LaQHHA.4476@TK2MSFTNGP05.phx.gbl... >>> I'm not sure what the problem is, but can you explain more about what >>> doesn't work? Does it crash? Can you not access the security >>> descriptor? Can you just not access the owner or does the translation of >>> the SID into an NTAccount fail? >>> >>> Joe K. >>> >>> -- >>> Joe Kaplan-MS MVP Directory Services Programming >>> Co-author of "The .NET Developer's Guide to Directory Services >>> Programming" >>> http://www.directoryprogramming.net >>> -- >>> "Dmitry Nogin" <dmitryno***@hotmail.com> wrote in message >>> news:e9Lr0EKQHHA.4172@TK2MSFTNGP03.phx.gbl... >>>> Hi, >>>> The following code doesn't work for mapped drives: >>>> >>>> using System; >>>> using System.Text; >>>> using System.Threading; >>>> using System.Security.AccessControl; >>>> using System.Security.Principal; >>>> using System.IO; >>>> >>>> namespace ConsoleApplication1 >>>> { >>>> class Program >>>> { >>>> static void Main(string[] args) >>>> { >>>> FileInfo fi = new FileInfo(@"c:\boot.ini"); >>>> FileSecurity fs = fi.GetAccessControl(); >>>> IdentityReference ir = fs.GetOwner(typeof(NTAccount)); >>>> Console.WriteLine(ir.Value); >>>> } >>>> } >>>> } >>>> >>>> What should I do to make it work for mapped drives or UNC (like >>>> \\10.0.61.22\c$\boot.ini)? >>>> >>>> (Windows XP network; logged on using domain administrator account) >>>> >>>> Thanks >>>> >>> >>> >> >> > > I honestly don't know. It is a generally good idea to trap the exception
returned when trying to convert between a SID and NTAccount though, as that can fail unexpected for a variety of reasons. Sometimes you can only ever get the original SID. Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- "Dmitry Nogin" <dmitryno***@hotmail.com> wrote in message news:e$MVn6RRHHA.1036@TK2MSFTNGP03.phx.gbl... >I checked all the possible situations: > BULTIN\Administrator > MYDOMAIN\Administrator > etc... > > Sometimes it works, sometimes - no. I couldn't find any dependancy on the > origin of the account. > > > "Joe Kaplan" <joseph.e.kap***@removethis.accenture.com> wrote in message > news:ugxNDI8QHHA.1364@TK2MSFTNGP06.phx.gbl... >> If the SID is local to the machine that it is coming from, then that >> might explain it. The current machine may have no way to determine who >> that user is. I can't explain why Windows explorer would be able to do >> it as they should be using the same APIs, but sometimes things aren't >> that obvious. >> >> What is the SID in this case? Does it belong to a specific local machine >> user? >> >> Joe K. >> >> -- >> Joe Kaplan-MS MVP Directory Services Programming >> Co-author of "The .NET Developer's Guide to Directory Services >> Programming" >> http://www.directoryprogramming.net >> -- >> "Dmitry Nogin" <dmitryno***@hotmail.com> wrote in message >> news:%23io%23iH5QHHA.488@TK2MSFTNGP06.phx.gbl... >>> Yes, the problem is about SID translation. I can acquire SID but >>> translation into an NTAccount fails. >>> >>> BTW, I can see actual value in Windows Explorer. >>> >>> >>> "Joe Kaplan" <joseph.e.kap***@removethis.accenture.com> wrote in message >>> news:uRGy8LaQHHA.4476@TK2MSFTNGP05.phx.gbl... >>>> I'm not sure what the problem is, but can you explain more about what >>>> doesn't work? Does it crash? Can you not access the security >>>> descriptor? Can you just not access the owner or does the translation >>>> of the SID into an NTAccount fail? >>>> >>>> Joe K. >>>> >>>> -- >>>> Joe Kaplan-MS MVP Directory Services Programming >>>> Co-author of "The .NET Developer's Guide to Directory Services >>>> Programming" >>>> http://www.directoryprogramming.net >>>> -- >>>> "Dmitry Nogin" <dmitryno***@hotmail.com> wrote in message >>>> news:e9Lr0EKQHHA.4172@TK2MSFTNGP03.phx.gbl... >>>>> Hi, >>>>> The following code doesn't work for mapped drives: >>>>> >>>>> using System; >>>>> using System.Text; >>>>> using System.Threading; >>>>> using System.Security.AccessControl; >>>>> using System.Security.Principal; >>>>> using System.IO; >>>>> >>>>> namespace ConsoleApplication1 >>>>> { >>>>> class Program >>>>> { >>>>> static void Main(string[] args) >>>>> { >>>>> FileInfo fi = new FileInfo(@"c:\boot.ini"); >>>>> FileSecurity fs = fi.GetAccessControl(); >>>>> IdentityReference ir = fs.GetOwner(typeof(NTAccount)); >>>>> Console.WriteLine(ir.Value); >>>>> } >>>>> } >>>>> } >>>>> >>>>> What should I do to make it work for mapped drives or UNC (like >>>>> \\10.0.61.22\c$\boot.ini)? >>>>> >>>>> (Windows XP network; logged on using domain administrator account) >>>>> >>>>> Thanks >>>>> >>>> >>>> >>> >>> >> >> > > 
Other interesting topics
How do I convert sid retrieved from the AD to SDDL string format?
DECRYPT with PUBLIC key (how to?) Is my SID's octet string correct? I can't find AD object with it. How to create MachineKey Who can see what I am doing on line SignedXml How to determine process security level? Code Sign fails "CS1548: Cryptographic failure while ... access de security exception *strongnameidentity*asp.net so i guess i need a new product key so where do i go?????????? |
|||||||||||||||||||||||
