|
dev
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Windows service Unable to access mapped drives on XP and 2003 BoxeI have written a Windows Service which enumerates the files in a directory.
I am trying the enumerate the files of a mapped drive.It works fine on a windows 2000 Box.But the same ,does'nt work on a xp or a 2003 machine. Any Ideas why it would do that??? Thanks MVB Bear in mind that LocalSystem do not have network access. Make your service
run for a specific account. Then make sure that this account is trusted on the machines where your shares are located and the latter have proper ACLs. For workstations local accounts (peer-to-peer not using a domain account) basically that means having the same username AND PASSWORD on each machine ; in domain it is a bit easier. /LM Show quote "MVB" <M**@discussions.microsoft.com> wrote in message news:3AC2DB37-158C-4C76-825E-66C389E11E9A@microsoft.com... >I have written a Windows Service which enumerates the files in a directory. > I am trying the enumerate the files of a mapped drive.It works fine on a > windows 2000 Box.But the same ,does'nt work on a xp or a 2003 machine. > Any Ideas why it would do that??? > > Thanks > MVB > > "Luc E. Mistiaen" <luc.mistiaen@advalvas.be.no.spam> wrote in message Luc,news:OKGLi%23LaFHA.1940@TK2MSFTNGP10.phx.gbl... > Bear in mind that LocalSystem do not have network access. Make your > service run for a specific account. Then make sure that this account is > trusted on the machines where your shares are located and the latter have > proper ACLs. For workstations local accounts (peer-to-peer not using a > domain account) basically that means having the same username AND PASSWORD > on each machine ; in domain it is a bit easier. > > /LM > Bear in mind that not all services run as LocalSystem (it's even suggested no to do so), services that run as "Network Service" or "Local Service" do have network access. When used in a Kerberos realm these services can access remote resources as they use the machine account (DOMAIN\MACHINE$) to authenticate on the network so it's a simple matter to add this account to the ACL's for the resource (any) on the resource server. Willy. Yes I know that, I just wanted to draw the attention of MVB on points that
could make its service fail to access network shares. There wasn't enough information to tell what's what really going on and I presented one common problem: you install your first service without too much thinking and it ends up by default as LocalSystem. /LM Show quote "Willy Denoyette [MVP]" <willy.denoye***@telenet.be> wrote in message news:%23WNFubUaFHA.464@TK2MSFTNGP15.phx.gbl... > Luc, > > Bear in mind that not all services run as LocalSystem (it's even suggested > no to do so), services that run as "Network Service" or "Local Service" do > have network access. When used in a Kerberos realm these services can > access remote resources as they use the machine account (DOMAIN\MACHINE$) > to authenticate on the network so it's a simple matter to add this account > to the ACL's for the resource (any) on the resource server. > > Willy. > > But My service is not running on the LocalSystem.It runs under a user account
with the Domain\Administrator credentials.And the mapped drives can be accessed on a windows 2000 box using the same service.But has problems with XP and 2003. Is this information sufficient? Thanks Show quote "Luc E. Mistiaen" wrote: > Yes I know that, I just wanted to draw the attention of MVB on points that > could make its service fail to access network shares. There wasn't enough > information to tell what's what really going on and I presented one common > problem: you install your first service without too much thinking and it > ends up by default as LocalSystem. > > /LM > "Willy Denoyette [MVP]" <willy.denoye***@telenet.be> wrote in message > news:%23WNFubUaFHA.464@TK2MSFTNGP15.phx.gbl... > > Luc, > > > > Bear in mind that not all services run as LocalSystem (it's even suggested > > no to do so), services that run as "Network Service" or "Local Service" do > > have network access. When used in a Kerberos realm these services can > > access remote resources as they use the machine account (DOMAIN\MACHINE$) > > to authenticate on the network so it's a simple matter to add this account > > to the ACL's for the resource (any) on the resource server. > > > > Willy. > > > > > > > "MVB" <M**@discussions.microsoft.com> wrote in message How exactly did you "mapped the drive", was the mapping done from within news:0ED2551D-AE3E-49B2-BBD1-6BAA8839B339@microsoft.com... > But My service is not running on the LocalSystem.It runs under a user > account > with the Domain\Administrator credentials.And the mapped drives can be > accessed on a windows 2000 box using the same service.But has problems > with > XP and 2003. > Is this information sufficient? > > Thanks > the service code, or by any other means? Willy. Note: You should never use mapped drives, use UNC paths instead. The mapping is not done from within the service.I have mapped the drives
using windows Explorer "Map Network Drives". Thanks Show quote "Willy Denoyette [MVP]" wrote: > > "MVB" <M**@discussions.microsoft.com> wrote in message > news:0ED2551D-AE3E-49B2-BBD1-6BAA8839B339@microsoft.com... > > But My service is not running on the LocalSystem.It runs under a user > > account > > with the Domain\Administrator credentials.And the mapped drives can be > > accessed on a windows 2000 box using the same service.But has problems > > with > > XP and 2003. > > Is this information sufficient? > > > > Thanks > > > > > How exactly did you "mapped the drive", was the mapping done from within > the service code, or by any other means? > > Willy. > > Note: You should never use mapped drives, use UNC paths instead. > > > Well that explain it all.
Share mappings are login session bound, that means that if you map a shared drive in a Logon session of an interactive user, this mapped drive will not be usable from within another Logon session (your service login session) EVEN if the service account is the SAME as the interactive Logon. One possible solution is to map the drive from within the service (using PInvoke). Another option is to run the service using a local account that has a shadow on the remote server (that is an account with the same name and password on both servers). And the third is to use UNC paths, you remark about "the client wants... "is not really valid, what the client wants is a backup right? Willy. Show quote "MVB" <M**@discussions.microsoft.com> wrote in message news:EE5FF0C1-4281-4F1C-8701-7FF68528D948@microsoft.com... > The mapping is not done from within the service.I have mapped the drives > using windows Explorer "Map Network Drives". > > Thanks > > > "Willy Denoyette [MVP]" wrote: > >> >> "MVB" <M**@discussions.microsoft.com> wrote in message >> news:0ED2551D-AE3E-49B2-BBD1-6BAA8839B339@microsoft.com... >> > But My service is not running on the LocalSystem.It runs under a user >> > account >> > with the Domain\Administrator credentials.And the mapped drives can be >> > accessed on a windows 2000 box using the same service.But has problems >> > with >> > XP and 2003. >> > Is this information sufficient? >> > >> > Thanks >> > >> >> >> How exactly did you "mapped the drive", was the mapping done from within >> the service code, or by any other means? >> >> Willy. >> >> Note: You should never use mapped drives, use UNC paths instead. >> >> >> I agree to what ur saying.
But I was just wondering why does it work on windows 2000 and not on windows 2003. Show quote "Willy Denoyette [MVP]" wrote: > Well that explain it all. > Share mappings are login session bound, that means that if you map a shared > drive in a Logon session of an interactive user, this mapped drive will not > be usable from within another Logon session (your service login session) > EVEN if the service account is the SAME as the interactive Logon. One > possible solution is to map the drive from within the service (using > PInvoke). Another option is to run the service using a local account that > has a shadow on the remote server (that is an account with the same name and > password on both servers). And the third is to use UNC paths, you remark > about "the client wants... "is not really valid, what the client wants is a > backup right? > > > Willy. > > > "MVB" <M**@discussions.microsoft.com> wrote in message > news:EE5FF0C1-4281-4F1C-8701-7FF68528D948@microsoft.com... > > The mapping is not done from within the service.I have mapped the drives > > using windows Explorer "Map Network Drives". > > > > Thanks > > > > > > "Willy Denoyette [MVP]" wrote: > > > >> > >> "MVB" <M**@discussions.microsoft.com> wrote in message > >> news:0ED2551D-AE3E-49B2-BBD1-6BAA8839B339@microsoft.com... > >> > But My service is not running on the LocalSystem.It runs under a user > >> > account > >> > with the Domain\Administrator credentials.And the mapped drives can be > >> > accessed on a windows 2000 box using the same service.But has problems > >> > with > >> > XP and 2003. > >> > Is this information sufficient? > >> > > >> > Thanks > >> > > >> > >> > >> How exactly did you "mapped the drive", was the mapping done from within > >> the service code, or by any other means? > >> > >> Willy. > >> > >> Note: You should never use mapped drives, use UNC paths instead. > >> > >> > >> > > > "MVB" <M**@discussions.microsoft.com> wrote in message Should not work on W2K as well. Are you sure you are using the same domain news:F88FF541-7AFA-42DA-8341-388479FBC38D@microsoft.com... >I agree to what ur saying. > > But I was just wondering why does it work on windows 2000 and not on > windows > 2003. > account or at leats a domain account. Turn on logon auditing (success and failure) on the W2K server and check the eventlog (security log) to see which user account gets used to authenticate. Willy. I am developing a backup application.And our client wants to backup a Mapped
drive.Thats the reason i am usinf Mapped drives. Show quote "Willy Denoyette [MVP]" wrote: > > "MVB" <M**@discussions.microsoft.com> wrote in message > news:0ED2551D-AE3E-49B2-BBD1-6BAA8839B339@microsoft.com... > > But My service is not running on the LocalSystem.It runs under a user > > account > > with the Domain\Administrator credentials.And the mapped drives can be > > accessed on a windows 2000 box using the same service.But has problems > > with > > XP and 2003. > > Is this information sufficient? > > > > Thanks > > > > > How exactly did you "mapped the drive", was the mapping done from within > the service code, or by any other means? > > Willy. > > Note: You should never use mapped drives, use UNC paths instead. > > >  |
|||||||||||||||||||||||
Other interesting topics