0

So I am having issues with the "net use" command in C#. Basically, I am using the code written here. The code works great, however I have multiple ids that need to be used sequentially. Unfortunately, when trying to connect to another ID, the connection remains in "net use " in Windows, so this exception is thrown:

Win32Exception: Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed.

Now to me, the obvious thing would be to execute the command prompt programmatically to delete the connection when I am done using it. Here is the code that I am running to delete the connection:

System.Diagnostics.Process process = new System.Diagnostics.Process();
System.Diagnostics.ProcessStartInfo startInfo = new System.Diagnostics.ProcessStartInfo();
startInfo.WindowStyle = System.Diagnostics.ProcessWindowStyle.Normal;
startInfo.FileName = "cmd.exe";
startInfo.Arguments = "/K net use delete \\IPAddrofserver";
process.StartInfo = startInfo;
process.Start();

I only use /k so I can see if the command works. After this code executes, it says "The network connection cannot be found." However, if I manually open the start menu, and type net use, I can see and delete the connection. I think this may be related to the fact that when running the command prompt programmatically, I notice its being given administrative privilege as opposed to running it under my user token, but I cannot be sure. Any help regarding this would be greatly appreciated.

EDIT: Adding in the command prompt deletion code during the WnetCancelConnection2 actually operates correctly, and deletes the connection from net use. However, checking net use manually outside of the program reveals that the history of the connection still exists and is open. Whoami command reveals the same user. Any reason why there is a discrepancy between what happens programmatically and what happens when I check manually?

Community
  • 1
  • 1
user2044754
  • 63
  • 1
  • 1
  • 10

1 Answers1

0

You probably need to start your process with elevated privileges. See the accepted answer here for how to do this. You could also choose to call the relevant Windows API directly, to avoid spawning other processes and dealing with those complications.

Community
  • 1
  • 1
jlew
  • 10,491
  • 1
  • 35
  • 58
  • The weird thing is that I think I might actually need reduced permissions. Logging in as a user and running net use, I am able to see the connection that needs to be deleted. This process just runs as cmd.exe. But using the above code, it runs as cmd.exe (Administrator) and is not able to view the connection. Wouldn't this mean the cmd prompt is running as an administrative process already? – user2044754 Mar 20 '15 at 14:17
  • Two things: 1. Running as an administrator is not the same thing as running with elevated privileges. Running with elevated privileges requires UAC acknowledgement (or code-signing, as discussed in the linked answers) and allows the user to exercise the administrative privileges that they have. 2. Are your parent and child processes running as two different users? If so, I'm not surprised they can't see each others' network connection tokens. – jlew Mar 20 '15 at 14:20
  • 1. UAC elevation will not be possible with the constraints around the solution given to me 2. Parent and child processes are the same user. I checked by using the "whoami" command in each cmd window, returned same answer. To me it seems strange that the program can start a connection, but then can't delete it. Is there not a more natural way to go about this? – user2044754 Mar 20 '15 at 14:29
  • How about not using "net use" and going directly to the API from your service: https://msdn.microsoft.com/en-us/library/windows/desktop/aa385427(v=vs.85).aspx – jlew Mar 20 '15 at 14:34
  • So that makes a lot of sense, and I noticed its actually included in the original library. BTW I appreciate all the help so far: private const int CONNECT_UPDATE_PROFILE = 0x00000001; His disposable is public void Dispose() { this.DisconnectFromShare(this._remoteUncName); } which calls private void DisconnectFromShare(string remoteUnc) { int result = WNetCancelConnection2(remoteUnc, CONNECT_UPDATE_PROFILE, false); if (result != NO_ERROR) { throw new Win32Exception(result); } } – user2044754 Mar 20 '15 at 14:48
  • Sorry to continue the chain, but the comments on the MSDN page appear to have the same issue. It looks like the disconnection is not immediate which is bad for what I need to accomplish. I am doing a bit more research on this but any suggestions? – user2044754 Mar 20 '15 at 14:52
  • I'm not sure I can help any more with that particular API, but maybe if you can describe the overall problem you are solving with the network resource, there would be an alternative. – jlew Mar 20 '15 at 14:55
  • Basically I need to remotely login into a server using user provided credentials. The permissions of this user will be determined by Server B, and they will do some basic file manipulation. Both servers are located within the same intranet infrastructure. However, multiple users will be using Site A, which will have a web frontend through ASP.NET to initiate the file manipulation. This is where this problem arose: I was able to successful remote in and manipulate files,but I was not able to delete the preexisting connection information to allow another user to login. – user2044754 Mar 20 '15 at 14:58
  • Can you not use impersonation in your ASP.NET frontend? – jlew Mar 20 '15 at 15:03
  • I have to impersonate users that belong to the global intranet pool, but are not User accounts actively registered on the server. As I understand, that is delegation and requires elevated permissions from the server itself. I did create a working solution to impersonate those global users, but I was getting permission denied errors on the file manipulation, as opposed to this approach where I can successfully manipulate the files but I am unable to login with more than one set of credentials due to the cache in net use. – user2044754 Mar 20 '15 at 15:07
  • It does require delegation to be turned on in order for the credentials to flow across to the other server. – jlew Mar 20 '15 at 15:35
  • Right, and I don't think I would be able to turn on delegation specifically for my server. I don't have those kind of permissions. But here is an interesting wrinkle: I threw in my cmd prompt code where the connection is supposed to be disconnected by NetworkShareAccessor. And it deleted successfully! However, after the program finishes running, I manually open a command prompt window and type net use, and the connection is still there! How could that be? – user2044754 Mar 20 '15 at 16:08