0

I have a windows service that needs to periodically impersonate a user to gain access to a network shared drive.

I am able to impersonate the user without issue; however when i try to access the shared drive via code I get the following error:

at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileSystemEnumerableIterator`1.CommonInit()
at System.IO.FileSystemEnumerableIterator`1..ctor(String path, String originalUserPath, String searchPattern, SearchOption searchOption, SearchResultHandler`1 resultHandler, Boolean checkHost)
at System.IO.DirectoryInfo.InternalGetFiles(String searchPattern, SearchOption searchOption)
at System.IO.DirectoryInfo.GetFiles(String searchPattern)

From what i have read this is most likely a permissions issue, but i have yet to find a solution that works. I can log into the server that runs the windows service as the user in question and navigate via explorer directly to the path and from there I can copy, paste and delete files.

I guess I am a bit confused as to how to proceed and any suggestions would be appreciated.

Update The windows service and the user to be impersonated are on the same server (A) the shared network drive is located on a separate server (B). Also this isn't a "run as" scenario as I am not trying to run any files, simply copy from B to A

Jeff Martinez
  • 83
  • 1
  • 9
  • Have a look at [this](http://stackoverflow.com/questions/3700871/connect-to-network-drive-with-user-name-and-password). I think the first answer (WNetUseConnection) would help. – H.G. Sandhagen Dec 20 '16 at 20:44
  • 1
    This behavior is most likely expected assuming you are not using "impersonation" as synonym of "run as". You may want to [edit] your question to clarify where impersonated user is related to your server - make sure to read on [NTLM one hop hell](https://www.bing.com/search?q=NTLM+one+hop+hell) (Bing link, you can use any search engine you like as well as similar search terms "double hop windows" ) – Alexei Levenkov Dec 20 '16 at 20:44
  • Are you sure that impersonated user has relevant access to shared folder in the server B? right click on the folder and check the security tab to see impersonated user has access. – Kurubaran Dec 20 '16 at 21:35
  • By "shared drive" do you mean a mapped drive letter, e..g, `x:\folder\file.txt` or are you using a UNC path, e.g., `\\server\share\folder\file.txt` ? (I'm not sure that mapped drive letters work when impersonating.) Also, are A and B in a domain or standalone? Is the impersonated user a domain account? – Harry Johnston Dec 20 '16 at 22:32
  • @HarryJohnston By "shared drive" I mean UNC path, also both servers and the impersonated user are in the same domain. – Jeff Martinez Dec 21 '16 at 13:12
  • @Kurubaran I will have to triple check the permissions again in the morning, but since i can log into server A as the user in question and navigate to the the folder on Server B and then copy/paste/delete without issue I would think the proper permissions were in place. – Jeff Martinez Dec 21 '16 at 13:14
  • How are you obtaining the impersonation token? Can you post the part of the code that handles impersonation? – Harry Johnston Dec 21 '16 at 22:25
  • One thing to keep in mind that impersonation sometimes doesn't work while debugging. Try running the compiled .exe directly to see if that changes it. – Sal Feb 03 '20 at 17:19

0 Answers0