I have a server that I'm setting up over a named pipe. It works fine for administrators of the domain, but when I test the client on a normal user, it gives the exception "Access to path is denied". So here is what I'm trying to set the permissions to give access to all authenticated users in the domain. What am I doing wrong here?
我有一个服务器,我正在设置命名管道。它适用于域的管理员,但是当我在普通用户上测试客户端时,它会给出“拒绝访问路径”的异常。因此,我正在尝试设置权限以授予对域中所有经过身份验证的用户的访问权限。我在这做错了什么?
Server:
NamedPipeServerStream pipeServer = new NamedPipeServerStream("message-generator", PipeDirection.InOut, pipeThreads, PipeTransmissionMode.Message, PipeOptions.None);
PipeSecurity pipeSecurity = pipeServer.GetAccessControl();
pipeSecurity.AddAccessRule(new PipeAccessRule(@"localdomain\Authenticated Users", PipeAccessRights.FullControl, AccessControlType.Allow));
pipeServer.SetAccessControl(pipeSecurity);
Client:
NamedPipeClientStream pipeClient = new NamedPipeClientStream("servername", "message-generator", PipeDirection.InOut, PipeOptions.None, TokenImpersonationLevel.Impersonation))
The servername and domain are obviously different, but on the server when it gets to the pipeServer.SetAccessControl function it gives me the exception "UnauthorizedAccessException".
服务器名称和域明显不同,但是当它到达pipeServer.SetAccessControl函数时,它在服务器上给出了异常“UnauthorizedAccessException”。
Any help is greatly appreciated
任何帮助是极大的赞赏
1 个解决方案
#1
You need to use the ctor for NamedPipeServerStream which allows you to specify the desired access rights on the pipe handle:
您需要为NamedPipeServerStream使用ctor,它允许您在管道句柄上指定所需的访问权限:
public NamedPipeServerStream(
string pipeName,
PipeDirection direction,
int maxNumberOfServerInstances,
PipeTransmissionMode transmissionMode,
PipeOptions options,
int inBufferSize,
int outBufferSize,
PipeSecurity pipeSecurity,
HandleInheritability inheritability,
PipeAccessRights additionalAccessRights
)
When you call it, you need to ask for PipeAccessRights.ChangePermissions in the last argument. Then SetAccessControl should succeed.
调用它时,需要在最后一个参数中请求PipeAccessRights.ChangePermissions。然后SetAccessControl应该成功。
See my blog http://blogs.charteris.com/blogs/chrisdi/archive/2009/12/04/exploring-the-wcf-named-pipe-binding-part-4.aspx for an example.
有关示例,请参阅我的博客http://blogs.charteris.com/blogs/chrisdi/archive/2009/12/04/exploring-the-wcf-named-pipe-binding-part-4.aspx。
#1
You need to use the ctor for NamedPipeServerStream which allows you to specify the desired access rights on the pipe handle:
您需要为NamedPipeServerStream使用ctor,它允许您在管道句柄上指定所需的访问权限:
public NamedPipeServerStream(
string pipeName,
PipeDirection direction,
int maxNumberOfServerInstances,
PipeTransmissionMode transmissionMode,
PipeOptions options,
int inBufferSize,
int outBufferSize,
PipeSecurity pipeSecurity,
HandleInheritability inheritability,
PipeAccessRights additionalAccessRights
)
When you call it, you need to ask for PipeAccessRights.ChangePermissions in the last argument. Then SetAccessControl should succeed.
调用它时,需要在最后一个参数中请求PipeAccessRights.ChangePermissions。然后SetAccessControl应该成功。
See my blog http://blogs.charteris.com/blogs/chrisdi/archive/2009/12/04/exploring-the-wcf-named-pipe-binding-part-4.aspx for an example.
有关示例,请参阅我的博客http://blogs.charteris.com/blogs/chrisdi/archive/2009/12/04/exploring-the-wcf-named-pipe-binding-part-4.aspx。