Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
707 views
in Technique[技术] by (71.8m points)

c# - How do I pass credentials to a machine so I can use Microsoft.Win32.RegistryKey.OpenRemoteBaseKey() on it?

This .NET API works OK if I'm trying to open the Registry in a machine that's in the same domain as I am (and my logged-on user has admin rights on the target machine).

It gets tricky if it's an out-of-domain machine with a different, local administrative user (of whom I do have the password).

I tried to use WNetUseConnection() (which has served me well in the past in situations where what I wanted was to read a remote disk file) prior to calling OpenRemoteBaseKey(), but no dice -- I get an access denied exception.

Clearly, I must pass credentials some other way, but how?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

What I've used successfully to access files on a computer is the following code:

    #region imports 
        [DllImport("advapi32.dll", SetLastError = true)] 
        private static extern bool LogonUser(string 
        lpszUsername, string lpszDomain, string lpszPassword, 
        int dwLogonType, int dwLogonProvider, ref 
IntPtr phToken); 


        [DllImport("kernel32.dll", CharSet = CharSet.Auto, 
        SetLastError = true)] 
        private static extern bool CloseHandle(IntPtr handle 
        ); 

        [DllImport("advapi32.dll", CharSet = CharSet.Auto, 
        SetLastError = true)] 
        public extern static bool DuplicateToken(IntPtr 
        existingTokenHandle, 
        int SECURITY_IMPERSONATION_LEVEL, ref IntPtr 
        duplicateTokenHandle); 
        #endregion 
        #region logon consts 
        // logon types 
        const int LOGON32_LOGON_INTERACTIVE = 2; 
        const int LOGON32_LOGON_NETWORK = 3; 
        const int LOGON32_LOGON_NEW_CREDENTIALS = 9; 

        // logon providers 
        const int LOGON32_PROVIDER_DEFAULT = 0; 
        const int LOGON32_PROVIDER_WINNT50 = 3; 
        const int LOGON32_PROVIDER_WINNT40 = 2; 
        const int LOGON32_PROVIDER_WINNT35 = 1; 
        #endregion 

And then for signing in part, just use:

        IntPtr token = IntPtr.Zero; 

        bool isSuccess = LogonUser("username", "domain", "password", 
        LOGON32_LOGON_NEW_CREDENTIALS, 
        LOGON32_PROVIDER_DEFAULT, ref token); 
        using (WindowsImpersonationContext person = new WindowsIdentity(token).Impersonate()) 
        { 
        //do your thing 
         person.Undo(); 
        } 

As you might see, "Undo()" will make that you are no longer signed in as that user. So don't use it before you're done. But don't forget to use it!


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...