Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

C# WMI runs an exe on a remote PC that then runs another exe on the same PC that then calls Directory.CreateDirectory on a network path and fails

Tags:

c#

windows

wmi

directory-permissions

Using C# WMI I start an exe on another computer and this exe starts another exe using the C# Process class. The last exe tries to call Directory.CreateDirectory using a network path (aka \\\\comp1\d$\dir\). Directory.CreateDirectory throws this exception:

Access to the path '\\\\blah\blah\blah' is denied.   at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   at System.IO.Directory.InternalCreateDirectory(String fullPath, String path, DirectorySecurity dirSecurity)
   at System.IO.Directory.CreateDirectory(String path, DirectorySecurity directorySecurity)

If I run the third exe directly in a console on the computer it exists on this exception isn't thrown and everything works fine.

The security settings for the folder where the directory is being created has "Everyone" given full permissions.

How do I fix this problem?

like image 986
jestro Avatar asked Feb 18 '10 20:02

jestro

2 Answers

Also be aware that when launching an app via WMI, there is a third layer of rights. For instance, if you invoke a method on an existing WMI object, it may not delegate the callers rights, or even the rights of the host exe, but will have an Empty Principal. This may be happening to you.

Go to Computer Management, and under Services and Applications, right click on the WMI Control node and select Properties. Go to the Security Tab, and then navigate to the correct WMI Namespace (most likely root\CIMV2) and make sure the user you are using has the appropriate rights there as well.

like image 96
Nick Avatar answered Sep 30 '22 21:09

Nick

As Aaron said, windows share security has two components The first is the security of the Share itself. The second is the security on the files and folders in that share.

Both have to allow the create directory access in order for this to work.

You should also know that the EVERYONE group includes domain computer accounts, the built in system account, domain users, guest, and authenticated users.

This means that the first thing you want to do is see what user this is actually running under. If it is running under the machine account AND it is not part of a domain then you will need to give that machine account access to the share and file system.

like image 27
NotMe Avatar answered Sep 30 '22 20:09

NotMe
Sign in to Comment

Related questions

Implementing all portscanning techniques in C# / Creating raw low level packets in C#
Forcing windows to wait for a service to stop when it is shutting down
NHibernate exception collection [..User.Groups] was not processed by flush()
WPF Popup Control - Find X, Y Coordinates
Has anyone tried literate programming for C#, with Lyx and noweb
C# Extension methods on "members"
ASP.NET, C# and Anonymous Types - Iterate through a DataTable while Manually Building an Anonymous Type
C# business objects and collections
Convert Ping application to multithreaded version to increase speed - C#
Where is IQueryable in the .NET Compact Framework?
How Can I assert /verify a Moq Protected Method?
File.Copy() sync or asycn?
Change The Volume in System.Media.SoundPlayer
Using Linq and C#, trying to get two lists from a list of master items grouped by two inner lists
Decouple the screens without magic strings
WCF deserialization of Dictionary where Enum type is key
Is there a refactoring tool that works across solutions files?
Changing tab item of tabcontrol on design view
Using DirectX DLL (C++) from C#
get machine SID (including primary domain controller)

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!