Hi!
Does anyone know how to open a file, or directory with specific account credentials without using WNetAddConnection2? Maybe by creating some kind of connection to the directory (similar to WNetAddConnection2)?
Here's some background to the problem if it will help:
In a nutshell; i'm writing a program that will alow a user to view documents that he/she wouldn't otherwise be able to view, browse to, amend, or copy.
The program allows a 'standard' user to access files in a location that the user account doesn't allow access to. This location is on a file server in a domain. I've created a special domain user account that has access to the location on the fileserver, but it can't be allowed access to anywhere else.
I've had loads of problems due to the fact that files need to be copied back and forth between the users pc and the location on the file server. Also some of the files might be word documents, meaning that the program will get word to load the document, but will also need to call word later on (using automation). I've tried these methods:
1) CreateProcessWithLogon - works ok, but one problem is that I then can't call word because it's running in another user's security context.
2) LogonUser + ImpersonateLoggedOnUser - works better than CreateProcessWithLogon because i can still call Word and I've managed to pass the user credentials to word to setup impersonation before opening the document. If i need to copy files between the local pc and the network location I've got problems though; the standard user can't copy because can't access the network location and the special account can't copy because can't access the local file system!!
3) WNetAddConnection2 - would work fine if the users session didn't already have connections (i.e. mapped drives) to shares on the same fileserver. this will always be the case and is a problem because you can't have more than one connection to the same network device using different credentials!?!?
If anyone has any suggestions I'd really appreciate the help!!
Thanks in advance.
Does anyone know how to open a file, or directory with specific account credentials without using WNetAddConnection2? Maybe by creating some kind of connection to the directory (similar to WNetAddConnection2)?
Here's some background to the problem if it will help:
In a nutshell; i'm writing a program that will alow a user to view documents that he/she wouldn't otherwise be able to view, browse to, amend, or copy.
The program allows a 'standard' user to access files in a location that the user account doesn't allow access to. This location is on a file server in a domain. I've created a special domain user account that has access to the location on the fileserver, but it can't be allowed access to anywhere else.
I've had loads of problems due to the fact that files need to be copied back and forth between the users pc and the location on the file server. Also some of the files might be word documents, meaning that the program will get word to load the document, but will also need to call word later on (using automation). I've tried these methods:
1) CreateProcessWithLogon - works ok, but one problem is that I then can't call word because it's running in another user's security context.
2) LogonUser + ImpersonateLoggedOnUser - works better than CreateProcessWithLogon because i can still call Word and I've managed to pass the user credentials to word to setup impersonation before opening the document. If i need to copy files between the local pc and the network location I've got problems though; the standard user can't copy because can't access the network location and the special account can't copy because can't access the local file system!!
3) WNetAddConnection2 - would work fine if the users session didn't already have connections (i.e. mapped drives) to shares on the same fileserver. this will always be the case and is a problem because you can't have more than one connection to the same network device using different credentials!?!?
If anyone has any suggestions I'd really appreciate the help!!
Thanks in advance.
