|
| Detect current Netware Connection with System Account? |
 |
Tue, 21 Jun 2005 12:21:32 GMT |
I have a NAL object that I need delivered to the workstations and it has
to use "Run as secure System User" for the environment. The issue I'm
running into is as follows.
A client is connected to the Novell environment. The application will
perform a simple check to determine if a live Novell connection is
currently in use basically determining that they did login to the Novell
client. When running the application under the "Unsecure System User"
or "Secure System User" the application fails to detect this properly.
The methods I have tried are as follows.
Test a connection by:
1. check for the map command and if it is available, it has a successful
connection.
2. run "net use" and check for netware services on shared drive
connections.
3. check WMI win32_NetworkConnections and see if netware services has any
netware services "resources connected."
If the application is set to "System User" for the way it runs when
launched it does not return any values for the above test because it runs
in the system namespace and not the actual user that has the connections.
I have tested this by changing the application to normal mode where it
runs in the user's namespace where everything works fine; but once it is
switched back to system user, the values cannot be found by the system
account.
Are there any changes in the registry that may occur that I can check
with the system account for a current Netware connection? I checked for
processes that may appear when a connection is established but all of the
novell client services are enabled whether a connetion is made or not. I
can't rely on NAL to determine a true connetion because some areas do not
run NAL but may need the application delivered via "sneakernet" and it
still needs to run successfully. The reason the application needs to run
in the system namespace is because of some of the functions it must
|
| Post Reply
|
| Re: Detect current Netware Connection with System Account? |
 |
Tue, 21 Jun 2005 16:13:15 GMT |
wfiel36849@ev1.net wrote:
> I have a NAL object that I need delivered to the workstations and it has
> to use "Run as secure System User" for the environment. The issue
I'm
> running into is as follows.
>
> A client is connected to the Novell environment. The application will
> perform a simple check to determine if a live Novell connection is
> currently in use basically determining that they did login to the Novell
> client. When running the application under the "Unsecure System
User"
> or "Secure System User" the application fails to detect this
properly.
> The methods I have tried are as follows.
>
> Test a connection by:
>
> 1. check for the map command and if it is available, it has a successful
> connection.
> 2. run "net use" and check for netware services on shared drive
> connections.
> 3. check WMI win32_NetworkConnections and see if netware services has any
> netware services "resources connected."
>
> If the application is set to "System User" for the way it runs
when
> launched it does not return any values for the above test because it runs
> in the system namespace and not the actual user that has the connections.
> I have tested this by changing the application to normal mode where it
> runs in the user's namespace where everything works fine; but once it is
> switched back to system user, the values cannot be found by the system
> account.
>
> Are there any changes in the registry that may occur that I can check
> with the system account for a current Netware connection? I checked for
> processes that may appear when a connection is established but all of the
> novell client services are enabled whether a connetion is made or not. I
> can't rely on NAL to determine a true connetion because some areas do not
> run NAL but may need the application delivered via "sneakernet"
and it
> still needs to run successfully. The reason the application needs to run
> in the system namespace is because of some of the functions it must
> perform when executed.
I believe this is a feature of the security model on Windows. Running
any application as another user (including system users) excludes that
application from access to the state of any other logged-in user,
including the user that spawned the process. IOW, there is no NetWare
connection for the process runs as the system user - even though there
is a NetWare connection for the user that spawned the process. The only
way I can see you working around this is either to run your process as
two pieces, one as the real user and one as the system user and use some
simple IPC between them; or find a way to not require the NetWare user;
or change your implementation to work as the actual user. I sense how
|
| Post Reply
|
|
|
|
|
|
|
|
|
|