Connect to a file server

Plateforme Level Extreme

Abonnement

Profil corporatif

Produits & Services

Support

Légal

English

Connect to a file server

Message

16/06/2007 08:58:15

Hilmar Zonneveld
Independent Consultant
Cochabamba, Bolivie

15/06/2007 22:34:59

Ivan George Borges
Offisys Informatica
São Paulo, Brésil

Information générale

Forum:

Visual FoxPro

Catégorie:

Codage, syntaxe et commandes

Titre:

Re: Connect to a file server

Versions des environnements

Visual FoxPro:

VFP 9

OS:

Windows XP

Divers

Thread ID:

01233350

Message ID:

01233721

Vues:

Thanks; I'll tell my client about this.

>Got it.
>
>If you feel like it, I extracted this from the wikis:
>
>-------------------------
>
>>Problem: how to limit access to database files only to designated FoxPro application?
>>
>>Please follow this link:
>>http://fox.wikis.com/wc.dll?Wiki~RunAsAnotherUser
>>
>>Thanks!
>
>>Problem: how to limit access to database files only to designated FoxPro application?
>>
>>Please follow this link:
>>http://fox.wikis.com/wc.dll?Wiki~RunAsAnotherUser
>>
>>Thanks!
>
>We had done this for testing some time ago, and it worked pretty well AFAWK, but without using run as, just doing the impersonation directly from within foxpro code.
>
>
>
>* If the table "Products" is in a protected folder, for example and the user "ProdAdmin" has rights to the folder, then:
>

>if Impersonate("ProdAdmin", "ProdPassword")
>   * I use a mapped drive just as an example, of course it is not needed or desireble
>   USE X:\ProductFolder\Products
>endif
>* Do some process
>
>EndImpersonate()
>
>
>FUNCTION Impersonate(UserName As String, UserPassword As String) As Boolean
>   LOCAL nToken, loNet
>   Declare Integer LogonUser IN advapi32 ;
>   	String lpszUsername, ;
>   	String lpszDomain, ;
>   	String lpszPassword, ;
>   	Integer dwLogonType, ;
>   	Integer dwLogonProvider, ;
>   	Long @phToken
>
>   Declare Integer ImpersonateLoggedOnUser IN WIN32API Long ptr
>
>   Declare RevertToSelf IN ADVAPI32
>
>   nToken	= 0
>   loNET		= CREATEOBJECT('wscript.Network')
>   IF LogonUser(UserName, loNET.UserDomain, UserPassword, 2, 0, @nToken) > 0
>      IF ImpersonateLoggedOnUser(nToken) > 0
>         CLEAR DLLS
>         loNet.MapNetworkDrive('X:', '\\skyapps\apps') && Map all network drives is necessary
>         RETURN .t.
>      ENDIF
>   ENDIF
>   CLEAR DLLS
>   RETURN .F.
>ENDFUNC
>
>FUNCTION EndImpersonate() As Boolean
>   Declare RevertToSelf IN ADVAPI32
>   RevertToSelf()
>   CLEAR DLLS
>ENDFUNC
>

>
>Now the code between Impersonate() and EndImpersonate() would have the rights of the user passed as parameter. Note that this can be dangerous, for example if you open explorer while impersonating (within the program, for the impersonation is just scoped to the vfp session), the user would have all rights of the impersonated user.
>
>-------------------------------

Difference in opinions hath cost many millions of lives: for instance, whether flesh be bread, or bread be flesh; whether whistling be a vice or a virtue; whether it be better to kiss a post, or throw it into the fire... (from Gulliver's Travels)

Répondre

Fil

Voir

Click here to load this message in the networking platform