Share via

Net use per user ?

Anonymous
2017-04-18T15:41:22+00:00

My main issue is, running this C# line of code Console.WriteLine(Properties.Settings.Default.GreetingText); throws this exception : 

System.ArgumentException: The parameter is incorrect. (Exception from HRESULT: 0x80070057 (E_INVALIDARG))

   at System.Security.Policy.PEFileEvidenceFactory.GetLocationEvidence(SafePEFileHandle peFile, SecurityZone& zone, StringHandleOnStack retUrl).

When the process using that line of code is started with user "A" from a mapped drive created by user "SYSTEM".

Note that the mapped drive created by SYSTEM is showing an X (disconnected) in explorer, but is still accessible by all users. This shows most probably that what I am trying to do is not supported by Microsoft. I was running several processes (C# or Native) without any problem until we used that particular process with that C# line of code. We tried to remove the line of code, but other C# line of codes are causing a similar problem.

I was looking into changing how the "net use" is created to use a supported way, but my research led to think that net use is PER USER ... but with the exception of SYSTEM user.

If I could create a S: mapped drive with SYSTEM and the same mapped drive S: with the logged in user, this would solve my problem, but its apparently impossible since the S: drive is seen in some way by the logged user even if doing "NET USE" doesn't show the S: drive.

Is it possible to run this C# code on a mapped drive by SYSTEM user ?

How can this problem be solved without having to define another letter ? Having to support 2 drive letter would have a huge impact on the scripts running all the processes because some are running SYSTEM, others are running as the logged user.

Windows for home | Previous Windows versions | Files, folders, and storage

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

6 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2017-04-18T21:32:06+00:00

    Can you put the link to the TechNet forum ?

    This would be a good start: https://technet.microsoft.com/en-gb/ms772425

    Was this answer helpful?

    0 comments
  2. Anonymous
    2017-04-18T21:03:02+00:00

    My experience in this area is limited (which is why you might want to post your question in a TechNet forum) but to my knowledge you need to use a service that runs under a specific account when accessing shared resources independently from the active account. This would mean that your process runs in a completely defined account context

    -> This would mean a major change in the way of accessing the files. I dont think we can go there. Can you put the link to the TechNet forum ?

    Here is the slightly condensed output from your command sequence. Please note the bolded section. I actually wonder what the purpose of the exercise is, seeing that the share is mapped to the local PC.

    -> Mapping with another PC or mapping with the local PC will result in the same problem I have in the end. So I am reducing the complexity of the problem. You are pretty close to reproducing the problem I am getting.

    From there, you can notice that in explorer, you see an "Disconnected Network Drive S:" with a big red X. But like me, you noticed that its usable by doing the "DIR" command. I was able to use that drive by loading processes from that mapped drive for a while without any problems. Still, this is odd when the documentation says that NET USE command is per USER. How come we can use the mapped drive by SYSTEM with a named USER account ?

    While searching for my problem, I found this post https://www.visualcron.com/forum.aspx?g=posts&t=3147. From there, there is a TestProcess.zip that can be downloaded (search for File Attachment) with all the code. If you run the TestProcess.exe from the S: drive you just created with your USER account, it will fail with the mentioned exception in my first post. If you run "psexec -s cmd.exe" and run the same process from the S: drive from the SYSTEM account, it will succeed. Its the simple line  Console.WriteLine(Properties.Settings.Default.GreetingText);  that throws the exception.

    Was this answer helpful?

    0 comments
  3. Anonymous
    2017-04-18T20:02:53+00:00

    *We are using a several PCs with one master that shares a product. The client nodes gets the product from the mapped drive.*Some of the PCs are not logged in and others are logged in.

    -> My experience in this area is limited (which is why you might want to post your question in a TechNet forum) but to my knowledge you need to use a service that runs under a specific account when accessing shared resources independently from the active account. This would mean that your process runs in a completely defined account context.

    Run the following commands to notice that you can't create a SYSTEM mapped drive and a USER mapped drive with the same letter.

    -> Here is the slightly condensed output from your command sequence. Please note the bolded section. I actually wonder what the purpose of the exercise is, seeing that the share is mapped to the local PC.

    c:>psexec -s cmd

    Microsoft Windows [Version 10.0.14393]

    C:\WINDOWS\system32>net use s: \127.0.0.1\DriveE

    The command completed successfully.

    C:\WINDOWS\system32>exit

    cmd exited on SPRING with error code 0.

    c:>net use

    New connections will not be remembered.

    There are no entries in the list.

    c:>dir s:

    Volume in drive S is Drivers

    Volume Serial Number is ECFB-9CF0

    *Directory of S:*

    22.11.2016  23:44    <DIR>          $RECYCLE.BIN

    13.11.2016  13:25    <DIR>          Backup

    17.01.2017  12:02    <DIR>          Drivers

    Was this answer helpful?

    0 comments
  4. Anonymous
    2017-04-18T19:29:42+00:00

    We are using a several PCs with one master that shares a product. The client nodes gets the product from the mapped drive. Some of the PCs are not logged in and others are logged in. So, most of the processes are running SYSTEM account to be able to run on the not logged client nodes. The only processes running under the user account are the ones that have a GUIs. 

    "Why not use an account that you create specifically for your C# session?"

    The C# process is running with the USER that is logged in because its a GUI that need to be shown. We would like that process to start from a mapped drive done by SYSTEM (at boot time) or if possible on a mapped drive done by USER (at log on time) ... but with the same letter.

    It's apparently impossible since the S: drive is seen in some way by the logged user even if doing "NET USE" doesn't show the S: drive.

    "What makes you think so?"

    Run the following commands to notice that you can't create a SYSTEM mapped drive and a USER mapped drive with the same letter.

    1. psexec -s cmd.exe (from Systernals and from an admin account)
    2. net use S: \127.0.0.1&lt;localshare> (Creating a mapped drive with SYSTEM user)
    3. net use (will show the S: drive mapped)
    4. exit (exit from the session with system)
    5. net use (wont show the S: drive mapped from the SYSTEM user)
    6. net use S: \127.0.0.1&lt;localshare>(this will fail with "The local device name is already in use.")

    Doing the same commands with 2 different users other than SYSTEM will work.

    Was this answer helpful?

    0 comments
  5. Anonymous
    2017-04-18T18:00:06+00:00

    I was looking into changing how the "net use" is created to use a supported way, but my research led to think that net use is PER USER.

    -> AFAIK you do need a user account when accessing a networked resource. The System account is not acceptable. Why not use an account that you create specifically for your C# session?

    It's apparently impossible since the S: drive is seen in some way by the logged user even if doing "NET USE" doesn't show the S: drive.

    ->What makes you think so?

    Was this answer helpful?

    0 comments