ASP.NET網絡映射驅動器無權限訪問的解決方案

Windows的網絡驅動器映射能加網絡上的地址映射爲本地磁盤（如Z：盤），可以在資源管理器點“映射網絡驅動器”或者cmd下輸subst命令進行操作；這在許多時候是十分有用的，比如程序要訪問其他廠商的存儲在文件服務器上的圖片、文檔等，這時候通過網絡映射就在程序中就能向本地文件一樣訪問網絡上其他位置的文件，同時一定程序也簡化了編程。

          但在ASP.NET運行在IIS上時，運行的賬戶是NETWORK SERVICE或AUTHENTICATED USERS的權限，這就導致沒有權限訪問映射的驅動器，如下面的代碼將會出現FileNotFound的異常。

1 System.Drawing.Image image = System.Drawing.Image.FromFile("Z://1.jpg");
2 image.Save("c:\\1.jpg");

這個問題在我一年前就遇到過，當時沒有解決，也找了很多網絡上的資料，許多都描述不是太清楚，有建虛擬目錄，有修改組策略的，有用戶模擬的，網絡上跟我一樣求助的人一大把，後來摸索了下，整理下思路就把這個問題解決了。

首先，是需要用戶模擬的，但不代表可以獲取訪問網絡磁盤的權限。（此處的用戶名和密碼是IIS所在機器的用戶名和密碼）

1 <identity impersonate="true" userName="administrator" password="admin"/>

然後，需要調用WNetAddConnection2與網絡資源建立連接，WNetCancelConnection2A斷開連接，WNetAddConnection2的MSDN解釋是：The WNetAddConnection2 function makes a connection to a network resource. The function can redirect a local device to the network resource。網絡上找得一個NetworkConnection封裝類進行P\Invoke調用，貼代碼如下：

 

View Code

  1 public enum ERROR_ID
  2  {
  3      ERROR_SUCCESS = 0,  // Success
  4      ERROR_BUSY = 170,
  5      ERROR_MORE_DATA = 234,
  6      ERROR_NO_BROWSER_SERVERS_FOUND = 6118,
  7      ERROR_INVALID_LEVEL = 124,
  8      ERROR_ACCESS_DENIED = 5,
  9      ERROR_INVALID_PASSWORD = 86,
 10      ERROR_INVALID_PARAMETER = 87,
 11      ERROR_BAD_DEV_TYPE = 66,
 12      ERROR_NOT_ENOUGH_MEMORY = 8,
 13      ERROR_NETWORK_BUSY = 54,
 14      ERROR_BAD_NETPATH = 53,
 15      ERROR_NO_NETWORK = 1222,
 16      ERROR_INVALID_HANDLE_STATE = 1609,
 17      ERROR_EXTENDED_ERROR = 1208,
 18      ERROR_DEVICE_ALREADY_REMEMBERED = 1202,
 19      ERROR_NO_NET_OR_BAD_PATH = 1203
 20  }
 21
 22  public enum RESOURCE_SCOPE
 23  {
 24      RESOURCE_CONNECTED = 1,
 25      RESOURCE_GLOBALNET = 2,
 26      RESOURCE_REMEMBERED = 3,
 27      RESOURCE_RECENT = 4,
 28      RESOURCE_CONTEXT = 5
 29  }
 30
 31  public enum RESOURCE_TYPE
 32  {
 33      RESOURCETYPE_ANY = 0,
 34      RESOURCETYPE_DISK = 1,
 35      RESOURCETYPE_PRINT = 2,
 36      RESOURCETYPE_RESERVED = 8,
 37  }
 38
 39  public enum RESOURCE_USAGE
 40  {
 41      RESOURCEUSAGE_CONNECTABLE = 1,
 42      RESOURCEUSAGE_CONTAINER = 2,
 43      RESOURCEUSAGE_NOLOCALDEVICE = 4,
 44      RESOURCEUSAGE_SIBLING = 8,
 45      RESOURCEUSAGE_ATTACHED = 16,
 46      RESOURCEUSAGE_ALL = (RESOURCEUSAGE_CONNECTABLE | RESOURCEUSAGE_CONTAINER | RESOURCEUSAGE_ATTACHED),
 47  }
 48
 49  public enum RESOURCE_DISPLAYTYPE
 50  {
 51      RESOURCEDISPLAYTYPE_GENERIC = 0,
 52      RESOURCEDISPLAYTYPE_DOMAIN = 1,
 53      RESOURCEDISPLAYTYPE_SERVER = 2,
 54      RESOURCEDISPLAYTYPE_SHARE = 3,
 55      RESOURCEDISPLAYTYPE_FILE = 4,
 56      RESOURCEDISPLAYTYPE_GROUP = 5,
 57      RESOURCEDISPLAYTYPE_NETWORK = 6,
 58      RESOURCEDISPLAYTYPE_ROOT = 7,
 59      RESOURCEDISPLAYTYPE_SHAREADMIN = 8,
 60      RESOURCEDISPLAYTYPE_DIRECTORY = 9,
 61      RESOURCEDISPLAYTYPE_TREE = 10,
 62      RESOURCEDISPLAYTYPE_NDSCONTAINER = 11
 63  }
 64
 65  [StructLayout(LayoutKind.Sequential)]
 66  public struct NETRESOURCE
 67  {
 68      public RESOURCE_SCOPE dwScope;
 69      public RESOURCE_TYPE dwType;
 70      public RESOURCE_DISPLAYTYPE dwDisplayType;
 71      public RESOURCE_USAGE dwUsage;
 72
 73      [MarshalAs(UnmanagedType.LPStr)]
 74      public string lpLocalName;
 75
 76      [MarshalAs(UnmanagedType.LPStr)]
 77      public string lpRemoteName;
 78
 79      [MarshalAs(UnmanagedType.LPStr)]
 80      public string lpComment;
 81
 82      [MarshalAs(UnmanagedType.LPStr)]
 83      public string lpProvider;
 84  }
 85
 86  public class NetworkConnection
 87  {
 88      [DllImport("mpr.dll")]
 89      public static extern int WNetAddConnection2A(NETRESOURCE[] lpNetResource, string lpPassword, string lpUserName, int dwFlags);
 90
 91      [DllImport("mpr.dll")]
 92      public static extern int WNetCancelConnection2A(string sharename, int dwFlags, int fForce);
 93
 94      public static int Connect(string remotePath, string localPath, string username, string password)
 95      {
 96          NETRESOURCE[] share_driver = new NETRESOURCE[1];
 97          share_driver[0].dwScope = RESOURCE_SCOPE.RESOURCE_GLOBALNET;
 98          share_driver[0].dwType = RESOURCE_TYPE.RESOURCETYPE_DISK;
 99          share_driver[0].dwDisplayType = RESOURCE_DISPLAYTYPE.RESOURCEDISPLAYTYPE_SHARE;
100          share_driver[0].dwUsage = RESOURCE_USAGE.RESOURCEUSAGE_CONNECTABLE;
101          share_driver[0].lpLocalName = localPath;
102          share_driver[0].lpRemoteName = remotePath;
103
104          Disconnect(localPath);
105          int ret = WNetAddConnection2A(share_driver, password, username, 1);
106
107          return ret;
108      }
109
110      public static int Disconnect(string localpath)
111      {
112          return WNetCancelConnection2A(localpath, 1, 1);
113      }
114  }

 

最後，就是使用了，其中Connect方法的參數分別爲網絡地址、本地要映射的磁盤、網絡映射賬號、網絡映射密碼

 

1 string localpath = "Z:";
2 int status = NetworkConnection.Connect("\\\\192.168.1.111\\share", localpath, @"administrator", "admin");
3 if (status == (int)ERROR_ID.ERROR_SUCCESS)
4 {
5 System.Drawing.Image image = System.Drawing.Image.FromFile("Z://1.jpg");
6 image.Save("c:\\1.jpg");
7 }
8 NetworkConnection.Disconnect(localpath);

 

至於爲什麼要這樣，我的理解是直接調用API建立連接可能也沒有權限，在此需要模擬一下用戶，再建立連接就直接可以訪問，相當於ASP.NET運行的賬戶下做了網絡磁盤映射。

最後 jww 的評論可以很簡單

我以前項目中有個簡單些的辦法，不需要模擬用戶，只要在Global.asax里加上下面這句話，然後再程序裏訪問文件路徑直接用\\192.168.x.x\Share這種路徑去訪問，這樣就算有人修改網絡映射驅動器也不會對程序有影響了，樓主不妨試試
void Application_Start(object sender, EventArgs e) 
{
System.Diagnostics.Process.Start("net.exe", "use \\\\192.168.x.x\\Share \"admin\" /user:\"administrator\"");

//192.168.x.x:爲網絡驅動器的ip地址；Share爲文件共享名，不是文件名；administrator爲網絡驅動器的用戶名，admin爲密碼
}