1. 首頁
  2. 問答
  3. NTAccount.Translate方法失敗,錯誤的部分或全部身份引用不能轉換

NTAccount.Translate方法失敗,錯誤的部分或全部身份引用不能轉換

2012-07-17 39 views
3 
PipeAccessRule par = new PipeAccessRule("Everyone", PipeAccessRights.ReadWrite, System.Security.AccessControl.AccessControlType.Allow);

此代碼失敗,錯誤:NTAccount.Translate方法失敗,錯誤的部分或全部身份引用不能轉換

Some or all identity references could not be translated.

我想這是因爲我使用的是「所有人」,同時啓動我的非英語本地應用程序。在英語系統上,一切都很好。

如何避免這種情況?是否有一些枚舉描述了一般用戶組?

堆棧跟蹤:

at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)  
at System.Security.Principal.NTAccount.Translate(Type targetType)  
at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)  
at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)  
at System.IO.Pipes.PipeSecurity.AddAccessRule(PipeAccessRule rule)

來源

2012-07-17 Ksice

回答

4

使用,而不是字符串的PipeAccessRule和的SecurityIdentifier的第二個構造解決:

System.Security.Principal.SecurityIdentifier sid = new System.Security.Principal.SecurityIdentifier(System.Security.Principal.WellKnownSidType.BuiltinUsersSid, null); 
PipeAccessRule par = new PipeAccessRule(sid, PipeAccessRights.ReadWrite, System.Security.AccessControl.AccessControlType.Allow);

來源

2012-07-17 12:52:18 Ksice

+0

這就是很好的一些情況,但如果你想添加的權限爲特定用戶或組?然後怎樣呢 ?你怎麼能得到sid? – 2015-07-20 10:12:48

+0

在我的情況下,我需要onlu內建組。如果不是,我想這就足夠使用簡單的字符串了,就像我原來的問題一樣。 – Ksice 2016-05-04 14:53:42

+1

而實際上我的問題是,代碼的和平運行在不同的文化中。如果文化相同,我想可以使用「硬編碼」名稱。 – Ksice 2016-05-04 15:47:23

2

由於種種原因,BuiltinUsersSid似乎並不在我的情況下正常工作(遠程服務器可以訪問管道,但本地訪問管道失敗!)

這是我用來訪問幾乎所有的代碼,現在管道可以在本地或遠程訪問:

請注意,DomainSid參數是在人口與當前用戶正在訪問的

using System.IO.Pipes; 
using System.Security.Principal; 
using System.Security.AccessControl; 
[...] 

      PipeSecurity lPipeSecurity = new PipeSecurity(); 
      try 
      { 
       PipeAccessRule lPar1 = new PipeAccessRule(@"NT AUTHORITY\NETWORK", PipeAccessRights.FullControl, System.Security.AccessControl.AccessControlType.Allow); 
       lPipeSecurity.AddAccessRule(lPar1); 
      } 
      catch (Exception E1) 
      { 
       Console.WriteLine(PrinterBase.DumpTimestamp(DateTime.UtcNow, true) + ": Exception when trying to give pipe rights to AUTORITY NT NETWORK"+E1.Message); 
      } 
      try 
      { 
       System.Security.Principal.SecurityIdentifier lSid = new System.Security.Principal.SecurityIdentifier(System.Security.Principal.WellKnownSidType.BuiltinUsersSid, null); 
       PipeAccessRule lPar2 = new PipeAccessRule(lSid, PipeAccessRights.ReadWrite, System.Security.AccessControl.AccessControlType.Allow); 

       lPipeSecurity.AddAccessRule(lPar2); 
      } 
      catch (Exception E2) 
      { 
       Console.WriteLine(PrinterBase.DumpTimestamp(DateTime.UtcNow, true) + ": Exception when trying to give pipe rights to BuiltInSid "+E2.Message); 
      } 
      try 
      { 
       PipeAccessRule lPar3 = new PipeAccessRule(string.Format(@"{0}\{1}", Environment.UserDomainName, Environment.UserName), PipeAccessRights.FullControl, System.Security.AccessControl.AccessControlType.Allow); 
       lPipeSecurity.AddAccessRule(lPar3); 
      } 
      catch (Exception E3) 
      { 
       Console.WriteLine(PrinterBase.DumpTimestamp(DateTime.UtcNow, true) + ": Exception when trying to give pipe rights to current user "+E3.Message); 
      } 
      try 
      { 
       System.Security.Principal.SecurityIdentifier lSidWorld = new System.Security.Principal.SecurityIdentifier(System.Security.Principal.WellKnownSidType.WorldSid, null); 
       PipeAccessRule lPar4 = new PipeAccessRule(lSidWorld, PipeAccessRights.ReadWrite, System.Security.AccessControl.AccessControlType.Allow); 
       lPipeSecurity.AddAccessRule(lPar4); 
      } 
      catch (Exception E4) 
      { 
       Console.WriteLine(PrinterBase.DumpTimestamp(DateTime.UtcNow, true) + ": Exception when trying to give rights to World "+E4.Message); 
      } 

      try 
      { 
       System.Security.Principal.SecurityIdentifier lSidLocal = new System.Security.Principal.SecurityIdentifier(System.Security.Principal.WellKnownSidType.LocalSid, null); 
       PipeAccessRule lPar5 = new PipeAccessRule(lSidLocal, PipeAccessRights.ReadWrite, System.Security.AccessControl.AccessControlType.Allow); 
       lPipeSecurity.AddAccessRule(lPar5); 
      } 
      catch (Exception E5) 
      { 
       Console.WriteLine(PrinterBase.DumpTimestamp(DateTime.UtcNow, true) + ": Exception when trying to give rights to Local "+E5.Message); 
      } 
      try 
      { 
       PipeAccessRule lPar6 = new PipeAccessRule(@"geneos", PipeAccessRights.FullControl, System.Security.AccessControl.AccessControlType.Allow); 
       lPipeSecurity.AddAccessRule(lPar6); 
      } 
      catch (Exception E6) 
      { 
       Console.WriteLine(PrinterBase.DumpTimestamp(DateTime.UtcNow, true) + ": Exception when trying to give pipe rights to geneos" + E6.Message); 
      } 
      try 
      { 
       WindowsIdentity lCurrentId = WindowsIdentity.GetCurrent(); 
       System.Security.Principal.SecurityIdentifier lSidLocal = new System.Security.Principal.SecurityIdentifier(System.Security.Principal.WellKnownSidType.AccountAdministratorSid, lCurrentId.User.AccountDomainSid); 
       PipeAccessRule lPar5 = new PipeAccessRule(lSidLocal, PipeAccessRights.ReadWrite, System.Security.AccessControl.AccessControlType.Allow); 
       lPipeSecurity.AddAccessRule(lPar5); 
      } 
      catch (Exception E7) 
      { 
       Console.WriteLine(PrinterBase.DumpTimestamp(DateTime.UtcNow, true) + ": Exception when trying to give rights to administrators " + E7.Message); 
      } 
      try 
      { 
       System.Security.Principal.SecurityIdentifier lSidLocal = new System.Security.Principal.SecurityIdentifier(System.Security.Principal.WellKnownSidType.AuthenticatedUserSid, null); 
       PipeAccessRule lPar8 = new PipeAccessRule(lSidLocal, PipeAccessRights.ReadWrite, System.Security.AccessControl.AccessControlType.Allow); 
       lPipeSecurity.AddAccessRule(lPar8); 
      } 
      catch (Exception E8) 
      { 
       Console.WriteLine(PrinterBase.DumpTimestamp(DateTime.UtcNow, true) + ": Exception when trying to give rights to authenticated users " + E8.Message); 
      } 
      try 
      { 
       WindowsIdentity lCurrentId = WindowsIdentity.GetCurrent(); 
       System.Security.Principal.SecurityIdentifier lSidLocal = new System.Security.Principal.SecurityIdentifier(System.Security.Principal.WellKnownSidType.AuthenticatedUserSid, lCurrentId.User.AccountDomainSid); 
       PipeAccessRule lPar9 = new PipeAccessRule(lSidLocal, PipeAccessRights.ReadWrite, System.Security.AccessControl.AccessControlType.Allow); 
       lPipeSecurity.AddAccessRule(lPar9); 
      } 
      catch (Exception E9) 
      { 
       Console.WriteLine(PrinterBase.DumpTimestamp(DateTime.UtcNow, true) + ": Exception when trying to give rights to authenticated users on current user domain " + E9.Message); 
      } 


      lPipeServer = new NamedPipeServerStream(
       lNamedPipe, 
       PipeDirection.InOut, 
       NamedPipeServerStream.MaxAllowedServerInstances, 
       PipeTransmissionMode.Byte, 
       PipeOptions.Asynchronous, 
       0, 
       0, 
       lPipeSecurity);

來源

2015-09-23 09:46:14

相關問題

 相關問題