"net use" command in a Windows Service

Question

Hello to all,

We're using the following command line from within a Windows Service developed with C# .Net Framework 1.1:

net use z: \\myComputer\c$

The service is running under a domain account that is a local administrator on "myComputer". After debugging the code we can see that it does not return any errors but the "z:" drive is never mapped. We've tried the exact same code from a console application and it works properly. What is it that we need to add to the Service to make this work?

The code we're using is included below.

Regards,
Sergio

startInfo.FileName = "net";  
startInfo.Arguments = string.Format(@"use {0}: \\{1}\{2}", driveLetter,
                                    computerName, folder).Trim();  
startInfo.UseShellExecute = false;  
startInfo.RedirectStandardError = true;

proc.EnableRaisingEvents = false;  
proc.StartInfo = startInfo;

proc.Start();

// If there is an error during the mapping of the drive, it will be read
// from the StandardError property which is a StreamReader object and
// be fed into the error output parameter.  
using(StreamReader errorReader = proc.StandardError)  
{  
         string standardError = string.Empty;  
    while((standardError = errorReader.ReadLine()) != null)  
    {  
     error += standardError + " ";  
    }  
}  
proc.WaitForExit();

Answer 1

You probably need to specify the account used for the login. Type net use /? on a command prompt to get help setting that up with the command.

Answer 2

I suspect that it is because the service is not running in the context of the local user. As I remember, you can configure a windows service from years-ago to 'interact with the desktop' or something similar.

Answer 3

From http://msdn.microsoft.com/en-us/library/ms685143.aspx:

A service (or any process running in a different security context) that must access a remote resource should use the Universal Naming Convention (UNC) name to access the resource. The service must have appropriate privileges to access the resource. If a server-side service uses an RPC connection, delegation must be enabled on the remote server.

Drive letters are not global to the system. Each logon session receives its own set of drive letters from A to Z. Therefore, redirected drives cannot be shared between processes running under different user accounts. Moreover, a service (or any process running within its own logon session) cannot access the drive letters that were established within a different logon session.

A service should not directly access local or network resources through mapped drive letters, nor should it call the net use command to map drive letters at run time.

Answer 4

You cannot access user properties from a windows service (including the HKEY-CURRENT-USER from the registry) because the service does not run as a logged in user.

Mapped drives are part of user settings, so you cannot use them as a service unless you dig through to find the user properties in the registry manually, map the drives in your service, etc. It's a pain.

What you may want to try and do is ask a question about how to have your Service execute the login sequence (probably some .EXE). That may do it for you.

Hope this helps, Alan.