我有一个本地的用户,这是本地管理员组的成员。
I have a local user, which is member of Administrators local group.
当我运行此code:
using System;
using System.DirectoryServices;
namespace nanttest
{
class Program
{
public static void Main(string[] args)
{
using(DirectoryEntry entry = new DirectoryEntry("IIS://localhost/W3SVC"))
{
object absobject = entry.NativeObject;
Console.WriteLine("Name: {0}", entry.Name);
}
Console.Write("Press any key to continue . . . ");
Console.ReadKey(true);
}
}
}
我收到了:
未处理的异常: System.Runtime.InteropServices.COMException (0X80070005):访问被拒绝
Unhandled Exception: System.Runtime.InteropServices.COMException (0x80070005): Access is denied.
在 System.DirectoryServices.DirectoryEntry.Bind(布尔 throwIfFail)在 System.DirectoryServices.DirectoryEntry.Bind() 在 System.DirectoryServices.DirectoryEntry.get_NativeObject() 在nanttest.Program.Main(字符串[] 参数)在 C:工作 nanttest nanttest 的Program.cs:行 20
at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_NativeObject() at nanttest.Program.Main(String[] args) in c:WorknanttestnanttestProgram.cs:line 20
如果我运行此code,而以管理员身份登录,它的工作原理确定。
If I run this code while logged in as Administrator, it works OK.
另外,如果我运行它登录的一个DomainAdmin用户此code失败。我已经加入MYDOMAIN 没有DomainAdmins和MYDOMAIN mydomainuser本地Administrators组的成员。
Also, this code fails if I run it logged in as a DomainAdmin user. I have added MYDOMAINDomainAdmins and MYDOMAINmydomainuser as members of local Administrators group.
我要补充哪些其他权限为这些用户,这样他们就可以运行这个code。
What other permissions should I add for these users, so they can run this code.
推荐答案
要回答我的问题,以便其他人可以找到一个解决方案:
To answer my own question, so others can find a solution:
现在的问题是在Windows 2008即使用户是Administrators组中的默认UAC设置,他/她还需要提升权限运行某些操作(上面的那个似乎是其中)。
The problem is with the default UAC settings in Windows 2008. Even if a user is in the Administrators group, he/she still needs elevated privileges to run some operations (the one above appears to be among them).
所以,解决方案1 - 运行使用以管理员身份运行的应用程序,或者在命令提示符下,这是开始使用该选项启动
So, solution 1 - run the application using "Run as administrator", or start it from a command prompt, which was started with that option.
解决方法2:禁用UAC的管理员组 - 我已经使用方法#3从本文(集团政策变化)。记住要重新启动这些更改后的服务器。
Solution 2: Disable UAC for administrators group - I have used method #3 from this article (group policy changes). Remember to reboot the server after these changes.
相关推荐
最新文章