我们想要迁移 Windows Azure 中的 FTP 服务器。我们创建了干净的虚拟机镜像并在那里安装了 FTP 服务器。现在,为了能够直接从 Windows Azure 数据中心处理驻留在 FTP 目录中的文件,我们创建了文件共享和端点(端口 445 TCP 和 UDP)。如果我们尝试从辅助角色访问 FTP 服务器的文件共享,我们通常会收到“访问路径“...”被拒绝。”。我们能够从辅助角色通过远程桌面访问 FTP 服务器的文件共享,这意味着防火墙和 FTP 配置正确。辅助角色可以访问 Windows Azure 数据中心中的文件共享吗?
代码:
try
{
const string networkShare = @"...";
Directory.GetFiles(networkShare).ToList().ForEach(file => Trace.TraceInformation(file));
Thread.Sleep(10000);
Trace.WriteLine("Working", "Information");
}
catch (Exception ex)
{
Trace.TraceError(ex.ToString());
}
异常(exception):
Exception thrown on running: System.UnauthorizedAccessException: Access to the path '...' is denied.
Server stack trace:
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileSystemEnumerableIterator`1.CommonInit()
at System.IO.FileSystemEnumerableIterator`1..ctor(String path, String originalUserPath, String searchPattern, SearchOption searchOption, SearchResultHandler`1 resultHandler, Boolean checkHost)
at System.IO.Directory.InternalGetFileDirectoryNames(String path, String userPathOriginal, String searchPattern, Boolean includeFiles, Boolean includeDirs, SearchOption searchOption, Boolean checkHost)
at System.IO.Directory.InternalGetFiles(String path, String searchPattern, SearchOption searchOption)
at KALCIK.NET.Plugin.ReadFromShare.ReadFromSharePlugin.Manipulate(String valueToManipulate)
at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Object[]& outArgs)
at System.Runtime.Remoting.Messaging.StackBuilderSink.SyncProcessMessage(IMessage msg)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at KALCIK.NET.Plugin.Contracts.TextManipulationPluginBase.Manipulate(String valueToManipulate)
at KALCIK.NET.CloudServices.WorkerRole.BusinessLayers.WorkOrderProcessing.ProcessWorkOrder(Tuple`2 workOrder) in c:\Development\Samples\CloudServicesPlugInSample\CloudServices.WorkerRole\BusinessLayers\WorkOrderProcessing.cs:line 56
at KALCIK.NET.CloudServices.WorkerRole.WorkOrderProcessorService.Run() in c:\Development\Samples\CloudServicesPlugInSample\CloudServices.WorkerRole\WorkOrderProcessorService.cs:line 67; TraceSource 'WaWorkerHost.exe' event
最佳答案
是的,问题似乎出在用户、主机进程正在运行的情况下。要解决此问题,您可以创建具有管理员权限的新用户(例如,在角色启动时借助启动任务)并模拟执行的代码。您可以查看示例实现here .
public class WorkerRole : RoleEntryPoint
{
public sealed class SafeTokenHandle : SafeHandleZeroOrMinusOneIsInvalid
{
private SafeTokenHandle() : base(true) { }
[DllImport("kernel32.dll")]
[ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)]
[SuppressUnmanagedCodeSecurity]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool CloseHandle(IntPtr handle);
protected override bool ReleaseHandle()
{
return CloseHandle(handle);
}
}
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword, int dwLogonType, int dwLogonProvider, out SafeTokenHandle phToken);
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
public extern static bool CloseHandle(IntPtr handle);
public override void Run()
{
// This is a sample worker implementation. Replace with your logic.
Trace.WriteLine("TestWorkerRole entry point called", "Information");
while (true)
{
try
{
SafeTokenHandle safeTokenHandle;
var returnValue = LogonUser("username", Environment.MachineName, "password", 2, 0, out safeTokenHandle);
if (returnValue)
{
using (safeTokenHandle)
{
using (var impersonatedUser = WindowsIdentity.Impersonate(safeTokenHandle.DangerousGetHandle()))
{
const string networkSharePath = @"UNCPath";
Directory.GetFiles(networkSharePath).ToList().ForEach(file => Trace.TraceInformation(file));
}
}
}
Thread.Sleep(10000);
Trace.WriteLine("Working", "Information");
}
catch (Exception ex)
{
Trace.TraceError(ex.ToString());
}
}
}
}
关于azure - 从 Azure 辅助角色访问文件共享,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/16014441/