EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Multiple User on Terminal Server

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
#35696
Posted: 01/26/2016 12:39:02
by Yves Langisch (Standard support level)
Joined: 06/17/2015
Posts: 24

I try to make my CBFS 6 based app work in a Terminal Server environment. The first user is able to mount a drive fine. If a second user (different session and user account) tries to mount a drive it does not work. The last callback I get is OnMount but there it gets stucked. No more callbacks, drive is neither visible nor accessible, but no errors at all.

Mount options are as follows:

CallbackFileSystem.CBFS_SYMLINK_NETWORK |
CallbackFileSystem.CBFS_SYMLINK_NETWORK_ALLOW_MAP_AS_DRIVE |
CallbackFileSystem.CBFS_SYMLINK_LOCAL

Any ideas?

Thanks
Yves
#35698
Posted: 01/26/2016 13:46:03
by Eugene Mayevski (EldoS Corp.)

Thank you for the report.

1. Could you please post the exact call to AddMountingPoint so that we would understand better, what you were doing?

2. Are you mounting the disks in the same instance of the application or you are running multiple instances? If it's the same instance (eg. impersonating users in different threads), then I can imagine possible problems, related to different thread permissions.


Sincerely yours
Eugene Mayevski
#35699
Posted: 01/26/2016 13:53:20
by Yves Langisch (Standard support level)
Joined: 06/17/2015
Posts: 24

My code looks like this:

Code
            _fs.StorageCharacteristics = 0;
            _fs.FileSystemName = "NTFS";
            _fs.CreateStorage();
            _fs.MountMedia(0);
            _fs.AddMountingPoint(
                getMountpoint().getAbsolute().TrimEnd('\\') + ";" + bookmark.getHostname() + ";" +
                BookmarkNameProvider.toString(bookmark),
                CallbackFileSystem.CBFS_SYMLINK_NETWORK | CallbackFileSystem.CBFS_SYMLINK_NETWORK_ALLOW_MAP_AS_DRIVE |
                CallbackFileSystem.CBFS_SYMLINK_LOCAL, null);


Can only test tomorrow but I'm quite sure that it is an instance per user.

Thanks
-
Yves
#35700
Posted: 01/26/2016 14:24:12
by Eugene Mayevski (EldoS Corp.)

Do I understand that multiple disk use the same mounting point name or the values are different in each case?


Sincerely yours
Eugene Mayevski
#35701
Posted: 01/26/2016 14:29:32
by Yves Langisch (Standard support level)
Joined: 06/17/2015
Posts: 24

Drive letters (getMountpoint().getAbsolute().TrimEnd('\\')) for each user are different but in my test case 'bookmark.getHostname()' and 'BookmarkNameProvider.toString(bookmark)' are identical for both users. Is this a problem? I assumed that the instances are completely isolated against each other.

-
Yves
#35703
Posted: 01/27/2016 01:55:52
by Eugene Mayevski (EldoS Corp.)

Yes, that is the problem. Local mounting points are isolated, but the network counterpart is global, as it becomes a part of the network infrastructure.


Sincerely yours
Eugene Mayevski
#35705
Posted: 01/27/2016 03:08:19
by Yves Langisch (Standard support level)
Joined: 06/17/2015
Posts: 24

Using different names seems to work. Can you please clarify which part must be unique over all user sessions?

<Local Mounting Point>;<Server name>;<Share Name>

The 'Local Mounting Point', as you mentioned, is isolated and does not need to be unique. what about the other two? Does each of them need to be unique or just the combination?

W:;server1;share1 vs W:;server1;share2
W:;server1;share1 vs W:;server2;share2

Are both okay or only the latter one?

And as concluding question: How can I query the names which must unique to make sure I'm not clashing with names already registered?

Thanks!
#35706
Posted: 01/27/2016 03:45:05
by Volodymyr Zinin (EldoS Corp.)

There are two variants:
1. Create only one CBFS application (in any session) which will create only one CBFS disk for all sessions, but will make different mounting points for different sessions. In this case the mounting points can have the same server and share names (and the same driver letter too if the CBFS_SYMLINK_LOCAL flag is specified). In such a case all mounting points (as well as the UNC path "\\server_name\share_name") will point to the same CBFS disk.
2. For each session run its own CBFS application instance and these instances will create each own CBFS disk. In this case the mounting points must have unique the server name and share name pair. For example "server1\share" and "server2\share", or "server\share1" and "server\share2". Such restriction exists because UNC paths are always global even if the CBFS_SYMLINK_LOCAL flag is specified (although you can hide them from enumeration by specifying the CBFS_SYMLINK_NETWORK_HIDDEN_SHARE flag).
#35707
Posted: 01/27/2016 03:57:39
by Volodymyr Zinin (EldoS Corp.)

Quote
post@iterate.ch wrote:
And as concluding question: How can I query the names which must unique to make sure I'm not clashing with names already registered?

As a variant use unique, but the same for all your CBFS storages, server name. And then during the mounting point creation take any share name, call AddMountingPoint with it, and if the error (exception) is returned then repeat the algorithm but with another share name. The thrown from AddMountingPoint exception is in the form of the ECBFSError instance and ECBFSError.ErrorCode() is set to ERROR_FILE_EXISTS. Of course the same exception will be thrown too and for already used drive letter.
Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.

Reply

Statistics

Topic viewed 2825 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!