Windows Service cannot access network location (UNC) Path

10,328

Solution 1

If you try to run your service under the desktop-remote\myname account you probably will fail. The local machine only likes accounts belonging to itself.

What I would do is to turn it around. Make the remote computer share a folder for your machine to poll. That way the remote machine has control over which data it is publishing, just like an object has its properties to private or public. If you are ok with having anyone who knows the address \\desktop-remote\my-not-so-secret-folder\ being able to read it, set it so anyone can read. If you are more secretive, suffix the folder with $ like so: \\desktop-remote\my-secret-folder$. Now it is not visble but still reachable.
You can also create a special account that has access to said folder.

Then you let your service run any account (with network access) of your choosing on your local machine. Let it try to connect to the remote folder with the special account.

(I have learned, the hard way, that reading a shared folder is slightly different between machines without domain and machines in a domain; the anyone-can-read does not work. At least in WindowsXP it was that way. I have since then not have the need to share a folder.)

HTH

Solution 2

  1. Open the Control Panel > Administrative Tools > Services window on your Windows server.
  2. Stop your windows service.
  3. Open the Properties > Log On dialog.
  4. Change the service user account to the target user account.
  5. Start your service.

enter image description here

If you are developing the service in Visual Studio, and want to emulate a different account you can also press shift + right mouse click on devenv.exe and click on "run as different user".

Also make sure you are specifying the full path to the folder and that the account you use has full rights to the folder.

Solution 3

When you set the service to run as the local system account, it cannot access the remote UNC Path that is accessible using explorer with local machine account.

Simply because the explorer manages logged on user credentials, so, you have added UNC path credentials to the LOGGED user only.

When you change it to Local System Account, the user credentials to the share is not stored.

Try to create a local user without password expiration and then enable it access to the Share.

All you will need to do is to setup windows service with this new account registered.

Security

Solution 4

I was facing this problem with my UNC storage in the Azure cloud. What worked is setting up the credentials in the windows credentials manager:

windows credential manager

You can get the connection string from the Azure portal.

This resolved our problem.

Share:
10,328

Related videos on Youtube

techno
Author by

techno

Technology is my passion :)

Updated on September 14, 2022

Comments

  • techno
    techno about 1 year

    I have a windows service that polls a folder continuously for new files.For local directories this works fine.But when it comes to UNC Paths on another system in the same network,the service cannot access the folder it seems.I have refereed to this post https://serverfault.com/a/881272 ; it states that i need to run the service as the currently logged in user.How im i supposed to do that?

    The path i wish to monitor using the service is

    \DESKTOP-PC\Users\me\myfolder
    

    Please advice

    UPDATE:

    I have developed the service using topshelf.I want to poll a folder on another local machine in the same network.I go to network places,double click on the computername,it asks for credentials,i enter the username and password of the remote computer i get access to the files on the system for that user(in explorer).

    Now when i set the service to run as the local machine user under this machine,it cannot access the remote UNC Path that is accessible using explorer.I have tried installing it as the remote machine user,but it fails.

    myService.exe install -username:DESKTOP-REMOTE\myname -password:mypassword
    
  • techno
    techno about 5 years
    Thanks for your help.How should the folder be shared? Should the permission be set to everyone as only local machine uses are visible.
  • LosManos
    LosManos about 5 years
    To get things up and running skip the sharing part. What is important in my text was 1) your service should run in an account of your local computer and 2) it should use the usr/pwd of the remote machine when trying to connect to the remote machine. (I believe polluting my answer with sharing of folders made it harder to read; but I don't want to change it so drastically afterwards.)
  • techno
    techno about 5 years
    Thanks for the update.I have successfully managed to sort the issue by running the service as LocalMachine and impersonating a remote user.I have run into another issue.The directory to monitor and the output directory to save the processed files can be on two different remote machines.Does impersonating the user each time to a save file a bad idea? will it take a lot of time? what do you think?
  • LosManos
    LosManos about 5 years
    Logging on takes time. If you are doing it often (enter your preferred value for "often") or want to save CPU cycles and bandwidth you should remember the session you have logged on to. But that is for another question. (Possibly to wide for Stackoverflow.)
  • techno
    techno about 5 years
    Thanks for your update.The scenario only applies to remote windows systems.There will be other shared network locations right? like an independent shared wireless HDD.In such cases the authentication will fail,right? Does windows services has access to such network resources ?