none
NetEnumResource API issues

    Question

  • I want to list down all the network shares mounted on a host by all the users and across all the sessions.

    I used WNetEnumResource but it doesnot list all resources across sessions.

    So basically the issue is that for a Host H, if an Administrator User 'A' maps a storage network CIFS share then if my program running as System user tries to list all Network shares then it doesn't list share mapped by user A on Host H.

    Is there any other API or any flag passed to this API? 

    Or let me know if there is some configuration which can make this share visible to all the users across all the sessions.


    • Edited by AshitKumar Tuesday, May 08, 2012 1:43 PM
    Tuesday, May 08, 2012 6:53 AM

Answers

  • Instead of drive letters use UNC path. Drive letters are local to logon sessions so you cannot see a letter created by other user. There should be some way for a privileged program to enumerate all conected shares, though.

    -- pa


    Tuesday, May 08, 2012 10:23 AM
  • It looks like the documentation is telling you something but you don't want to believe it.

    The data is on a per logon session basis. The only way to get a list of all shares that are mapped for a user on a particular logon session is from an executable running in that logon session. It is also vital to remember that these mappings are on a per logon token basis too, so mappings created for an admin token will not be available of a UAC restricted token.

    If you try net use outside of the users logon session (using impersonation or anything) then you may notice that you do get items in this list, but this would be the RESOURCE_REMEMBERED scope. If you actually create a non persistant maping and then try net use in another logon session for a user then you will notice that nothing appears in the list. This shows that net use fills this list via the remembered maps.

    What you want is not possible.


    This is a signature

    Any samples given are not meant to have error checking or show best practices. They are meant to just illustrate a point. I may also give inefficient code or introduce some problems to discourage copy/paste coding. This is because the major point of my posts is to aid in the learning process.

    Do you want Visual Studio 11 Express to be freely installable on Windows 7 and able to write regular C++ applications? Please vote for this.

    Tuesday, May 08, 2012 9:12 PM
  • At a much lower layer, i

    t is possible to peek into the kernel object directory that represents sessions and connected shares. But format of the info there depends on Windows version, let alone that it is undocumented...

    The tool to explore this stuff is here.

    -- pa

    Tuesday, May 08, 2012 9:34 PM

All replies

  • Instead of drive letters use UNC path. Drive letters are local to logon sessions so you cannot see a letter created by other user. There should be some way for a privileged program to enumerate all conected shares, though.

    -- pa


    Tuesday, May 08, 2012 10:23 AM
  • Thanks Pavel A.

    Even though i use UNC path i am not able to enumerate them. While calling WNetOpenEnum(), i am giving scope = RESOURCE_GLOBALNET  type = RESOURCE_DISK and usage = 0. Also, i tried with type = RESOURCE_ANY. But it doesnt list.

    If i use drive letters then 'net use' is working fine. How does net use works? I mean does it use WNetOpenEnum()? If yes, then what all parameters it uses?

    Remarks

    If the dwScope parameter is equal to RESOURCE_CONNECTED, a network connection made using the Microsoft LAN Manager network is omitted from the enumeration if the connection was made by an application running in a different logon session than the application calling theWNetOpenEnum function. This is because connections made using Microsoft LAN Manager are visible only to applications running in the same logon session as the application that made the connection. (To include the connection in the enumeration, it is not sufficient for the application to be running in the user account that created the connection.)

    So which scope should be used?

    Tuesday, May 08, 2012 11:48 AM
  • So trying scope=RESOURCE_REMEMBERED and type as RESOURCETYPE_DISK enumerates the shares across sessions for a particular user but still my purpose is halfway solved as i want it across the users and across the sessions.

    Any help?

    Tuesday, May 08, 2012 4:54 PM
  • It looks like the documentation is telling you something but you don't want to believe it.

    The data is on a per logon session basis. The only way to get a list of all shares that are mapped for a user on a particular logon session is from an executable running in that logon session. It is also vital to remember that these mappings are on a per logon token basis too, so mappings created for an admin token will not be available of a UAC restricted token.

    If you try net use outside of the users logon session (using impersonation or anything) then you may notice that you do get items in this list, but this would be the RESOURCE_REMEMBERED scope. If you actually create a non persistant maping and then try net use in another logon session for a user then you will notice that nothing appears in the list. This shows that net use fills this list via the remembered maps.

    What you want is not possible.


    This is a signature

    Any samples given are not meant to have error checking or show best practices. They are meant to just illustrate a point. I may also give inefficient code or introduce some problems to discourage copy/paste coding. This is because the major point of my posts is to aid in the learning process.

    Do you want Visual Studio 11 Express to be freely installable on Windows 7 and able to write regular C++ applications? Please vote for this.

    Tuesday, May 08, 2012 9:12 PM
  • At a much lower layer, i

    t is possible to peek into the kernel object directory that represents sessions and connected shares. But format of the info there depends on Windows version, let alone that it is undocumented...

    The tool to explore this stuff is here.

    -- pa

    Tuesday, May 08, 2012 9:34 PM