Make mapped network connections work for privilege escalated processes
Posted 3/5/2007 by Steve Sinchak - Total Views: 8,486 - Views Today: 4

Ever wonder why you get network authentication errors when you are trying access a mapped network share from a process that was elevated by UAC? Josh over at WindowsConnected has a great article on how you can fix this annoying issue:

On Windows Vista when you map a drive under your admin account you will find that your mapped drive is not available after you switch to your full token via a RunAs or Consent dialog. This is by design because there are actually two tokens in play here. What happens is the LSA recognized that you are admin at logon and creates two logons. The first with a "filtered" token or non-admin which is used to render your desktop and the other containing your full token to be available after consent dialogs. 

Because there are two separate logons there are separate logon ID's.  When network shares are mapped they are linked to the current logon session for the current process token. Meaning you don't have access to the network drive from the alternate logon. This can come into play with logon scripts and a number of other areas where you may require access to a network share from both tokens.

Click here to read the full article

Advertisement



Comments

Click here for article comments

Like this article? Submit it!


Free Computer Magazines for TweakVista.com Visitors!
eWeek, RCR Wireless, Information Week, Business Week, Many More Free Magazines!


Contact APCM - About APCM - Terms of Use - Privacy Policy

© 2005, 2006, 2007 Advanced PC Media LLC, All rights reserved. TweakVista™ is a trademark of Advanced PC Media LLC.
Microsoft Windows is a registered trademarks of Microsoft Corporation. Microsoft Corporation in no way endorses
or is affiliated with TweakVista. All other products mentioned are registered trademarks and/or trademarks of their respective companies.