Search code examples
delphiactive-directoryfile-sharing

I need my desktop app to access network folder that the current user does not have permission to

I have a windows desktop app (written in Delphi) that allows users to store and retrieve files.

  1. The application stores these files in a single network shared folder (Active Directory).
  2. The various users of the app do not all have permission to see all of the files, these permissions are controlled by the app.

Currently we have to allow every user of the app access to the shared folder, so a malicious user could find the directory and gain access to all of the files.

Is there a way that the app can act as a specific user such that only the "app as a user" and not each individual needs permission to the shared folder?

Solution

  • You need to either:

    1) run the app as the desired user.

    2) have your code programmably impersonate the desired user, via LogonUser() and ImpersonateLoggedOnUser(), or other similar functions, before then accessing the shared folder. Don't forget to stop impersonating when you are finished using the folder.