Impersonation - C# / C Sharp

Ripa Horatiu

Does anyone knows how can I impersonate to another user (basically Administrator) for a piece of my code? I've tried the samples provided by MS but they didn't worked.

--
Horatiu Ripa

Nov 15 '05 #1

Subscribe Reply

9991

Ripa Horatiu

???????????????????????????

I'm doing the impersonation because I don't have rights enough to perform
some tasks. The impersonation is the ability to run threads/processes in a
different security context than the main one. Meaning switching to another
identity (account) for a while with higher (and even if it doesn't have any
sense, lower) privileges.
I'm using XML services and I need to promote to "Administrator" the security
context that a piece of code runs into, to be able to access resources not
accessible with ASPNET account. The sample that microsoft has on its page
does not work, it always throws an error (ret!=0), here's the code:

using System;
using System.Runtime.InteropServices;
using System.Security.Principal;
using System.Security.Permissions;

[assembly:SecurityPermissionAttribute(SecurityActio n.RequestMinimum,
UnmanagedCode=true)]
public class Class1
{
[DllImport("C:\\WINNT\\System32\\advapi32.dll")]
public static extern bool LogonUser(String lpszUsername, String
lpszDomain, String lpszPassword,
int dwLogonType, int dwLogonProvider, out int phToken);

[DllImport("C:\\WINNT\\System32\\Kernel32.dll")]
public static extern int GetLastError();

public static void Main(string[] args)
{
// The Windows NT user token.
int token1;

// Get the user token for the specified user, machine, and password
using the unmanaged LogonUser method.

bool loggedOn = LogonUser(
// User name.
"bob",

// Computer name.
"AARDVARK",

// Password.
"coffee",

// Logon type = LOGON32_LOGON_NETWORK_CLEARTEXT.
3,

// Logon provider = LOGON32_PROVIDER_DEFAULT.
0,

// The user token for the specified user is returned here.
out token1);

Console.WriteLine("LogonUser called");

// Call GetLastError to try to determine why logon failed if it did
not succeed.
int ret = GetLastError();

Console.WriteLine("LogonUser Success? " + loggedOn);
Console.WriteLine("NT Token Value: " + token1);
if (ret != 0) Console.WriteLine("Error code (126 == \"Specified module
could not be found\"): " + ret);

//Starting impersonation here:
Console.WriteLine("\n\nBefore impersonation:\n");
WindowsIdentity mWI1 = WindowsIdentity.GetCurrent();
Console.WriteLine(mWI1.Name);
Console.WriteLine(mWI1.Token);

IntPtr token2 = new IntPtr(token1);

Console.WriteLine("\n\nNew identity created:\n");
WindowsIdentity mWI2 = new WindowsIdentity(token2);
Console.WriteLine(mWI2.Name);
Console.WriteLine(mWI2.Token);

// Impersonate the user.
WindowsImpersonationContext mWIC = mWI2.Impersonate();

Console.WriteLine("\n\nAfter impersonation:\n");
WindowsIdentity mWI3 = WindowsIdentity.GetCurrent();
Console.WriteLine(mWI3.Name);
Console.WriteLine(mWI3.Token);

// Revert to previous identity.
mWIC.Undo();

Console.WriteLine("\n\nAfter impersonation is reverted:\n");
WindowsIdentity mWI4 = WindowsIdentity.GetCurrent();
Console.WriteLine(mWI4.Name);
Console.WriteLine(mWI4.Token);
}
}

--
Horatiu Ripa
Software Development Manager
Business Logic Systems LTD
6-8 Motilor str., 6th floor, 3400 Cluj-Napoca, Romania
Phone: +40 64 438144 Fax: +40 64 438144
Web: www.businesslogic.co.uk

This email (email message and any attachments) is strictly confidential,
possibly privileged and is intended solely for the person or organization to
whom it is addressed. If you are not the intended recipient, you must not
copy, distribute or take any action in reliance on it. If you have received
this email in error, please inform the sender immediately before deleting
it. Business Logic Systems Ltd accepts no responsibility for any advice,
opinion, conclusion or other information contained in this email or arising
from its disclosure.
"Nicholas Paldino [.NET/C# MVP]" <ni**************@exisconsulting.com> wrote
in message news:OA**************@TK2MSFTNGP09.phx.gbl...

Horatiu,

Can you show the code? Also, are you using ASP.NET? The account that
is doing the impersonation has to have the correct permissions in order to
impersonate another user and the ASPNET account does not have them (I think) by default.

Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- ni**************@exisconsulting.com
"Ripa Horatiu" <ho**********@blabla.ro> wrote in message
news:ON**************@TK2MSFTNGP10.phx.gbl...
Does anyone knows how can I impersonate to another user (basically
Administrator) for a piece of my code? I've tried the samples provided by MS but they didn't worked.

--
Horatiu Ripa

Nov 15 '05 #2

Similar topics

5140

Impersonation and UNC shares in a windows service

by: Chris | last post by:

Hello all, Here is my problem. I have a windows service (C#) that is supposed to move files from/to the local drive to/from a UNC share (\\domainserver\share). The service is running on a Win3k...

.NET Framework

2537

Issue with ASP.NET client, COM Interop, and Identity impersonation

by: Anil Krishnamurthy | last post by:

We have an ASP.NET application that uses COM objects through Interop. The web application requires access to network and database resources and hence, needs to impersonate a domain account. The...

.NET Framework

3943

Impersonation failure with Index Server and Forms Authentication with Active Directory

by: techfuzz | last post by:

I'm posting my problem experience and solution I found here for other ASP.NET developers. I have a web application that uses Forms Authentication with Active Directory to control access. In...

ASP.NET

6494

Machine.Config -- ProcessModel vs Identity Impersonation

by: Wm. Scott Miller | last post by:

What is the difference between using a username and password in the processmodel section vs using one in impersonation in the machine.config file? What are the advantages of each and what are the...

ASP.NET

2819

Impersonation causes a server error

by: Phil | last post by:

Hi, I've currently setup a local user as described in: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnne...

C# / C Sharp

1866

Threading & Impersonation

by: Patrick | last post by:

I have an ASP.NET web service whose Web.Config is set to use impersonation <authentication mode="Windows" /> <identity impersonate="true" /> Within a Web Method, I want to use...

ASP.NET

1240

Impersonation Problem

by: velvet.graham | last post by:

I'm having a difficult time with impersonation. I've created an impersonation class. Here is the code below: ******Impersonation Class Code********* Imports System Imports System.Web.Security...

ASP.NET

1523

interesting! cystal report dll and asp.net impersonation

by: zhuang | last post by:

Dear all, I found a very interesting thing about viewing crystal report (located on network drive) with asp.net application. To do the impersonation, modify web.config does not work, you have...

ASP.NET

2649

Impersonation and Performance

by: =?Utf-8?B?S2l0dHlIYXdr?= | last post by:

I am in the process of migrating an II6 environment from a single server to a network load balanced system. Thus, I am using a virtual directory on a UNC share to house the dynamic data that the...

ASP.NET

7094

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...

C / C++

7131

Maximizing Business Potential: The Nexus of Website Design and Digital Marketing

by: jinu1996 | last post by:

In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...

Online Marketing

6789

The easy way to turn off automatic updates for Windows 10/11

by: Hystou | last post by:

Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...

Windows Server

7115

Discussion: How does Zigbee compare with other wireless protocols in smart home applications?

by: tracyyun | last post by:

Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...

General

4519

Couldn’t get equations in html when convert word .docx file to html file in C#.

by: conductexam | last post by:

I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...

C# / C Sharp

3030

Windows Forms - .Net 8.0

by: adsilva | last post by:

A Windows Forms form does not have the event Unload, like VB6. What one acts like?

Visual Basic .NET

1334

transfer the data from one system to another through ip address

by: 6302768590 | last post by:

Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...

C# / C Sharp

580

php

by: muto222 | last post by:

How can i add a mobile payment intergratation into php mysql website.

PHP

226

Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy

by: bsmnconsultancy | last post by:

In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence...

General