Anyone used the WindowsIdentity class with success? I find if I try to change the current identity to one that exists on another machine and then try to perform and action on that machine i.e. restart a service or list the available processes I keep getting access denied exceptions. Here is an example of my code:
[DllImport("adva pi32.dll", SetLastError=tr ue)]
public extern static bool LogonUser(Strin g lpszUsername, String lpszDomain,
String lpszPassword, int dwLogonType,
int dwLogonProvider , ref IntPtr phToken);
[STAThread]
static void Main(string[] args)
{
IntPtr UserToken = new IntPtr(0);
//int UserToken;
bool loggedOn;
try
{
loggedOn = LogonUser(
"Administrator" ,
Dns.GetHostName (),
"",3,0, ref UserToken);
}
catch(Exception ex)
{
throw ex;
}
if(loggedOn)
{
WindowsIdentity SystemMonitorUs er = new WindowsIdentity (UserToken);
WindowsImperson ationContext ImpersonatedUse r = SystemMonitorUs er.Impersonate( );
Console.WriteLi ne(SystemMonito rUser.Name);
try
{
Process[] _process;
_process = Process.GetProc esses("192.168. 6.236");
foreach (Process p in _process)
{
Console.WriteLi ne(p.ProcessNam e.ToString());
}
}
catch (Exception ex)
{
Console.WriteLi ne(ex.Message);
throw ex;
}
ImpersonatedUse r.Undo();
}
}
Ian
--
"Life should NOT be a journey to the grave
with the intention of arriving safely in an
attractive and well preserved body,
but rather to skid in sideways,
chocolate in one hand, beer in the other,
body thoroughly used up,
totally worn out and screaming
WOO HOO what a ride!" 14 3448
Ian,
This might be a foolish question, but does the user account on the
machine you are running the code on have rights to impersonate a user on the
other machine? My guess is that it doesn't.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
"Ian Frawley" <ch****@away.co m> wrote in message
news:QK******** ****@news-1.opaltelecom.n et...
Anyone used the WindowsIdentity class with success? I find if I try to
change the current identity to one that exists on another machine and then
try to perform and action on that machine i.e. restart a service or list the
available processes I keep getting access denied exceptions. Here is an
example of my code:
[DllImport("adva pi32.dll", SetLastError=tr ue)]
public extern static bool LogonUser(Strin g lpszUsername, String
lpszDomain,
String lpszPassword, int dwLogonType,
int dwLogonProvider , ref IntPtr phToken);
[STAThread]
static void Main(string[] args)
{
IntPtr UserToken = new IntPtr(0);
//int UserToken;
bool loggedOn;
try
{
loggedOn = LogonUser(
"Administrator" ,
Dns.GetHostName (),
"",3,0, ref UserToken);
}
catch(Exception ex)
{
throw ex;
}
if(loggedOn)
{
WindowsIdentity SystemMonitorUs er = new WindowsIdentity (UserToken);
WindowsImperson ationContext ImpersonatedUse r =
SystemMonitorUs er.Impersonate( );
Console.WriteLi ne(SystemMonito rUser.Name);
try
{
Process[] _process;
_process = Process.GetProc esses("192.168. 6.236");
foreach (Process p in _process)
{
Console.WriteLi ne(p.ProcessNam e.ToString());
}
}
catch (Exception ex)
{
Console.WriteLi ne(ex.Message);
throw ex;
}
ImpersonatedUse r.Undo();
}
}
Ian
--
"Life should NOT be a journey to the grave
with the intention of arriving safely in an
attractive and well preserved body,
but rather to skid in sideways,
chocolate in one hand, beer in the other,
body thoroughly used up,
totally worn out and screaming
WOO HOO what a ride!"
Does the WindowsIdentity class require the current user to have these
rights?
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c om> wrote in
message news:%2******** ********@TK2MSF TNGP09.phx.gbl. .. Ian,
This might be a foolish question, but does the user account on the machine you are running the code on have rights to impersonate a user on
the other machine? My guess is that it doesn't.
-- - Nicholas Paldino [.NET/C# MVP] - mv*@spam.guard. caspershouse.co m
"Ian Frawley" <ch****@away.co m> wrote in message news:QK******** ****@news-1.opaltelecom.n et... Anyone used the WindowsIdentity class with success? I find if I try to change the current identity to one that exists on another machine and then try to perform and action on that machine i.e. restart a service or list
the available processes I keep getting access denied exceptions. Here is an example of my code:
[DllImport("adva pi32.dll", SetLastError=tr ue)] public extern static bool LogonUser(Strin g lpszUsername, String lpszDomain, String lpszPassword, int dwLogonType, int dwLogonProvider , ref IntPtr phToken); [STAThread] static void Main(string[] args) { IntPtr UserToken = new IntPtr(0); //int UserToken; bool loggedOn; try { loggedOn = LogonUser( "Administrator" , Dns.GetHostName (), "",3,0, ref UserToken); } catch(Exception ex) { throw ex; }
if(loggedOn) { WindowsIdentity SystemMonitorUs er = new WindowsIdentity (UserToken); WindowsImperson ationContext ImpersonatedUse r = SystemMonitorUs er.Impersonate( ); Console.WriteLi ne(SystemMonito rUser.Name);
try { Process[] _process;
_process = Process.GetProc esses("192.168. 6.236"); foreach (Process p in _process) { Console.WriteLi ne(p.ProcessNam e.ToString()); } } catch (Exception ex) { Console.WriteLi ne(ex.Message); throw ex; } ImpersonatedUse r.Undo(); } } Ian
-- "Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, beer in the other, body thoroughly used up, totally worn out and screaming WOO HOO what a ride!"
Ian,
Absolutely. How secure would an OS be if anyone could impersonate
anyone else? =)
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
"Ian Frawley" <ch****@away.co m> wrote in message
news:92******** ****@news-1.opaltelecom.n et... Does the WindowsIdentity class require the current user to have these rights?
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c om> wrote in message news:%2******** ********@TK2MSF TNGP09.phx.gbl. .. Ian,
This might be a foolish question, but does the user account on the machine you are running the code on have rights to impersonate a user on the other machine? My guess is that it doesn't.
-- - Nicholas Paldino [.NET/C# MVP] - mv*@spam.guard. caspershouse.co m
"Ian Frawley" <ch****@away.co m> wrote in message news:QK******** ****@news-1.opaltelecom.n et... Anyone used the WindowsIdentity class with success? I find if I try to change the current identity to one that exists on another machine and then try to perform and action on that machine i.e. restart a service or list the available processes I keep getting access denied exceptions. Here is an example of my code:
[DllImport("adva pi32.dll", SetLastError=tr ue)] public extern static bool LogonUser(Strin g lpszUsername, String lpszDomain, String lpszPassword, int dwLogonType, int dwLogonProvider , ref IntPtr phToken); [STAThread] static void Main(string[] args) { IntPtr UserToken = new IntPtr(0); //int UserToken; bool loggedOn; try { loggedOn = LogonUser( "Administrator" , Dns.GetHostName (), "",3,0, ref UserToken); } catch(Exception ex) { throw ex; }
if(loggedOn) { WindowsIdentity SystemMonitorUs er = new WindowsIdentity (UserToken); WindowsImperson ationContext ImpersonatedUse r = SystemMonitorUs er.Impersonate( ); Console.WriteLi ne(SystemMonito rUser.Name);
try { Process[] _process;
_process = Process.GetProc esses("192.168. 6.236"); foreach (Process p in _process) { Console.WriteLi ne(p.ProcessNam e.ToString()); } } catch (Exception ex) { Console.WriteLi ne(ex.Message); throw ex; } ImpersonatedUse r.Undo(); } } Ian
-- "Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, beer in the other, body thoroughly used up, totally worn out and screaming WOO HOO what a ride!"
Hi
I might be sounding a bit thick but if the user creating the impersonation
on the remote machine had the rights to do this then why would it need to
impersonate at all? Or is the impersonate user rights actually lower that
say restarting a windows service?
Ian
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c om> wrote in
message news:eK******** ******@TK2MSFTN GP10.phx.gbl... Ian,
Absolutely. How secure would an OS be if anyone could impersonate anyone else? =)
-- - Nicholas Paldino [.NET/C# MVP] - mv*@spam.guard. caspershouse.co m
"Ian Frawley" <ch****@away.co m> wrote in message news:92******** ****@news-1.opaltelecom.n et... Does the WindowsIdentity class require the current user to have these rights?
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c om> wrote in message news:%2******** ********@TK2MSF TNGP09.phx.gbl. .. Ian,
This might be a foolish question, but does the user account on the machine you are running the code on have rights to impersonate a user
on the other machine? My guess is that it doesn't.
-- - Nicholas Paldino [.NET/C# MVP] - mv*@spam.guard. caspershouse.co m
"Ian Frawley" <ch****@away.co m> wrote in message news:QK******** ****@news-1.opaltelecom.n et... Anyone used the WindowsIdentity class with success? I find if I try to change the current identity to one that exists on another machine and then try to perform and action on that machine i.e. restart a service or
list the available processes I keep getting access denied exceptions. Here is an example of my code:
[DllImport("adva pi32.dll", SetLastError=tr ue)] public extern static bool LogonUser(Strin g lpszUsername, String lpszDomain, String lpszPassword, int dwLogonType, int dwLogonProvider , ref IntPtr phToken); [STAThread] static void Main(string[] args) { IntPtr UserToken = new IntPtr(0); //int UserToken; bool loggedOn; try { loggedOn = LogonUser( "Administrator" , Dns.GetHostName (), "",3,0, ref UserToken); } catch(Exception ex) { throw ex; }
if(loggedOn) { WindowsIdentity SystemMonitorUs er = new WindowsIdentity (UserToken); WindowsImperson ationContext ImpersonatedUse r = SystemMonitorUs er.Impersonate( ); Console.WriteLi ne(SystemMonito rUser.Name);
try { Process[] _process;
_process = Process.GetProc esses("192.168. 6.236"); foreach (Process p in _process) { Console.WriteLi ne(p.ProcessNam e.ToString()); } } catch (Exception ex) { Console.WriteLi ne(ex.Message); throw ex; } ImpersonatedUse r.Undo(); } } Ian
-- "Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, beer in the other, body thoroughly used up, totally worn out and screaming WOO HOO what a ride!"
Where does the impersonate user right live?
Ian
"Ian Frawley" <ch****@away.co m> wrote in message
news:Tv******** ****@news-1.opaltelecom.n et... Hi
I might be sounding a bit thick but if the user creating the impersonation on the remote machine had the rights to do this then why would it need to impersonate at all? Or is the impersonate user rights actually lower that say restarting a windows service?
Ian "Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c om> wrote
in message news:eK******** ******@TK2MSFTN GP10.phx.gbl... Ian,
Absolutely. How secure would an OS be if anyone could impersonate anyone else? =)
-- - Nicholas Paldino [.NET/C# MVP] - mv*@spam.guard. caspershouse.co m
"Ian Frawley" <ch****@away.co m> wrote in message news:92******** ****@news-1.opaltelecom.n et... Does the WindowsIdentity class require the current user to have these rights?
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c om>
wrote in message news:%2******** ********@TK2MSF TNGP09.phx.gbl. .. > Ian, > > This might be a foolish question, but does the user account on
the> machine you are running the code on have rights to impersonate a user on the > other machine? My guess is that it doesn't. > > -- > - Nicholas Paldino [.NET/C# MVP] > - mv*@spam.guard. caspershouse.co m > > "Ian Frawley" <ch****@away.co m> wrote in message > news:QK******** ****@news-1.opaltelecom.n et... > Anyone used the WindowsIdentity class with success? I find if I try
to> change the current identity to one that exists on another machine and > then > try to perform and action on that machine i.e. restart a service or list the > available processes I keep getting access denied exceptions. Here is
an> example of my code: > > [DllImport("adva pi32.dll", SetLastError=tr ue)] > public extern static bool LogonUser(Strin g lpszUsername, String > lpszDomain, > String lpszPassword, int dwLogonType, > int dwLogonProvider , ref IntPtr phToken); > [STAThread] > static void Main(string[] args) > { > IntPtr UserToken = new IntPtr(0); > //int UserToken; > bool loggedOn; > try > { > loggedOn = LogonUser( > "Administrator" , > Dns.GetHostName (), > "",3,0, ref UserToken); > } > catch(Exception ex) > { > throw ex; > } > > if(loggedOn) > { > WindowsIdentity SystemMonitorUs er = new
WindowsIdentity (UserToken);> WindowsImperson ationContext ImpersonatedUse r = > SystemMonitorUs er.Impersonate( ); > Console.WriteLi ne(SystemMonito rUser.Name); > > try > { > Process[] _process; > > _process = Process.GetProc esses("192.168. 6.236"); > foreach (Process p in _process) > { > Console.WriteLi ne(p.ProcessNam e.ToString()); > } > } > catch (Exception ex) > { > Console.WriteLi ne(ex.Message); > throw ex; > } > ImpersonatedUse r.Undo(); > } > } > Ian > > -- > "Life should NOT be a journey to the grave > with the intention of arriving safely in an > attractive and well preserved body, > but rather to skid in sideways, > chocolate in one hand, beer in the other, > body thoroughly used up, > totally worn out and screaming > WOO HOO what a ride!" > >
Where does the impersonate user right live?
Ian
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c om> wrote in
message news:eK******** ******@TK2MSFTN GP10.phx.gbl... Ian,
Absolutely. How secure would an OS be if anyone could impersonate anyone else? =)
-- - Nicholas Paldino [.NET/C# MVP] - mv*@spam.guard. caspershouse.co m
"Ian Frawley" <ch****@away.co m> wrote in message news:92******** ****@news-1.opaltelecom.n et... Does the WindowsIdentity class require the current user to have these rights?
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c om> wrote in message news:%2******** ********@TK2MSF TNGP09.phx.gbl. .. Ian,
This might be a foolish question, but does the user account on the machine you are running the code on have rights to impersonate a user
on the other machine? My guess is that it doesn't.
-- - Nicholas Paldino [.NET/C# MVP] - mv*@spam.guard. caspershouse.co m
"Ian Frawley" <ch****@away.co m> wrote in message news:QK******** ****@news-1.opaltelecom.n et... Anyone used the WindowsIdentity class with success? I find if I try to change the current identity to one that exists on another machine and then try to perform and action on that machine i.e. restart a service or
list the available processes I keep getting access denied exceptions. Here is an example of my code:
[DllImport("adva pi32.dll", SetLastError=tr ue)] public extern static bool LogonUser(Strin g lpszUsername, String lpszDomain, String lpszPassword, int dwLogonType, int dwLogonProvider , ref IntPtr phToken); [STAThread] static void Main(string[] args) { IntPtr UserToken = new IntPtr(0); //int UserToken; bool loggedOn; try { loggedOn = LogonUser( "Administrator" , Dns.GetHostName (), "",3,0, ref UserToken); } catch(Exception ex) { throw ex; }
if(loggedOn) { WindowsIdentity SystemMonitorUs er = new WindowsIdentity (UserToken); WindowsImperson ationContext ImpersonatedUse r = SystemMonitorUs er.Impersonate( ); Console.WriteLi ne(SystemMonito rUser.Name);
try { Process[] _process;
_process = Process.GetProc esses("192.168. 6.236"); foreach (Process p in _process) { Console.WriteLi ne(p.ProcessNam e.ToString()); } } catch (Exception ex) { Console.WriteLi ne(ex.Message); throw ex; } ImpersonatedUse r.Undo(); } } Ian
-- "Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, beer in the other, body thoroughly used up, totally worn out and screaming WOO HOO what a ride!"
Ian,
If you are running code on one machine, you aren't creating the
impersonation on the other machine. You are creating an impersonation on
the local machine. If you are in a workgroup, then you aren't going to be
able to impersonate that user on the other machine (I believe) because the
users are actually different.
Rather, you have to impersonate a user on the local machine, and then
try to perform an operation on the other machine (in workgroup mode, the way
it works is that you have to have two accounts with the same login name and
password which match).
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
"Ian Frawley" <ch****@away.co m> wrote in message
news:Tv******** ****@news-1.opaltelecom.n et... Hi
I might be sounding a bit thick but if the user creating the impersonation on the remote machine had the rights to do this then why would it need to impersonate at all? Or is the impersonate user rights actually lower that say restarting a windows service?
Ian "Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c om> wrote in message news:eK******** ******@TK2MSFTN GP10.phx.gbl... Ian,
Absolutely. How secure would an OS be if anyone could impersonate anyone else? =)
-- - Nicholas Paldino [.NET/C# MVP] - mv*@spam.guard. caspershouse.co m
"Ian Frawley" <ch****@away.co m> wrote in message news:92******** ****@news-1.opaltelecom.n et... > Does the WindowsIdentity class require the current user to have these > rights? > > > "Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c om> > wrote > in > message news:%2******** ********@TK2MSF TNGP09.phx.gbl. .. >> Ian, >> >> This might be a foolish question, but does the user account on the >> machine you are running the code on have rights to impersonate a user on > the >> other machine? My guess is that it doesn't. >> >> -- >> - Nicholas Paldino [.NET/C# MVP] >> - mv*@spam.guard. caspershouse.co m >> >> "Ian Frawley" <ch****@away.co m> wrote in message >> news:QK******** ****@news-1.opaltelecom.n et... >> Anyone used the WindowsIdentity class with success? I find if I try to >> change the current identity to one that exists on another machine and >> then >> try to perform and action on that machine i.e. restart a service or list > the >> available processes I keep getting access denied exceptions. Here is >> an >> example of my code: >> >> [DllImport("adva pi32.dll", SetLastError=tr ue)] >> public extern static bool LogonUser(Strin g lpszUsername, String >> lpszDomain, >> String lpszPassword, int dwLogonType, >> int dwLogonProvider , ref IntPtr phToken); >> [STAThread] >> static void Main(string[] args) >> { >> IntPtr UserToken = new IntPtr(0); >> //int UserToken; >> bool loggedOn; >> try >> { >> loggedOn = LogonUser( >> "Administrator" , >> Dns.GetHostName (), >> "",3,0, ref UserToken); >> } >> catch(Exception ex) >> { >> throw ex; >> } >> >> if(loggedOn) >> { >> WindowsIdentity SystemMonitorUs er = new >> WindowsIdentity (UserToken); >> WindowsImperson ationContext ImpersonatedUse r = >> SystemMonitorUs er.Impersonate( ); >> Console.WriteLi ne(SystemMonito rUser.Name); >> >> try >> { >> Process[] _process; >> >> _process = Process.GetProc esses("192.168. 6.236"); >> foreach (Process p in _process) >> { >> Console.WriteLi ne(p.ProcessNam e.ToString()); >> } >> } >> catch (Exception ex) >> { >> Console.WriteLi ne(ex.Message); >> throw ex; >> } >> ImpersonatedUse r.Undo(); >> } >> } >> Ian >> >> -- >> "Life should NOT be a journey to the grave >> with the intention of arriving safely in an >> attractive and well preserved body, >> but rather to skid in sideways, >> chocolate in one hand, beer in the other, >> body thoroughly used up, >> totally worn out and screaming >> WOO HOO what a ride!" >> >> > >
Nicholas,
That is infact what I have been doing but I have also been changing the
domain name in the call
public extern static bool LogonUser(Strin g lpszUsername, String lpszDomain,
String lpszPassword, int dwLogonType, int dwLogonProvider , ref IntPtr
phToken);
and I have even tried imbedding it twice i.e. impersonating a high priv user
locally and then trying to impersonate that user onto the remote box, which
is where the account is also set up but this has been to no avail.
Think I will try some more tomorrow as I have now finished for the day.
Ian
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c om> wrote in
message news:uo******** *****@TK2MSFTNG P14.phx.gbl... Ian,
If you are running code on one machine, you aren't creating the impersonation on the other machine. You are creating an impersonation on the local machine. If you are in a workgroup, then you aren't going to be able to impersonate that user on the other machine (I believe) because the users are actually different.
Rather, you have to impersonate a user on the local machine, and then try to perform an operation on the other machine (in workgroup mode, the
way it works is that you have to have two accounts with the same login name
and password which match).
-- - Nicholas Paldino [.NET/C# MVP] - mv*@spam.guard. caspershouse.co m "Ian Frawley" <ch****@away.co m> wrote in message news:Tv******** ****@news-1.opaltelecom.n et... Hi
I might be sounding a bit thick but if the user creating the
impersonation on the remote machine had the rights to do this then why would it need
to impersonate at all? Or is the impersonate user rights actually lower
that say restarting a windows service?
Ian "Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c om> wrote in message news:eK******** ******@TK2MSFTN GP10.phx.gbl... Ian,
Absolutely. How secure would an OS be if anyone could impersonate anyone else? =)
-- - Nicholas Paldino [.NET/C# MVP] - mv*@spam.guard. caspershouse.co m
"Ian Frawley" <ch****@away.co m> wrote in message news:92******** ****@news-1.opaltelecom.n et... > Does the WindowsIdentity class require the current user to have these > rights? > > > "Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c om> > wrote > in > message news:%2******** ********@TK2MSF TNGP09.phx.gbl. .. >> Ian, >> >> This might be a foolish question, but does the user account on
the >> machine you are running the code on have rights to impersonate a
user on > the >> other machine? My guess is that it doesn't. >> >> -- >> - Nicholas Paldino [.NET/C# MVP] >> - mv*@spam.guard. caspershouse.co m >> >> "Ian Frawley" <ch****@away.co m> wrote in message >> news:QK******** ****@news-1.opaltelecom.n et... >> Anyone used the WindowsIdentity class with success? I find if I try
to >> change the current identity to one that exists on another machine
and >> then >> try to perform and action on that machine i.e. restart a service or list > the >> available processes I keep getting access denied exceptions. Here is >> an >> example of my code: >> >> [DllImport("adva pi32.dll", SetLastError=tr ue)] >> public extern static bool LogonUser(Strin g lpszUsername, String >> lpszDomain, >> String lpszPassword, int dwLogonType, >> int dwLogonProvider , ref IntPtr phToken); >> [STAThread] >> static void Main(string[] args) >> { >> IntPtr UserToken = new IntPtr(0); >> //int UserToken; >> bool loggedOn; >> try >> { >> loggedOn = LogonUser( >> "Administrator" , >> Dns.GetHostName (), >> "",3,0, ref UserToken); >> } >> catch(Exception ex) >> { >> throw ex; >> } >> >> if(loggedOn) >> { >> WindowsIdentity SystemMonitorUs er = new >> WindowsIdentity (UserToken); >> WindowsImperson ationContext ImpersonatedUse r = >> SystemMonitorUs er.Impersonate( ); >> Console.WriteLi ne(SystemMonito rUser.Name); >> >> try >> { >> Process[] _process; >> >> _process = Process.GetProc esses("192.168. 6.236"); >> foreach (Process p in _process) >> { >> Console.WriteLi ne(p.ProcessNam e.ToString()); >> } >> } >> catch (Exception ex) >> { >> Console.WriteLi ne(ex.Message); >> throw ex; >> } >> ImpersonatedUse r.Undo(); >> } >> } >> Ian >> >> -- >> "Life should NOT be a journey to the grave >> with the intention of arriving safely in an >> attractive and well preserved body, >> but rather to skid in sideways, >> chocolate in one hand, beer in the other, >> body thoroughly used up, >> totally worn out and screaming >> WOO HOO what a ride!" >> >> > >
Not sure what you want to achieve here, you are impersonating a "local" administrator account using a NETWORK logontype(LOGON 32_LOGON_NETWOR K = 3) to access remote resources, this will never work please consult the platform sdk docs for details on LogonUser.
Here's how you should proceed:
1. Call LogonUser specifying LOGON32_LOGON_N ETWORK_CLEARTEX T (8) or LOGON32_LOGON_N EW_CREDENTIALS (9) as logontype AND the impersonating account's credentials need to match the remote account, or
2. (better)Imperso nate a remote account using LOGON32_LOGON_N EW_CREDENTIALS (9) as logontype.
Remarks: 1.not sure this works with an empty password, which is a BAD idea anyway for an administrator account.
2. Calling LogonUser is in general a bad thing to do, you better use System.Manageme nt classes and WMI to access remote servers process info and performance counters.
Willy.
"Ian Frawley" <ch****@away.co m> wrote in message news:QK******** ****@news-1.opaltelecom.n et...
Anyone used the WindowsIdentity class with success? I find if I try to change the current identity to one that exists on another machine and then try to perform and action on that machine i.e. restart a service or list the available processes I keep getting access denied exceptions. Here is an example of my code:
[DllImport("adva pi32.dll", SetLastError=tr ue)]
public extern static bool LogonUser(Strin g lpszUsername, String lpszDomain,
String lpszPassword, int dwLogonType,
int dwLogonProvider , ref IntPtr phToken);
[STAThread]
static void Main(string[] args)
{
IntPtr UserToken = new IntPtr(0);
//int UserToken;
bool loggedOn;
try
{
loggedOn = LogonUser(
"Administrator" ,
Dns.GetHostName (),
"",3,0, ref UserToken);
}
catch(Exception ex)
{
throw ex;
}
if(loggedOn)
{
WindowsIdentity SystemMonitorUs er = new WindowsIdentity (UserToken);
WindowsImperson ationContext ImpersonatedUse r = SystemMonitorUs er.Impersonate( );
Console.WriteLi ne(SystemMonito rUser.Name);
try
{
Process[] _process;
_process = Process.GetProc esses("192.168. 6.236");
foreach (Process p in _process)
{
Console.WriteLi ne(p.ProcessNam e.ToString());
}
}
catch (Exception ex)
{
Console.WriteLi ne(ex.Message);
throw ex;
}
ImpersonatedUse r.Undo();
}
}
Ian
--
"Life should NOT be a journey to the grave
with the intention of arriving safely in an
attractive and well preserved body,
but rather to skid in sideways,
chocolate in one hand, beer in the other,
body thoroughly used up,
totally worn out and screaming
WOO HOO what a ride!" This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: moemeelaung |
last post by:
Hi ASP/Windows experts out there
I really need help with this Impersonate function.
I have machine A and B. A hosts my ASP page which is to create a user
account on the machine B. The machine are not on Domain and not in AD
environment.
I userstand the the web page from A is to create a user account on B
should use Impersonate function to log in as the user from the machine
|
by: Angelo Castigliola III |
last post by:
I am trying to write to the registry of a remote computer that is not on a
domain from a computer that is on a domain. I am trying to impersonate an
administrator account that is on this remote computer that is not on a
domain from my computer that is on a domain with this msdn example:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/frlrfSystemSecurityPrincipalWindowsIdentityClassImpersonateTopic1.asp
I can...
|
by: BLiTZWiNG |
last post by:
After playing with the code shown and utilising Willy Denyottes' help, I have
come to the conclusion that there is some form of difference between the
managed WindowsIdentity.Impersonate() over the unmanaged
ImpersonateLoggedOnUser().
Below is my code showing a file copy to a remote computer's shared folder
using both WindowsImpersonationContext and
ImpersonateLoggedOnUser/RevertToSelf, with the latter currently commented out.
The...
|
by: Divya |
last post by:
Hello,
I am developing a simple move file utility to move files from one domain to
another in the same internal network. My program runs fine when it reads the
parameters (user, domain, password etc) from a XML file to move files across
the internal network to a different domain. This is a console application
that should have the option of specifying the parameters at the commandline
prompt. When I specify the parameters at cmd line, it...
|
by: Erez Shor |
last post by:
Hi,
I need to build and asp page which access a remote windows server's
registry and create a registry key.
In order for the ASP page to be able to access the registry on the
remote server I need it to run using credentials supplied by the user.
When using basic authentication this is not an issue since the user
has to provide a user name and password.
But I don't want to use basic authentication so I created a login form
and I am using...
| |
by: Svein Terje Gaup |
last post by:
I have a website running on Windows 2000 Server, that should be able to
retrieve data from a datawarehouse on another machine running Windows 2000
Server, SQL Server 2000 and SQL Server 2000 Analysis Services. It seems
impossible to make the impersonation work. Every path I try seems to be
blocked.
Path number one: set <identity impersonate=false/> in web.config
OK. The Website is up, but it cannot access the datawarehouse because the...
|
by: Sorin Sandu |
last post by:
How can I override Identity Impersonate setting from machine.config on a
site on the same server ?
I am using impersonate on most web sites but on one I need to use Windows
Identity.
|
by: rockdale |
last post by:
Hi, all:
My asp.net application calles MS speech 5.1 and generate a wav file on
server's path. Everything runs perfectly on my development machine. But
when I move the appl to production server, I always get ERROR: Access
is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)).
First I thought its the permission problem, so I set permission of that
directory to everyone (not an secure idea, but for test only). I found
out that...
|
by: =?Utf-8?B?QXZhRGV2?= |
last post by:
ASP.Net 2.
We are migrating to Windows 2008 64 bit Server with IIS 7 from Windows 2003
32 Bit with IIS 6. A few library classes we wrote uses impersonation in code
like explained in this article:
http://support.microsoft.com/?id=306158#4
This doesn't work in Windows 2008 Server, we receive the following exception:
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |