I am trying to design a windows forms application (not asp.net) in C#,
and need to know if the following scenario is possible :
Once my application is running I need to be able to impersonate another
user account which will have access to a network drive that the current
user account does not have access to. Is it possible to impersonate the
required user account and map to the drive in code, enabling the current
user to view the required files?
I need to do this so that users can only view/alter files from my
application. All the files will only be accessible via a user account
(which only the admin will know), thus stopping tampering with the files
except via the application.
Can anybody can tell me if this is possible, and if it is possible some
example code would be much appreciated.
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it! 5  1715 
Steve,
You could do this, using the WindowsIdentity class, and the Impersonate
method on that class. However, you would have to store the username and
password somewhere, and that is where it gets tricky. Unless you are
obfuscating your code, it will be easy enough to find out where you are
getting that username and password from.
Check the documentation for the Impersonate method to see how to
impersonate another user.
Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
"steve Sweales" <st***********@ t-mobile.co.uk> wrote in message
news:%2******** ********@TK2MSF TNGP09.phx.gbl. .. I am trying to design a windows forms application (not asp.net) in C#,
and need to know if the following scenario is possible :
Once my application is running I need to be able to impersonate another
user account which will have access to a network drive that the current
user account does not have access to. Is it possible to impersonate the
required user account and map to the drive in code, enabling the current
user to view the required files?
I need to do this so that users can only view/alter files from my
application. All the files will only be accessible via a user account
(which only the admin will know), thus stopping tampering with the files
except via the application.
Can anybody can tell me if this is possible, and if it is possible some
example code would be much appreciated.
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Even though the following article says 'asp.net' in the title, it is actually
applicable to what you want to do (impersonate a specific user). http://support.microsoft.com/kb/306158
Specifically see the section "Impersonat e a Specific User in Code", which
uses PInvokes some logon functions. There are some uphill battles to fight,
however. Like deciding where to store a username and password.
As an alternative, perhaps you could detect if the file has been tampered
by having the application stamp the file with a crytographic hash?
--
Scott http://www.OdeToCode.com/blogs/scott/ I am trying to design a windows forms application (not asp.net) in C#,
and need to know if the following scenario is possible :
Once my application is running I need to be able to impersonate
another user account which will have access to a network drive that
the current user account does not have access to. Is it possible to
impersonate the required user account and map to the drive in code,
enabling the current user to view the required files?
I need to do this so that users can only view/alter files from my
application. All the files will only be accessible via a user account
(which only the admin will know), thus stopping tampering with the
files except via the application.
Can anybody can tell me if this is possible, and if it is possible
some example code would be much appreciated.
*** Sent via Developersdex http://www.developersdex.com *** Don't just
participate in USENET...get rewarded for it!
"steve Sweales" <st***********@ t-mobile.co.uk> wrote in message
news:%2******** ********@TK2MSF TNGP09.phx.gbl. .. I am trying to design a windows forms application (not asp.net) in C#,
and need to know if the following scenario is possible :
Once my application is running I need to be able to impersonate another
user account which will have access to a network drive that the current
user account does not have access to. Is it possible to impersonate the
required user account and map to the drive in code, enabling the current
user to view the required files?
I need to do this so that users can only view/alter files from my
application. All the files will only be accessible via a user account
(which only the admin will know), thus stopping tampering with the files
except via the application.
Can anybody can tell me if this is possible, and if it is possible some
example code would be much appreciated.
If you are running this in Windows XP I suggest you run the remote file
access code from a EnterpriseServi ces server type application (COM+).
So you'll have something like this:
1. Your windows forms application running as an interactive user having NO
access to the file share data.
2. A ES (COM+ server type) application running with fixed credentials and
appropriate permissions set for both launch and component access, this
application runs the code to access to the file share data.
3. As a bonus you can apply role based security at the ES application so you
can further restrict access based on finer grained usage/access rules.
Note: There is no need to map the share, use UNC paths to access the remote
files.
Willy.
Thanks for the feedback.
I have managed to impersonate a user (still haven't given any thought on
where to store the username & password yet) but have run into a problem.
Although I have managed to impersonate a user, I am unable to access the
folder on a server that the user should have access to. Does the fact
that our network uses Novell have any bearing on this? For me to map to
the folder, I am required to authenticate via Novell.
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
See inline ***
Willy.
"steve Sweales" <st***********@ t-mobile.co.uk> wrote in message
news:%2******** **********@TK2M SFTNGP15.phx.gb l... Thanks for the feedback.
I have managed to impersonate a user (still haven't given any thought on
where to store the username & password yet) but have run into a problem.
*** What problem exactly, and how are you impersonating?
Please post some code.
Although I have managed to impersonate a user, I am unable to access the
folder on a server that the user should have access to. Does the fact
that our network uses Novell have any bearing on this? For me to map to
the folder, I am required to authenticate via Novell.
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it! This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Stephane Belzile |
last post by:
Hi,
I've seen a lot of people having that same problem trying to
instantiate a word.application com object from an asp.net application.
I have built a WEB application that is used to manage the creation of
an annual report from 75 different word documents. I'm using word
automation to activate the Revison Tracking flag when I send a word
document to someone. I had the Access denied error message and I have
been able to get rid of it...
|
by: CyberDigger |
last post by:
I have two computers, client and server. The client is running Windows 2000
Professional and is in a workgroup, say "MyWorkgroup". The server is running
Windows Server 2003 Standard Edition and is in a domain, say "MyDomain".
What I need is to logon to the client as some generic local administrator
user and then access resources (e.g. share folder, SQL Server using Windows
Authentication, etc.) on the server.
Here is what I did:
I...
|
by: Anil Krishnamurthy |
last post by:
We have an ASP.NET application that uses COM objects through Interop. The
web application requires access to network and database resources and hence,
needs to impersonate a domain account. The problem is that even when it is
configured to run under a certain identity through Web.config, the
impersonation is not carried through to COM library. Consequently, the code
in COM object runs under a local account and any code that needs to access...
|
by: Eric Veltman |
last post by:
Hello everyone,
Till now, I've always used IIS integrated authentication
and impersonation, such that the ASP.NET code on the server
is executed with the permissions of the user who is sitting
behind the web browser.
Now I am wondering if it's also possible to use
|
by: Bonj |
last post by:
Hi
I made a naff web application which uses the impersonation method in MSDN
(can't find it now, but it basically revolves around creating a token by
calling the LogonUser API, calling DuplicateToken API on it, and then calling
w.Impersonate() where w is a System.Security.Principal.WindowsIdentity
object). This is the only real point of the said web application if I'm
brutally honest with myself ;-) however it leaves me curious, as does...
| | |
by: Patrick |
last post by:
I set my web.config as follows:
<authentication mode="Windows" />
<identity impersonate="true" />
Logon to my ASP.NET website as a user who can authenticate to the target
database.
1) Works fine on my local PC running IIS5.1 on WinXP Pro SP1
2) does not work on IIS6.0 on Windows 2003 server:
System.Data.SqlClient.SqlException: Login failed for user '(null)'. Reason:
|
by: Jim Heavey |
last post by:
Hello, I have been taking a swing at learning how I can use Impersonation via
code and I am getting back an error code of 1314. By searching the internet,
I have come to believe that this error means the account it invalid.
If I use my ID and password, the code works fine, so I am guessing it is not
the code.
I requested this "special" account from the network folks and have been
using it for submitting batch Console applications from my...
|
by: h |
last post by:
Hello,
I am still struggling with impersonation in vb.net. I have a service that
logs on to exchange but I get different results when using the "log on as"
feature on the service as opposed to the impersonation routine. I am very
curious about how that is possible. It should yield the same results
Has anyone else used impersonation in a vb.net service?
The routine i am using is from an article on msdn (if i recall correctly)
|
by: Phil |
last post by:
Hi,
I've currently setup a local user as described in:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnne...
|
by: Daniel Knöpfel |
last post by:
Hello
On our asp.net 2.0 website we impersonate every request to the identity of
the user logged in. This works this way:
1. user logs in, providing username, password
2. user is authenticated against an active directory and the windows
identity is retrieved (and stored in the session!!)
3. user is impersonated using the windows identity (thread is now
running under the identity of the user)
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| | |
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
| | |
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
