Impersonation - C# / C Sharp

Ripa Horatiu

Does anyone knows how can I impersonate to another user (basically Administrator) for a piece of my code? I've tried the samples provided by MS but they didn't worked.

--
Horatiu Ripa

Nov 15 '05 #1

Subscribe Reply

9993

Ripa Horatiu

???????????????????????????

I'm doing the impersonation because I don't have rights enough to perform
some tasks. The impersonation is the ability to run threads/processes in a
different security context than the main one. Meaning switching to another
identity (account) for a while with higher (and even if it doesn't have any
sense, lower) privileges.
I'm using XML services and I need to promote to "Administrator" the security
context that a piece of code runs into, to be able to access resources not
accessible with ASPNET account. The sample that microsoft has on its page
does not work, it always throws an error (ret!=0), here's the code:

using System;
using System.Runtime.InteropServices;
using System.Security.Principal;
using System.Security.Permissions;

[assembly:SecurityPermissionAttribute(SecurityActio n.RequestMinimum,
UnmanagedCode=true)]
public class Class1
{
[DllImport("C:\\WINNT\\System32\\advapi32.dll")]
public static extern bool LogonUser(String lpszUsername, String
lpszDomain, String lpszPassword,
int dwLogonType, int dwLogonProvider, out int phToken);

[DllImport("C:\\WINNT\\System32\\Kernel32.dll")]
public static extern int GetLastError();

public static void Main(string[] args)
{
// The Windows NT user token.
int token1;

// Get the user token for the specified user, machine, and password
using the unmanaged LogonUser method.

bool loggedOn = LogonUser(
// User name.
"bob",

// Computer name.
"AARDVARK",

// Password.
"coffee",

// Logon type = LOGON32_LOGON_NETWORK_CLEARTEXT.
3,

// Logon provider = LOGON32_PROVIDER_DEFAULT.
0,

// The user token for the specified user is returned here.
out token1);

Console.WriteLine("LogonUser called");

// Call GetLastError to try to determine why logon failed if it did
not succeed.
int ret = GetLastError();

Console.WriteLine("LogonUser Success? " + loggedOn);
Console.WriteLine("NT Token Value: " + token1);
if (ret != 0) Console.WriteLine("Error code (126 == \"Specified module
could not be found\"): " + ret);

//Starting impersonation here:
Console.WriteLine("\n\nBefore impersonation:\n");
WindowsIdentity mWI1 = WindowsIdentity.GetCurrent();
Console.WriteLine(mWI1.Name);
Console.WriteLine(mWI1.Token);

IntPtr token2 = new IntPtr(token1);

Console.WriteLine("\n\nNew identity created:\n");
WindowsIdentity mWI2 = new WindowsIdentity(token2);
Console.WriteLine(mWI2.Name);
Console.WriteLine(mWI2.Token);

// Impersonate the user.
WindowsImpersonationContext mWIC = mWI2.Impersonate();

Console.WriteLine("\n\nAfter impersonation:\n");
WindowsIdentity mWI3 = WindowsIdentity.GetCurrent();
Console.WriteLine(mWI3.Name);
Console.WriteLine(mWI3.Token);

// Revert to previous identity.
mWIC.Undo();

Console.WriteLine("\n\nAfter impersonation is reverted:\n");
WindowsIdentity mWI4 = WindowsIdentity.GetCurrent();
Console.WriteLine(mWI4.Name);
Console.WriteLine(mWI4.Token);
}
}

--
Horatiu Ripa
Software Development Manager
Business Logic Systems LTD
6-8 Motilor str., 6th floor, 3400 Cluj-Napoca, Romania
Phone: +40 64 438144 Fax: +40 64 438144
Web: www.businesslogic.co.uk

This email (email message and any attachments) is strictly confidential,
possibly privileged and is intended solely for the person or organization to
whom it is addressed. If you are not the intended recipient, you must not
copy, distribute or take any action in reliance on it. If you have received
this email in error, please inform the sender immediately before deleting
it. Business Logic Systems Ltd accepts no responsibility for any advice,
opinion, conclusion or other information contained in this email or arising
from its disclosure.
"Nicholas Paldino [.NET/C# MVP]" <ni**************@exisconsulting.com> wrote
in message news:OA**************@TK2MSFTNGP09.phx.gbl...

Horatiu,

Can you show the code? Also, are you using ASP.NET? The account that
is doing the impersonation has to have the correct permissions in order to
impersonate another user and the ASPNET account does not have them (I think) by default.

Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- ni**************@exisconsulting.com
"Ripa Horatiu" <ho**********@blabla.ro> wrote in message
news:ON**************@TK2MSFTNGP10.phx.gbl...
Does anyone knows how can I impersonate to another user (basically
Administrator) for a piece of my code? I've tried the samples provided by MS but they didn't worked.

--
Horatiu Ripa

Nov 15 '05 #2

Similar topics

5146

Impersonation and UNC shares in a windows service

by: Chris | last post by:

Hello all, Here is my problem. I have a windows service (C#) that is supposed to move files from/to the local drive to/from a UNC share (\\domainserver\share). The service is running on a Win3k...

.NET Framework

2543

Issue with ASP.NET client, COM Interop, and Identity impersonation

by: Anil Krishnamurthy | last post by:

We have an ASP.NET application that uses COM objects through Interop. The web application requires access to network and database resources and hence, needs to impersonate a domain account. The...

.NET Framework

3944

Impersonation failure with Index Server and Forms Authentication with Active Directory

by: techfuzz | last post by:

I'm posting my problem experience and solution I found here for other ASP.NET developers. I have a web application that uses Forms Authentication with Active Directory to control access. In...

ASP.NET

6495

Machine.Config -- ProcessModel vs Identity Impersonation

by: Wm. Scott Miller | last post by:

What is the difference between using a username and password in the processmodel section vs using one in impersonation in the machine.config file? What are the advantages of each and what are the...

ASP.NET

2822

Impersonation causes a server error

by: Phil | last post by:

Hi, I've currently setup a local user as described in: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnne...

C# / C Sharp

1870

Threading & Impersonation

by: Patrick | last post by:

I have an ASP.NET web service whose Web.Config is set to use impersonation <authentication mode="Windows" /> <identity impersonate="true" /> Within a Web Method, I want to use...

ASP.NET

1245

Impersonation Problem

by: velvet.graham | last post by:

I'm having a difficult time with impersonation. I've created an impersonation class. Here is the code below: ******Impersonation Class Code********* Imports System Imports System.Web.Security...

ASP.NET

1525

interesting! cystal report dll and asp.net impersonation

by: zhuang | last post by:

Dear all, I found a very interesting thing about viewing crystal report (located on network drive) with asp.net application. To do the impersonation, modify web.config does not work, you have...

ASP.NET

2652

Impersonation and Performance

by: =?Utf-8?B?S2l0dHlIYXdr?= | last post by:

I am in the process of migrating an II6 environment from a single server to a network load balanced system. Thus, I am using a virtual directory on a UNC share to house the dynamic data that the...

ASP.NET

7242

What is ONU?

by: marktang | last post by:

ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...

General

7138

Changing the language in Windows 10

by: Hystou | last post by:

Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...

Windows Server

7355

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...

C / C++

7423

Maximizing Business Potential: The Nexus of Website Design and Digital Marketing

by: jinu1996 | last post by:

In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...

Online Marketing

5066

Access Europe - Using VBA to create a class based on a table - Wed 1 May

by: isladogs | last post by:

The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...

Microsoft Access / VBA

4737

Couldn’t get equations in html when convert word .docx file to html file in C#.

by: conductexam | last post by:

I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...

C# / C Sharp

3225

Trying to create a lan-to-lan vpn between two differents networks

by: TSSRALBI | last post by:

Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The...

Networking - Hardware / Configuration

3213

Windows Forms - .Net 8.0

by: adsilva | last post by:

A Windows Forms form does not have the event Unload, like VB6. What one acts like?

Visual Basic .NET

781

How to add payments to a PHP MySQL app.

by: muto222 | last post by:

How can i add a mobile payment intergratation into php mysql website.

PHP