Hi,
I'm having to hack (because I don’t know c# very well) together a migration
application for my company for use with migrating to active directory. (using
VS2005/.NET 2.0)
The goal is to write an application that will run under administrative
credentials to copy their old profile “My documents, favorites, desktop, and
default printer” to their new AD profile.
The application is complete except for the impersonation. Independently,
the two methods work great.. However, in order to load the registry hive (to
get their old default printer), I have to get the token for the current
process and adjust the privileges. I’ve been banging my head now for two
days and just can’t seem to figure out where I’m overlapped. The two just
will not work together. If I impersonate, I don’t get my hive information,
if I get my hive information, I don’t get my impersonation. I’ve verified
that the sudo credentials are the same as my personal administrative
credentials right down to system policies (Act as part of the OS, etc…). I’m
certain it’s related to the tokens
The return from the RegLoadKey is: 1314
Can anyone provide me any insight please?
Thank you very much…
Code ---
#### Impersonation (called after InitializeComponent)#######
//Get token and impersonate user!
IntPtr tokenHandle = new IntPtr(0);
IntPtr dupeTokenHandle = new IntPtr(0);
const int LOGON32_PROVIDER_DEFAULT = 0;
const int LOGON32_LOGON_INTERACTIVE = 2;
const int SecurityImpersonation = 2;
tokenHandle = IntPtr.Zero;
dupeTokenHandle = IntPtr.Zero;
bool returnValue = LogonUser(DomainuserName, domainName, userPass,
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref tokenHandle);
bool retVal = DuplicateToken(tokenHandle, SecurityImpersonation, ref
dupeTokenHandle);
WindowsIdentity newId = new WindowsIdentity(dupeTokenHandle);
WindowsImpersonationContext impersonatedUser = newId.Impersonate();
//Impersonation complete, don't forget to undo personating!
#### RegLoadKey (called with “migrate” button) #######
int token = 0;
int retval = 0;
TOKEN_PRIVILEGES TP = new TOKEN_PRIVILEGES();
TOKEN_PRIVILEGES TP2 = new TOKEN_PRIVILEGES();
LUID RestoreLuid = new LUID();
LUID BackupLuid = new LUID();
retval = OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES |
TOKEN_QUERY, ref token);
retval = LookupPrivilegeValue(null, SE_RESTORE_NAME, ref RestoreLuid);
retval = LookupPrivilegeValue(null, SE_BACKUP_NAME, ref BackupLuid);
TP.PrivilegeCount = 1;
TP.Attributes = SE_PRIVILEGE_ENABLED;
TP.Luid = RestoreLuid;
TP2.PrivilegeCount = 1;
TP2.Attributes = SE_PRIVILEGE_ENABLED;
TP2.Luid = BackupLuid;
retval = AdjustTokenPrivileges(token, 0, ref TP, 1024, 0, 0);
retval = AdjustTokenPrivileges(token, 0, ref TP2, 1024, 0, 0);
// Load the offline profile hive
int result = RegLoadKey(HKEY_USERS, "MIGRATION", strPath + @"\NTUSER.DAT");
RegistryKey dPrintKey = Registry.Users;
dPrintKey = dPrintKey.OpenSubKey(@"MIGRATION\Software\Microsof t\Windows
NT\CurrentVersion\Windows");
Object dPrinter = dPrintKey.GetValue("Device");
string retvalue = dPrinter.ToString();
dPrintKey.Close();
RegUnLoadKey(HKEY_USERS, "MIGRATION");
5  6915 
Bump please
"Ed McAndrew" wrote: Hi,
I'm having to hack (because I don’t know c# very well) together a migration
application for my company for use with migrating to active directory. (using
VS2005/.NET 2.0)
The goal is to write an application that will run under administrative
credentials to copy their old profile “My documents, favorites, desktop, and
default printer” to their new AD profile.
The application is complete except for the impersonation. Independently,
the two methods work great.. However, in order to load the registry hive (to
get their old default printer), I have to get the token for the current
process and adjust the privileges. I’ve been banging my head now for two
days and just can’t seem to figure out where I’m overlapped. The two just
will not work together. If I impersonate, I don’t get my hive information,
if I get my hive information, I don’t get my impersonation. I’ve verified
that the sudo credentials are the same as my personal administrative
credentials right down to system policies (Act as part of the OS, etc…). I’m
certain it’s related to the tokens
The return from the RegLoadKey is: 1314
Can anyone provide me any insight please?
Thank you very much…
Code ---
#### Impersonation (called after InitializeComponent)#######
//Get token and impersonate user!
IntPtr tokenHandle = new IntPtr(0);
IntPtr dupeTokenHandle = new IntPtr(0);
const int LOGON32_PROVIDER_DEFAULT = 0;
const int LOGON32_LOGON_INTERACTIVE = 2;
const int SecurityImpersonation = 2;
tokenHandle = IntPtr.Zero;
dupeTokenHandle = IntPtr.Zero;
bool returnValue = LogonUser(DomainuserName, domainName, userPass,
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref tokenHandle);
bool retVal = DuplicateToken(tokenHandle, SecurityImpersonation, ref
dupeTokenHandle);
WindowsIdentity newId = new WindowsIdentity(dupeTokenHandle);
WindowsImpersonationContext impersonatedUser = newId.Impersonate();
//Impersonation complete, don't forget to undo personating!
#### RegLoadKey (called with “migrate” button) #######
int token = 0;
int retval = 0;
TOKEN_PRIVILEGES TP = new TOKEN_PRIVILEGES();
TOKEN_PRIVILEGES TP2 = new TOKEN_PRIVILEGES();
LUID RestoreLuid = new LUID();
LUID BackupLuid = new LUID();
retval = OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES |
TOKEN_QUERY, ref token);
retval = LookupPrivilegeValue(null, SE_RESTORE_NAME, ref RestoreLuid);
retval = LookupPrivilegeValue(null, SE_BACKUP_NAME, ref BackupLuid);
TP.PrivilegeCount = 1;
TP.Attributes = SE_PRIVILEGE_ENABLED;
TP.Luid = RestoreLuid;
TP2.PrivilegeCount = 1;
TP2.Attributes = SE_PRIVILEGE_ENABLED;
TP2.Luid = BackupLuid;
retval = AdjustTokenPrivileges(token, 0, ref TP, 1024, 0, 0);
retval = AdjustTokenPrivileges(token, 0, ref TP2, 1024, 0, 0);
// Load the offline profile hive
int result = RegLoadKey(HKEY_USERS, "MIGRATION", strPath + @"\NTUSER.DAT");
RegistryKey dPrintKey = Registry.Users;
dPrintKey = dPrintKey.OpenSubKey(@"MIGRATION\Software\Microsof t\Windows
NT\CurrentVersion\Windows");
Object dPrinter = dPrintKey.GetValue("Device");
string retvalue = dPrinter.ToString();
dPrintKey.Close();
RegUnLoadKey(HKEY_USERS, "MIGRATION");
Ed McAndrew <Ed********@discussions.microsoft.com> wrote: The return from the RegLoadKey is: 1314
net helpmsg 1314 returns:
"A required privilege is not held by the client."
-- Barry
Thanks Barry,
I'm aware that it's a privlige issue. I'm certain that I need to adjust the
tokens privlige for the impersonation using "AdjustTokenPrivileges" (as in
the second sniplet of code), but am unsure of what "handle" I should adjust.
"Barry Kelly" wrote: Ed McAndrew <Ed********@discussions.microsoft.com> wrote:
The return from the RegLoadKey is: 1314
net helpmsg 1314 returns:
"A required privilege is not held by the client."
-- Barry
Bump please
"Ed McAndrew" wrote: Hi,
I'm having to hack (because I don’t know c# very well) together a migration
application for my company for use with migrating to active directory. (using
VS2005/.NET 2.0)
The goal is to write an application that will run under administrative
credentials to copy their old profile “My documents, favorites, desktop, and
default printer” to their new AD profile.
The application is complete except for the impersonation. Independently,
the two methods work great.. However, in order to load the registry hive (to
get their old default printer), I have to get the token for the current
process and adjust the privileges. I’ve been banging my head now for two
days and just can’t seem to figure out where I’m overlapped. The two just
will not work together. If I impersonate, I don’t get my hive information,
if I get my hive information, I don’t get my impersonation. I’ve verified
that the sudo credentials are the same as my personal administrative
credentials right down to system policies (Act as part of the OS, etc…). I’m
certain it’s related to the tokens
The return from the RegLoadKey is: 1314
Can anyone provide me any insight please?
Thank you very much…
Code ---
#### Impersonation (called after InitializeComponent)#######
//Get token and impersonate user!
IntPtr tokenHandle = new IntPtr(0);
IntPtr dupeTokenHandle = new IntPtr(0);
const int LOGON32_PROVIDER_DEFAULT = 0;
const int LOGON32_LOGON_INTERACTIVE = 2;
const int SecurityImpersonation = 2;
tokenHandle = IntPtr.Zero;
dupeTokenHandle = IntPtr.Zero;
bool returnValue = LogonUser(DomainuserName, domainName, userPass,
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref tokenHandle);
bool retVal = DuplicateToken(tokenHandle, SecurityImpersonation, ref
dupeTokenHandle);
WindowsIdentity newId = new WindowsIdentity(dupeTokenHandle);
WindowsImpersonationContext impersonatedUser = newId.Impersonate();
//Impersonation complete, don't forget to undo personating!
#### RegLoadKey (called with “migrate” button) #######
int token = 0;
int retval = 0;
TOKEN_PRIVILEGES TP = new TOKEN_PRIVILEGES();
TOKEN_PRIVILEGES TP2 = new TOKEN_PRIVILEGES();
LUID RestoreLuid = new LUID();
LUID BackupLuid = new LUID();
retval = OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES |
TOKEN_QUERY, ref token);
retval = LookupPrivilegeValue(null, SE_RESTORE_NAME, ref RestoreLuid);
retval = LookupPrivilegeValue(null, SE_BACKUP_NAME, ref BackupLuid);
TP.PrivilegeCount = 1;
TP.Attributes = SE_PRIVILEGE_ENABLED;
TP.Luid = RestoreLuid;
TP2.PrivilegeCount = 1;
TP2.Attributes = SE_PRIVILEGE_ENABLED;
TP2.Luid = BackupLuid;
retval = AdjustTokenPrivileges(token, 0, ref TP, 1024, 0, 0);
retval = AdjustTokenPrivileges(token, 0, ref TP2, 1024, 0, 0);
// Load the offline profile hive
int result = RegLoadKey(HKEY_USERS, "MIGRATION", strPath + @"\NTUSER.DAT");
RegistryKey dPrintKey = Registry.Users;
dPrintKey = dPrintKey.OpenSubKey(@"MIGRATION\Software\Microsof t\Windows
NT\CurrentVersion\Windows");
Object dPrinter = dPrintKey.GetValue("Device");
string retvalue = dPrinter.ToString();
dPrintKey.Close();
RegUnLoadKey(HKEY_USERS, "MIGRATION");
Does anybody have any idea(s)?
Sorry to nag... but I'm down to the wire and still have not figured it out
on my own.
Ed
"Ed McAndrew" wrote: Hi,
I'm having to hack (because I don’t know c# very well) together a migration
application for my company for use with migrating to active directory. (using
VS2005/.NET 2.0)
The goal is to write an application that will run under administrative
credentials to copy their old profile “My documents, favorites, desktop, and
default printer” to their new AD profile.
The application is complete except for the impersonation. Independently,
the two methods work great.. However, in order to load the registry hive (to
get their old default printer), I have to get the token for the current
process and adjust the privileges. I’ve been banging my head now for two
days and just can’t seem to figure out where I’m overlapped. The two just
will not work together. If I impersonate, I don’t get my hive information,
if I get my hive information, I don’t get my impersonation. I’ve verified
that the sudo credentials are the same as my personal administrative
credentials right down to system policies (Act as part of the OS, etc…). I’m
certain it’s related to the tokens
The return from the RegLoadKey is: 1314
Can anyone provide me any insight please?
Thank you very much…
Code ---
#### Impersonation (called after InitializeComponent)#######
//Get token and impersonate user!
IntPtr tokenHandle = new IntPtr(0);
IntPtr dupeTokenHandle = new IntPtr(0);
const int LOGON32_PROVIDER_DEFAULT = 0;
const int LOGON32_LOGON_INTERACTIVE = 2;
const int SecurityImpersonation = 2;
tokenHandle = IntPtr.Zero;
dupeTokenHandle = IntPtr.Zero;
bool returnValue = LogonUser(DomainuserName, domainName, userPass,
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref tokenHandle);
bool retVal = DuplicateToken(tokenHandle, SecurityImpersonation, ref
dupeTokenHandle);
WindowsIdentity newId = new WindowsIdentity(dupeTokenHandle);
WindowsImpersonationContext impersonatedUser = newId.Impersonate();
//Impersonation complete, don't forget to undo personating!
#### RegLoadKey (called with “migrate” button) #######
int token = 0;
int retval = 0;
TOKEN_PRIVILEGES TP = new TOKEN_PRIVILEGES();
TOKEN_PRIVILEGES TP2 = new TOKEN_PRIVILEGES();
LUID RestoreLuid = new LUID();
LUID BackupLuid = new LUID();
retval = OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES |
TOKEN_QUERY, ref token);
retval = LookupPrivilegeValue(null, SE_RESTORE_NAME, ref RestoreLuid);
retval = LookupPrivilegeValue(null, SE_BACKUP_NAME, ref BackupLuid);
TP.PrivilegeCount = 1;
TP.Attributes = SE_PRIVILEGE_ENABLED;
TP.Luid = RestoreLuid;
TP2.PrivilegeCount = 1;
TP2.Attributes = SE_PRIVILEGE_ENABLED;
TP2.Luid = BackupLuid;
retval = AdjustTokenPrivileges(token, 0, ref TP, 1024, 0, 0);
retval = AdjustTokenPrivileges(token, 0, ref TP2, 1024, 0, 0);
// Load the offline profile hive
int result = RegLoadKey(HKEY_USERS, "MIGRATION", strPath + @"\NTUSER.DAT");
RegistryKey dPrintKey = Registry.Users;
dPrintKey = dPrintKey.OpenSubKey(@"MIGRATION\Software\Microsof t\Windows
NT\CurrentVersion\Windows");
Object dPrinter = dPrintKey.GetValue("Device");
string retvalue = dPrinter.ToString();
dPrintKey.Close();
RegUnLoadKey(HKEY_USERS, "MIGRATION"); This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Mustafa Rabie |
last post by:
Hi,
I checked the sample application found on MSDN :
...
|
by: Markus Stehle |
last post by:
Hi all!
I have asp.net web application that uses static impersonation. Is it
possible to change the impersonated user during runtime? Within some parts
of my application I would like to...
|
by: Adrian Bezzina |
last post by:
Hi,
Does anyone know how to start a new thread in ASP.NET with the ASP.NET
impersonated user as i am getting permission errors when try to access the
file system, and when I don't use threading,...
|
by: Chris Simmons |
last post by:
I have an application where I am using impersonation. My development
workstation is XP. For development, things went smoothly. However
when deploying to the server, which is Windows Server 2003,...
|
by: stueyh |
last post by:
When attempting to connect to an Access 2000 DB using ADO.Net from within
ASP.Net running under an impersonated local user account receiving the
following error.
ERROR Disk or network
error....
|
by: Grant Holdom |
last post by:
Hi,
We are trying to kick off an executable from an asp.net page. We have
followed article 889251 "How to spawn a process that runs under the context
of the impersonated user in Microsoft...
|
by: Patrick |
last post by:
I have an ASP.NET web service whose Web.Config is set to use impersonation
<authentication mode="Windows" />
<identity impersonate="true" />
Within a Web Method, I want to use...
|
by: Rik Hemsley |
last post by:
Hi,
Our web application impersonates a domain user when it runs. Usually,
the printers visible to the application are the same as those visible to
the domain user.
At one installation, the...
|
by: =?Utf-8?B?Q0FJQmlyZA==?= |
last post by:
Hi,
I log in as a administrator, then compile and run the following code on a
computer:
#include "stdafx.h"
#include <windows.h>
int _tmain(int argc, _TCHAR* argv)
{
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development projectplanning, coding, testing,...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
| |
