"Yosh" <dp***@nospam.satx.rr.com> wrote in message
news:u4**************@TK2MSFTNGP14.phx.gbl...
How do you validate a user that is currently logged in against a Security
Descriptor to see if they have access to an object?
Hope this makes sense.
You get the user's security token from
System.Security.Principal.WindowsIdentity. You have to use P/Invoke to call
DuplicateToken to get a token with a SecurityImpersonationLevel of
SecurityIdentification and then you use P/Invoke to call AccessCheck or one
of its variants.
That's the 100,000 foot description.