473,403 Members | 2,323 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > python > questions > impersonation

Join Bytes to post your question to a community of 473,403 software developers and data experts.

Impersonation

I would like to run a program as another user in win2k. I have runas
utility but with this I need type password all the time. Using python and
windows extensions it is posibile to write a program that will do this, here
is a code:

handel=win32security.LogonUser('username','domain' ,'pass',
win32con.LOGON32_LOGON_INTERACTIVE,win32con.LOGON3 2_PROVIDER_DEFAULT)

win32security.ImpersonateLoggedOnUser(handel)

print "Started as: ", win32api.GetUserName()
#this prints target username, impersonation successful

os.execv(path, args)
#runs program, not as target user

#win32security.RevertToSelf()
#handel.Close()

...and this runs the program but not as a target user. Program is started just
normal as it would be without impersonation. Any idea why?

Jul 18 '05 #1
3 2860
Vedran Furac wrote:
..and this runs the program but not as a target user. Program is started just
normal as it would be without impersonation. Any idea why?


IIRC, the 'current' user has to be an administrator or have some special
security privileges (backup operator?) to be allowed to impersonate
other users.

Jul 18 '05 #2
On Wed, 03 Mar 2004 10:50:56 +0100, Ivan Voras <ivoras@__geri.cc.fer.hr> wrote:
Vedran Furac wrote:
..and this runs the program but not as a target user. Program is started just
normal as it would be without impersonation. Any idea why?


IIRC, the 'current' user has to be an administrator or have some special
security privileges (backup operator?) to be allowed to impersonate
other users.


Yes, but I have set privileges:
<http://aspn.activestate.com/ASPN/doc...n/2.3/PyWin32/
Windows_NT_Security_.2d.2d_Impersonation.html>
....and (I guess) impersonation was successful because it prints target username
Jul 18 '05 #3
Vedran Furac <ve*****@riteh.hr> writes:
I would like to run a program as another user in win2k. I have runas
utility but with this I need type password all the time. Using python and
windows extensions it is posibile to write a program that will do this, here
is a code:

handel=win32security.LogonUser('username','domain' ,'pass',
win32con.LOGON32_LOGON_INTERACTIVE,win32con.LOGON3 2_PROVIDER_DEFAULT)

win32security.ImpersonateLoggedOnUser(handel)

print "Started as: ", win32api.GetUserName()
#this prints target username, impersonation successful

os.execv(path, args)
#runs program, not as target user

#win32security.RevertToSelf()
#handel.Close()

..and this runs the program but not as a target user. Program is started just
normal as it would be without impersonation. Any idea why?


It's probably the fact that os.execv is bubbling down into a normal
CreateProcess call at the win32 API level. But if the calling process
is impersonating a user, CreateProcess uses the authentication token
for the calling process itself, and not the impersonation token.

There is a CreateProcessAsUser call that works just like
CreateProcess, but has an initial first parameter which is the user
token for the process (which is "handel" in your above code). I don't
have any Python code handy (my current code for this is in C), but you
might try replacing the execv call with an equivalent call to
CreateProcessAsUser (it's wrapped in win32process) and see if it does
what you want.

-- David
Jul 18 '05 #4
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
Impersonation and UNC shares in a windows service
by: Chris | last post by:
Hello all, Here is my problem. I have a windows service (C#) that is supposed to move files from/to the local drive to/from a UNC share (\\domainserver\share). The service is running on a Win3k...
.NET Framework
1
Impersonation
by: Ripa Horatiu | last post by:
Does anyone knows how can I impersonate to another user (basically Administrator) for a piece of my code? I've tried the samples provided by MS but they didn't worked. -- Horatiu Ripa
C# / C Sharp
12
Issue with ASP.NET client, COM Interop, and Identity impersonation
by: Anil Krishnamurthy | last post by:
We have an ASP.NET application that uses COM objects through Interop. The web application requires access to network and database resources and hence, needs to impersonate a domain account. The...
.NET Framework
1
Impersonation failure with Index Server and Forms Authentication with Active Directory
by: techfuzz | last post by:
I'm posting my problem experience and solution I found here for other ASP.NET developers. I have a web application that uses Forms Authentication with Active Directory to control access. In...
ASP.NET
3
Machine.Config -- ProcessModel vs Identity Impersonation
by: Wm. Scott Miller | last post by:
What is the difference between using a username and password in the processmodel section vs using one in impersonation in the machine.config file? What are the advantages of each and what are the...
ASP.NET
11
Impersonation causes a server error
by: Phil | last post by:
Hi, I've currently setup a local user as described in: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnne...
C# / C Sharp
1
Threading & Impersonation
by: Patrick | last post by:
I have an ASP.NET web service whose Web.Config is set to use impersonation <authentication mode="Windows" /> <identity impersonate="true" /> Within a Web Method, I want to use...
ASP.NET
0
Impersonation Problem
by: velvet.graham | last post by:
I'm having a difficult time with impersonation. I've created an impersonation class. Here is the code below: ******Impersonation Class Code********* Imports System Imports System.Web.Security...
ASP.NET
1
interesting! cystal report dll and asp.net impersonation
by: zhuang | last post by:
Dear all, I found a very interesting thing about viewing crystal report (located on network drive) with asp.net application. To do the impersonation, modify web.config does not work, you have...
ASP.NET
5
Impersonation and Performance
by: =?Utf-8?B?S2l0dHlIYXdr?= | last post by:
I am in the process of migrating an II6 environment from a single server to a network load balanced system. Thus, I am using a virtual directory on a UNC share to house the dynamic data that the...
ASP.NET
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!