How do you run another .exe from VB.NET but as another User? I expect to launch a .exe like "Left Click -> Run As -> Enter User/Pass -> Click OK" If I do that, my application runs as expected (I need to run it as another user to get access to some folders in the network) But if I use this in VB.NET System.Diagnostics.Process.Start(Syst...
We are using impersonation by using the LogonUser function from advapi32.dll along with the WindowsIdentity class to perform impersonation. In the application I want to show all drives that the user normally can see in the windows explorer. Therfore I use the DriveInfo.GetDrives() method. But I only get the local drives, not the drives ...
I have a .NET web service that is trying to log to the Windows Event Log. However, when I try to send a SOAP request to a web method in this web service, I get back this error in the SOAP response: System.InvalidOperationException: Cannot open log for source 'MySource'. You may not have write access. ---> System.ComponentModel.Win32...
Is it possible to use Rhino Mocks to mock WindowsImpersonationContext? I get: System.MissingMethodException : Can't find a constructor with matching arguments ----> System.MissingMethodException : Constructor on type 'WindowsImpersonationContextProxy04bee852de914d5b8a47d6776edc4cb3' var windowsImpersonationContext = mockRepository....
Hi folks. I'm having problems with impersonation in WCF. Namely, I'm calling a named pipe service from within ASP.NET with impersonation turned on. This fails (due to permissions on the pipe blocking anyone from the network). So, is there any way I can make the call outside of the impersonation context? I don't need to be impersonating t...
Hi I am new to IIS 7 security so please have patience with me :) I am writing a ASP.NET web application hosted on IIS 7(.5) that will serve files located on a file server to the users. The web application is hosted on a different web server, but has network access to the file server. Users accessing the site will be authenticated by t...
I have a setup where I impersonate an AD user as described here. The app connects to the (Oracle) database using integrated security, but the impersonated credentials are not propagated to the database. Are there any known issues with impersonating AD users and accessing the database with integrated security? ...
I am working with HttpWebRequest in dotnet. I am using delegation (impersonation) to do this, request.Credentials = CredentialCache.DefaultCredentials; request.ImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Delegation; in webconfig file identity impersonate="true" for Impersonation Kerberos is required... So ...
I want to know more about win32 LogonUser api function. The last parameter is a token which can be used to impersonate a windows identity to execute code on a person's behalf. Say I have a login page where I enter my username, password and domain. When the user submits the page I validate the user by making a call to LogonUser() and get ...
I have a child process I spawn from my main application that needs to be run as another local user on a Windows 7 machine. I would prefer to not set a password on that user account, but it seems that creating a new process with impersonation does not allow for blank passwords or any type of null values. Anyone know if this is possible?...
I've written a small ASP.NET 3.5 application to allow users to update selected account attributes on their own. Everything works fine when I use Basic Authentication, but because the dialog that is presented is less than ideal, I'd like to use forms authentication to give the users more instruction on how to log in. My problem is that ...
I'm trying to get used to II7, having worked with IIS6 for quite some time. In IIS 6, I'd set <identity impersonate="true"/> in the web.config, and make sure that I applied the correct NTFS permissions to the IUSR_[MACHINENAME] account if a folder required more than read permissions. In IIS 7, I'm having trouble duplicating this setup ...
I've written an ASP.NET 2.0 web service which is consumed by a web application which goes out and gets configuration data back from newly built win2k3 servers in a large enterprise. I am using kerberos delegation and impersonation to pass through the users domain admin rights to interrogate the server which has just been built. The web p...
I'm trying to create a WCF service to expose a some services. In one of contracts I have to impersonate to another user and call a COM object. I know that if I want to propagate impersonation into COM object I should call CoInitializaSecurity before any marshaling. int result = CoInitializeSecurity(IntPtr.Zero, -1, IntPtr.Zero, IntPtr....
I modified the ASP.NET login control to also allow specifying UserRole ('Employee' or 'Volunteer'). Users are authenticated via a call to a webservice written by our client, which accepts username/password/role and returns true or false. If role is 'Employee' it represents an active directory user. The application should impersonate th...
I have an application that has to run in normal mode with non admin users. Only for certain functionality, it requires admin privileges. I want to impersonate a non admin user with an admin user by asking the creds when a task that requires admin rights are needed. I am not sure how we can achieve this in a .net framework 3.5 Winforms ap...
I know I can impersonate a windows account using: http://msdn.microsoft.com/en-us/library/chf6fbt4.aspx But how do I go about impersonating a WellKnownSidType account? SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null); NTAccount account = sid.Translate(typeof(NTAccount)) as NTAccount; if (account !=...
I have some code running in an asp.mvc app inside IIS 7. The code is supposed to save a file to a UNC share. This function is called from some controller code, with the filePathname = "\MYSRV\sites\docs\10080003\egg.txt' public void EnsureDocument(string filePathName ,string content,WindowsIdentity identity ) { System.Security.Princi...
Hi, I am trying to create a file using powershell in a specific user context. E.g I have a user user01 on my local machine and I want to create a file in its context. I am doing something like New-Item c:\file.txt -Credential User01 It works but prompts me for password which I dont want it to. Is there any way I can accomplish this w...
A little background on the situation: Multiple users RDC to a 2003 Server. For workflow management each user logs onto the server under their own credentials. Each user researches data for multiple clients. These external websites make heavy use of persistent cookies(IE and Flash) and sometimes certificates that require time consuming...