impersonation

Cannot run as a non-admin impersonated user - access is denied

I do impersonation of a non-admin user account in an app that is running as an admin user (using LogonUser(), DuplicateToken() and WindowsIdentity.Impersonate() functions). Since this user account is temporary, I also need to load a user profile (using LoadUserProfile() native function). All methods execute successfully (no last error is...

C# Winform Impersonation fail to work

Hello I just spent 2 days reading a bunch of stuff about impersonation in C# (including stackoverflow and codeproject articles) and here is the result of my investigations. To make it short, I just want to start and stop a service from a winform application running under standard (non privileged) user account. I want to impersonate my ...

.NET : Transmit user credentials over the transport layer

What is the best/simplest way to transmit the user credentials (Active Directory) over the transport layer. I have two systems A and B connected with a 3rd party message layer C. Is there any way (preferable in .NET) to somehow store/serialize the credentials of the authenticated user on the side A, transmit it over the C, then to de-s...

Multiple hops impersonation in .NET and web services

I have old school web service and it is configured to impersonate the caller. Works with no problem. Now I am thinking about adding another more higher level ASP.NET (non-wcf) web service which would be calling the original web service. The question is - will the client identity flow across two hops as in client (1)-> new web service (2...

Is .Net Impersonation Logon Thread-Safe ???

if using code like the following to impersonate another user, [DllImport("advapi32.dll", SetLastError = true)] private static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken); var handle = IntPtr.Zero; const int LOGON32_LOGON_...

its posible use impersonate sql server property on hibernate layer?

i makin an app on java and must to create the same impersonate or context swichtching for sql server property i wonder its posible use impersonate sql server property on hibernate layer? ...

WCF impersonation is not impersonating an administrator

I am trying to use WCF to do some remote user management things. I and reusing some code I had on a server 2003 box and worked fine, but on my windows 7 test box when I check to see if the user who called the function is administrator it says it is not. [OperationBehavior(Impersonation=ImpersonationOption.Required)] public string SetPas...

Impersonation in Powershell - Access remote file

I need to read a file on a remote server, however I dont have permissions to do so. If I use another account with elevated rights, I can. I would like to run the script from anywhere with the credentials built into the script (accepting the risks). ...

Impersonation the current user using WindowsImpersonationContext to access network drive

I need to access a remote drive from a Web App. The drive isn't accessible to the ASP.NET process, so I want to impersonate the current user for the request. I saw some basic examples using WindowsImpersonationContext, and have tried the following. WindowsImpersonationContext impersonationContext = null; try { impersonationConte...

Can I have a WCF call that hits the DB use the creds of the caller?

I have read a lot about impersonation, and I have tried a ton of tags in my config file. I have tried [OperationBehavior(Impersonation = ImpersonationOption.Required)] on my method that hits the database. None of it works. I get a wide variety of error messages depending on how my config is setup. Can anyone lay out for me what C# an...

Process.Start() impersonation problem

Trying to start process with another access token, without success, it runs as the non-impersonated user. using (WindowsIdentity identity = new WindowsIdentity(token)) using (identity.Impersonate()) { Process.Start("blabla.txt"); } How to make this work properly? ...

Accessing shared memory while impersonating a client

I'm trying to access global shared memory from an ASP.NET web method while impersonating a client, but I get access denied when trying to open the handle. As an example: [WebMethod] public string Testing() { string result = null; using (var ctx = WindowsIdentity.Impersonate(IntPtr.Zero)) { IntPtr p1 = NativeMethods.OpenFileMa...

ASP.NET: How can I access a remote UNC path in IIS 6 on XP?

There are quite a few solutions here that discuss accessing a UNC path from IIS, however I need to get this to work under XP. How does one get ASP.NET (on XP) to access a remote UNC path? Where do I set the credentials? I've attempted the SU4User Impersonation extensions, setting the IIS anonymous account, etc, and think there is more...

Passthrough (impersonation) authentication with ASP.NET and TFS api

I'm trying to enable passthrough or impersonation authentication inside an ASP.NET website that uses the TFS2010 API. I've got this working correctly with Cassini, however with IIS 7.5 (Windows 7) something is going wrong. I found this blog post on the subject, and tried the following: private static void Test() { TfsTeamProjectCo...

LogonUser and others return error 1337 in Windows Server 2003 x86

After some update, I see following issue on all Windows Server 2003 member servers (x86 only): LogonUser, and LogonUserEx calls are failing with error 1337 (The security ID structure is invalid). Basically, following code fails: HANDLE token; BOOL b = LogonUserA( "username", "DOMAIN", "password", LOGON32_LOGON_INTERACTIVE,...

How to Background time/IO-consuming operations across a firewall in ASP.NET C#

Summary We have an ASP.NET application that allows users to query a SQL Server Database through a middle layer (pretty standard stuff). When the user attempts to generate a PDF for the rows that were returned to them. Each set of rows with a common identifier will "turn into" a separate page in the resulting PDF. Originally, I assumed t...