tristan49
Tue Nov 29 09:30:06 CST 2005
Actually, using the System.Management namespace allows me to create a scope
with a specific username / password:
ManagementScope scope = new ManagementScope();
scope.Options.Username = computer.Domain.Name + @"\" +
computer.Domain.Username;
scope.Options.Password = computer.Domain.Password;
And using this namespace, I can copy the ini file I need to read off of
their computer to the applications and read it from there without adding an
impersonation class. Although if someone wants the API way ready to copy and
paste:
using System.Runtime.InteropServices;
using System.Security.Principal;
public class Impersonation
{
public const int LOGON32_LOGON_INTERACTIVE = 2;
public const int LOGON32_PROVIDER_DEFAULT = 0;
WindowsImpersonationContext impersonationContext;
[DllImport( "advapi32.dll" )]
public static extern int LogonUserA( String lpszUserName,
String lpszDomain,
String lpszPassword,
int dwLogonType,
int dwLogonProvider,
ref IntPtr phToken );
[DllImport( "advapi32.dll", CharSet = CharSet.Auto, SetLastError =
true )]
public static extern int DuplicateToken( IntPtr hToken,
int impersonationLevel,
ref IntPtr hNewToken );
[DllImport( "advapi32.dll", CharSet = CharSet.Auto, SetLastError =
true )]
public static extern bool RevertToSelf();
[DllImport( "kernel32.dll", CharSet = CharSet.Auto )]
public static extern bool CloseHandle( IntPtr handle );
public bool Impersonate( String userName, String domain, String
password )
{
WindowsIdentity tempWindowsIdentity;
IntPtr token = IntPtr.Zero;
IntPtr tokenDuplicate = IntPtr.Zero;
if ( RevertToSelf() )
{
if ( LogonUserA( userName, domain, password,
LOGON32_LOGON_INTERACTIVE,
LOGON32_PROVIDER_DEFAULT, ref token ) != 0 )
{
if ( DuplicateToken( token, 2, ref tokenDuplicate ) != 0 )
{
tempWindowsIdentity = new WindowsIdentity(
tokenDuplicate );
impersonationContext =
tempWindowsIdentity.Impersonate();
if ( impersonationContext != null )
{
CloseHandle( token );
CloseHandle( tokenDuplicate );
return true;
}
}
}
}
if ( token != IntPtr.Zero )
CloseHandle( token );
if ( tokenDuplicate != IntPtr.Zero )
CloseHandle( tokenDuplicate );
return false;
}
public void UndoImpersonation()
{
impersonationContext.Undo();
}
}
""Peter Huang" [MSFT]" wrote:
> Hi
>
> We need to call LogonUser API to impersonate the current thread running
> under another account with the username/password.
>
> 841699 How to validate Windows user rights in a Visual Basic .NET
> application
>
http://support.microsoft.com/?id=841699
>
> Impersonate a Specific User in Code
> How to implement impersonation in an ASP.NET application
>
http://support.microsoft.com/default.aspx?scid=kb;en-us;306158
>
> Best regards,
>
> Peter Huang
> Microsoft Online Partner Support
>
> Get Secure! - www.microsoft.com/security
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>