M
Maurice Thompson via .NET 247
Hi,
I am writing a windows forms app and i need to access a fileshare but impersonating another user (rather than the userlogged on). All my code seems to work, i.e the impersonated usergets logged on etc.. However when i try to access a file on thenetwork i doesnt work. It doesnt work even when i use theadministrators logon details ??
Any help appreciated as im at a dead end!!
Thanks in advance..
<code>
Imports System
Imports System.Runtime.InteropServices
Imports System.Security.Principal
Imports System.Security.Permissions
Imports System.IO
<Assembly:SecurityPermissionAttribute(SecurityAction.RequestMinimum,UnmanagedCode:=True)>
Public Class clsSecurity
Private idWindows As WindowsIdentity
Private prinWindows As WindowsPrincipal
<DllImport("C:\Windows\System32\advapi32.dll")> _
Public Shared Function LogonUser(ByVal lpszUsername AsString, _
ByVal lpszDomain AsString, _
ByVal lpszPassword AsString, _
ByVal dwLogonType AsInteger, _
ByVal dwLogonProvider AsInteger, _
ByRef phToken As Integer)As Boolean
End Function
<DllImport("C:\Windows\System32\Kernel32.dll")> _
Public Shared Function GetLastError() As Integer
End Function
'Public Shared Sub Main(ByVal args() As String)
Public Sub testme()
'The Windows NT user token.
Dim token1 As Integer
'The parameters for LogonUser are the user name, computername, password,
'Logon type (LOGON32_LOGON_NETWORK_CLEARTEXT), Logonprovider (LOGON32_PROVIDER_DEFAULT),
'and user token.
Dim loggedOn As Boolean = LogonUser("test", "MYDOMAIN","test", 3, 0, token1)
Console.WriteLine("LogonUser called")
''''Call GetLastError to try to determine why logonfailed if it did not succeed.
'''Dim ret As Integer = GetLastError()
Console.WriteLine("LogonUser Success? " &loggedOn.ToString)
Console.WriteLine("NT Token Value: " & token1.ToString)
'Starting impersonation here:
Console.WriteLine("Before impersonation:")
Dim mWI1 As WindowsIdentity =WindowsIdentity.GetCurrent()
Console.WriteLine(mWI1.Name)
Console.WriteLine(mWI1.Token)
'see if access to network file ispossible................
Console.WriteLine("file exists = " &File.Exists("K:\test.txt"))
Dim token2 As IntPtr = New IntPtr(token1)
Console.WriteLine("New identity created:")
Dim mWI2 As WindowsIdentity = NewWindowsIdentity(token2)
Console.WriteLine(mWI2.Name)
Console.WriteLine(mWI2.Token)
'Impersonate the user.
Dim mWIC As WindowsImpersonationContext =mWI2.Impersonate()
Console.WriteLine("After impersonation:")
Dim mWI3 As WindowsIdentity =WindowsIdentity.GetCurrent()
Console.WriteLine(mWI3.Name)
Console.WriteLine(mWI3.Token)
'see if access to network file ispossible................
Console.WriteLine("file exists = " &File.Exists("K:\test.txt"))
'Revert to previous identity.
mWIC.Undo()
Console.WriteLine("After impersonation is reverted:")
Dim mWI4 As WindowsIdentity =WindowsIdentity.GetCurrent()
Console.WriteLine(mWI4.Name)
Console.WriteLine(mWI4.Token)
'see if access to network file ispossible................
Console.WriteLine("file exists = " &File.Exists("K:\test.txt"))
End Sub
End Class
</code>
I am writing a windows forms app and i need to access a fileshare but impersonating another user (rather than the userlogged on). All my code seems to work, i.e the impersonated usergets logged on etc.. However when i try to access a file on thenetwork i doesnt work. It doesnt work even when i use theadministrators logon details ??
Any help appreciated as im at a dead end!!
Thanks in advance..
<code>
Imports System
Imports System.Runtime.InteropServices
Imports System.Security.Principal
Imports System.Security.Permissions
Imports System.IO
<Assembly:SecurityPermissionAttribute(SecurityAction.RequestMinimum,UnmanagedCode:=True)>
Public Class clsSecurity
Private idWindows As WindowsIdentity
Private prinWindows As WindowsPrincipal
<DllImport("C:\Windows\System32\advapi32.dll")> _
Public Shared Function LogonUser(ByVal lpszUsername AsString, _
ByVal lpszDomain AsString, _
ByVal lpszPassword AsString, _
ByVal dwLogonType AsInteger, _
ByVal dwLogonProvider AsInteger, _
ByRef phToken As Integer)As Boolean
End Function
<DllImport("C:\Windows\System32\Kernel32.dll")> _
Public Shared Function GetLastError() As Integer
End Function
'Public Shared Sub Main(ByVal args() As String)
Public Sub testme()
'The Windows NT user token.
Dim token1 As Integer
'The parameters for LogonUser are the user name, computername, password,
'Logon type (LOGON32_LOGON_NETWORK_CLEARTEXT), Logonprovider (LOGON32_PROVIDER_DEFAULT),
'and user token.
Dim loggedOn As Boolean = LogonUser("test", "MYDOMAIN","test", 3, 0, token1)
Console.WriteLine("LogonUser called")
''''Call GetLastError to try to determine why logonfailed if it did not succeed.
'''Dim ret As Integer = GetLastError()
Console.WriteLine("LogonUser Success? " &loggedOn.ToString)
Console.WriteLine("NT Token Value: " & token1.ToString)
'Starting impersonation here:
Console.WriteLine("Before impersonation:")
Dim mWI1 As WindowsIdentity =WindowsIdentity.GetCurrent()
Console.WriteLine(mWI1.Name)
Console.WriteLine(mWI1.Token)
'see if access to network file ispossible................
Console.WriteLine("file exists = " &File.Exists("K:\test.txt"))
Dim token2 As IntPtr = New IntPtr(token1)
Console.WriteLine("New identity created:")
Dim mWI2 As WindowsIdentity = NewWindowsIdentity(token2)
Console.WriteLine(mWI2.Name)
Console.WriteLine(mWI2.Token)
'Impersonate the user.
Dim mWIC As WindowsImpersonationContext =mWI2.Impersonate()
Console.WriteLine("After impersonation:")
Dim mWI3 As WindowsIdentity =WindowsIdentity.GetCurrent()
Console.WriteLine(mWI3.Name)
Console.WriteLine(mWI3.Token)
'see if access to network file ispossible................
Console.WriteLine("file exists = " &File.Exists("K:\test.txt"))
'Revert to previous identity.
mWIC.Undo()
Console.WriteLine("After impersonation is reverted:")
Dim mWI4 As WindowsIdentity =WindowsIdentity.GetCurrent()
Console.WriteLine(mWI4.Name)
Console.WriteLine(mWI4.Token)
'see if access to network file ispossible................
Console.WriteLine("file exists = " &File.Exists("K:\test.txt"))
End Sub
End Class
</code>