S
sureshhalade
Hi,
When i login with administrator, I am able to access
spGlobal.VirtualServers.Count property,
but I am not able to access it with any other log-in. So I tried it
with Impersonation, but still i m facing problem. How can I find
virtual server count?
Any help me in this regard is welcome.
I'm trying to impersonate a user using the WindowsIdentity.
This is what I'm doing --
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
public sealed class ImpersonationUtility
{
private static string ADMINDOMAINACCOUNT = @"SHAREPOINT
\administrator";
private static string ADMINPASSWORD = "Password#123";
private WindowsImpersonationContext _wiContext;
private ImpersonationUtility() {}
public static ImpersonationUtility ImpersonateAdmin()
{
ImpersonationUtility imp = new ImpersonationUtility();
if (imp.Impersonate(ADMINDOMAINACCOUNT, ADMINPASSWORD))
return imp;
return null;
}
public void Undo()
{
if (this._wiContext != null)
{
this._wiContext.Undo();
this._wiContext = null;
}
}
/// Impersonate the designated user.
/// Account of format "DOMAIN\user"
/// password of the user
/// True if the impersonation succeeded, false if not.
private bool Impersonate(string domainAccount, string password)
{
IntPtr token = IntPtr.Zero;
IntPtr tokenDuplicate = IntPtr.Zero;
try
{
string[] accountparts = domainAccount.Split(new char[]{'\
\'});
string domain = accountparts[0];
string username = accountparts[1];
// If the requested domainAccount is different from the thread
identity,
// then revert to self first before attempting the logon.
if (String.Compare(domainAccount,
WindowsIdentity.GetCurrent().Name, true,
CultureInfo.InvariantCulture) != 0)
{
if (NativeMethods.LogonUserA(username, domain, password,
NativeMethods.LOGON32_LOGON_NETWORK,
NativeMethods.LOGON32_PROVIDER_DEFAULT, ref token) != 0)
{
if (NativeMethods.DuplicateToken(token, 2, ref tokenDuplicate) !
= 0)
{
WindowsIdentity wi = new
WindowsIdentity(tokenDuplicate);
// NOTE: Impersonate may fail if account that tries to
impersonate does
// not hold the "Impersonate after Authentication"
privilege
// See local security policy - user rights
assignment.
this._wiContext = wi.Impersonate();
}
else
{
throw new
Win32Exception(Marshal.GetLastWin32Error(),
String.Format(CultureInfo.InvariantCulture,
"Inpersonation: Error duplicating token after logon for user
\"{0}\"", domainAccount));
}
}
else
{
throw new Win32Exception(Marshal.GetLastWin32Error(),
String.Format(CultureInfo.InvariantCulture,
"Inpersonation: Error logging on user \"{0}\"",
domainAccount));
}
}
}
finally
{
if (token != IntPtr.Zero)
NativeMethods.CloseHandle(token);
if (tokenDuplicate != IntPtr.Zero)
NativeMethods.CloseHandle(tokenDuplicate);
}
return (this._wiContext != null);
}
public static void ReImpersonateAdmin()
{
ImpersonationUtility imp = new ImpersonationUtility();
imp.Undo();
}
}
internal sealed class NativeMethods
{
private NativeMethods() { }
public const int LOGON32_PROVIDER_DEFAULT = 0;
public const int LOGON32_LOGON_INTERACTIVE = 2;
public const int LOGON32_LOGON_NETWORK = 3;
[DllImport("kernel32.dll", CharSet=CharSet.Auto)]
public static extern bool CloseHandle(IntPtr handle);
[DllImport("advapi32.dll")]
public static extern int LogonUserA(String lpszUserName,String
lpszDomain,String lpszPassword,
int dwLogonType,int dwLogonProvider,ref IntPtr phToken);
[DllImport("advapi32.dll", CharSet=CharSet.Auto,
SetLastError=true)]
public static extern int DuplicateToken(IntPtr hToken,int
impersonationLevel,ref IntPtr hNewToken);
[DllImport("advapi32.dll", CharSet=CharSet.Auto,
SetLastError=true)]
public static extern bool RevertToSelf();
}
Call in Sharpeoint class -
ImpersonationUtility.ImpersonateAdmin(); //Impersonating logged in
user to administrator
SPGlobalAdmin spGlobal = new SPGlobalAdmin();
int count = spGlobal.VirtualServers.Count; // here I am not able to
get virtual servers count.
ImpersonationUtility.ReImpersonateAdmin(); //ReImpersonating user to
logged in user
When i login with administrator, I am able to access
spGlobal.VirtualServers.Count property,
but I am not able to access it with any other log-in. So I tried it
with Impersonation, but still i m facing problem. How can I find
virtual server count?
Any help me in this regard is welcome.
I'm trying to impersonate a user using the WindowsIdentity.
This is what I'm doing --
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
public sealed class ImpersonationUtility
{
private static string ADMINDOMAINACCOUNT = @"SHAREPOINT
\administrator";
private static string ADMINPASSWORD = "Password#123";
private WindowsImpersonationContext _wiContext;
private ImpersonationUtility() {}
public static ImpersonationUtility ImpersonateAdmin()
{
ImpersonationUtility imp = new ImpersonationUtility();
if (imp.Impersonate(ADMINDOMAINACCOUNT, ADMINPASSWORD))
return imp;
return null;
}
public void Undo()
{
if (this._wiContext != null)
{
this._wiContext.Undo();
this._wiContext = null;
}
}
/// Impersonate the designated user.
/// Account of format "DOMAIN\user"
/// password of the user
/// True if the impersonation succeeded, false if not.
private bool Impersonate(string domainAccount, string password)
{
IntPtr token = IntPtr.Zero;
IntPtr tokenDuplicate = IntPtr.Zero;
try
{
string[] accountparts = domainAccount.Split(new char[]{'\
\'});
string domain = accountparts[0];
string username = accountparts[1];
// If the requested domainAccount is different from the thread
identity,
// then revert to self first before attempting the logon.
if (String.Compare(domainAccount,
WindowsIdentity.GetCurrent().Name, true,
CultureInfo.InvariantCulture) != 0)
{
if (NativeMethods.LogonUserA(username, domain, password,
NativeMethods.LOGON32_LOGON_NETWORK,
NativeMethods.LOGON32_PROVIDER_DEFAULT, ref token) != 0)
{
if (NativeMethods.DuplicateToken(token, 2, ref tokenDuplicate) !
= 0)
{
WindowsIdentity wi = new
WindowsIdentity(tokenDuplicate);
// NOTE: Impersonate may fail if account that tries to
impersonate does
// not hold the "Impersonate after Authentication"
privilege
// See local security policy - user rights
assignment.
this._wiContext = wi.Impersonate();
}
else
{
throw new
Win32Exception(Marshal.GetLastWin32Error(),
String.Format(CultureInfo.InvariantCulture,
"Inpersonation: Error duplicating token after logon for user
\"{0}\"", domainAccount));
}
}
else
{
throw new Win32Exception(Marshal.GetLastWin32Error(),
String.Format(CultureInfo.InvariantCulture,
"Inpersonation: Error logging on user \"{0}\"",
domainAccount));
}
}
}
finally
{
if (token != IntPtr.Zero)
NativeMethods.CloseHandle(token);
if (tokenDuplicate != IntPtr.Zero)
NativeMethods.CloseHandle(tokenDuplicate);
}
return (this._wiContext != null);
}
public static void ReImpersonateAdmin()
{
ImpersonationUtility imp = new ImpersonationUtility();
imp.Undo();
}
}
internal sealed class NativeMethods
{
private NativeMethods() { }
public const int LOGON32_PROVIDER_DEFAULT = 0;
public const int LOGON32_LOGON_INTERACTIVE = 2;
public const int LOGON32_LOGON_NETWORK = 3;
[DllImport("kernel32.dll", CharSet=CharSet.Auto)]
public static extern bool CloseHandle(IntPtr handle);
[DllImport("advapi32.dll")]
public static extern int LogonUserA(String lpszUserName,String
lpszDomain,String lpszPassword,
int dwLogonType,int dwLogonProvider,ref IntPtr phToken);
[DllImport("advapi32.dll", CharSet=CharSet.Auto,
SetLastError=true)]
public static extern int DuplicateToken(IntPtr hToken,int
impersonationLevel,ref IntPtr hNewToken);
[DllImport("advapi32.dll", CharSet=CharSet.Auto,
SetLastError=true)]
public static extern bool RevertToSelf();
}
Call in Sharpeoint class -
ImpersonationUtility.ImpersonateAdmin(); //Impersonating logged in
user to administrator
SPGlobalAdmin spGlobal = new SPGlobalAdmin();
int count = spGlobal.VirtualServers.Count; // here I am not able to
get virtual servers count.
ImpersonationUtility.ReImpersonateAdmin(); //ReImpersonating user to
logged in user