Impersonate not working from command line

G

Guest

Hello,

I am developing a simple move file utility to move files from one domain to
another in the same internal network. My program runs fine when it reads the
parameters (user, domain, password etc) from a XML file to move files across
the internal network to a different domain. This is a console application
that should have the option of specifying the parameters at the commandline
prompt. When I specify the parameters at cmd line, it gives me a "Access
denied" (access to the file at the destination) error message.

I debugged the code in both the above cases (1-reading params from Xml file
and 2-reading params from commandline). The values of username, password,
destination domain, source file and destination file were the same in both
the cases. But I am getting the Access denied error only when I do this from
cmd line.

Do you know how I can fix this? Any help in this regard will be appreciated.

Thanks,
-Divya

I am using the following Impersonator class to login as the admin of the
destination domain -

public class Impersonator
{
public WindowsImpersonationContext impersonationContext;

[DllImport("advapi32.dll")]
public static extern int LogonUser(String lpszUsername, String lpszDomain,
String lpszPassword,
int dwLogonType, int dwLogonProvider, ref IntPtr phToken);

[DllImport("kernel32.dll")]
public extern static bool CloseHandle(IntPtr hToken);

public bool Impersonate(string userName, string domain, string password)
{
WindowsIdentity tempWindowsIdentity;
IntPtr token = IntPtr.Zero;
IntPtr tokenDuplicate = IntPtr.Zero;
// request default security provider a logon token with
LOGON32_LOGON_NEW_CREDENTIALS,
// token returned is impersonation token, no need to duplicate
if(LogonUser(userName, domain, password, 9, 0, ref token) != 0)
{
tempWindowsIdentity = new WindowsIdentity(token);
impersonationContext = tempWindowsIdentity.Impersonate();
// close impersonation token, no longer needed
CloseHandle(token);
if (impersonationContext != null)
return true;
}
return false; // Failed to impersonate.
}
}
 
W

Willy Denoyette [MVP]

Divya said:
Hello,

I am developing a simple move file utility to move files from one domain
to
another in the same internal network. My program runs fine when it reads
the
parameters (user, domain, password etc) from a XML file to move files
across
the internal network to a different domain. This is a console application
that should have the option of specifying the parameters at the
commandline
prompt. When I specify the parameters at cmd line, it gives me a "Access
denied" (access to the file at the destination) error message.

I debugged the code in both the above cases (1-reading params from Xml
file
and 2-reading params from commandline). The values of username, password,
destination domain, source file and destination file were the same in both
the cases. But I am getting the Access denied error only when I do this
from
cmd line.

Do you know how I can fix this? Any help in this regard will be
appreciated.

Thanks,
-Divya

I am using the following Impersonator class to login as the admin of the
destination domain -

public class Impersonator
{
public WindowsImpersonationContext impersonationContext;

[DllImport("advapi32.dll")]
public static extern int LogonUser(String lpszUsername, String lpszDomain,
String lpszPassword,
int dwLogonType, int dwLogonProvider, ref IntPtr phToken);

[DllImport("kernel32.dll")]
public extern static bool CloseHandle(IntPtr hToken);

public bool Impersonate(string userName, string domain, string password)
{
WindowsIdentity tempWindowsIdentity;
IntPtr token = IntPtr.Zero;
IntPtr tokenDuplicate = IntPtr.Zero;
// request default security provider a logon token with
LOGON32_LOGON_NEW_CREDENTIALS,
// token returned is impersonation token, no need to duplicate
if(LogonUser(userName, domain, password, 9, 0, ref token) != 0)
{
tempWindowsIdentity = new WindowsIdentity(token);
impersonationContext = tempWindowsIdentity.Impersonate();
// close impersonation token, no longer needed
CloseHandle(token);
if (impersonationContext != null)
return true;
}
return false; // Failed to impersonate.
}
}
Click to expand...

There must be something wrong when collecting/passing the string arguments,
can you post the code that collects the commandline args and passes them to
the Impersonate method?

Willy.
 
G

Guest

Thanks for the pointer, Willy. I did not know how to use breakpoints in code
while doing command line processing. Once I figured that out, I stepped
through the code and realised that there was one step that was missing while
I handled the commandline parameter. Once I fixed that, it is working fine!

Thanks for all the help. I really appreciate it.

-Divya


Willy Denoyette said:
Divya said:
Hello,

I am developing a simple move file utility to move files from one domain
to
another in the same internal network. My program runs fine when it reads
the
parameters (user, domain, password etc) from a XML file to move files
across
the internal network to a different domain. This is a console application
that should have the option of specifying the parameters at the
commandline
prompt. When I specify the parameters at cmd line, it gives me a "Access
denied" (access to the file at the destination) error message.

I debugged the code in both the above cases (1-reading params from Xml
file
and 2-reading params from commandline). The values of username, password,
destination domain, source file and destination file were the same in both
the cases. But I am getting the Access denied error only when I do this
from
cmd line.

Do you know how I can fix this? Any help in this regard will be
appreciated.

Thanks,
-Divya

I am using the following Impersonator class to login as the admin of the
destination domain -

public class Impersonator
{
public WindowsImpersonationContext impersonationContext;

[DllImport("advapi32.dll")]
public static extern int LogonUser(String lpszUsername, String lpszDomain,
String lpszPassword,
int dwLogonType, int dwLogonProvider, ref IntPtr phToken);

[DllImport("kernel32.dll")]
public extern static bool CloseHandle(IntPtr hToken);

public bool Impersonate(string userName, string domain, string password)
{
WindowsIdentity tempWindowsIdentity;
IntPtr token = IntPtr.Zero;
IntPtr tokenDuplicate = IntPtr.Zero;
// request default security provider a logon token with
LOGON32_LOGON_NEW_CREDENTIALS,
// token returned is impersonation token, no need to duplicate
if(LogonUser(userName, domain, password, 9, 0, ref token) != 0)
{
tempWindowsIdentity = new WindowsIdentity(token);
impersonationContext = tempWindowsIdentity.Impersonate();
// close impersonation token, no longer needed
CloseHandle(token);
if (impersonationContext != null)
return true;
}
return false; // Failed to impersonate.
}
}
Click to expand...

There must be something wrong when collecting/passing the string arguments,
can you post the code that collects the commandline args and passes them to
the Impersonate method?

Willy.
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Need help with impersonation, please. 2
Impersonation Problem 0
Impersonate - Urgent 3
Impersonation in a console app 3
LogonUser issues 2
Impersonate user from ASP.NET - access to network file share 8
RegLoadKey while impersonated. 5
User Impersonation on Win XP SP2 27

Top