G
Guest
After playing with the code shown and utilising Willy Denyottes' help, I have
come to the conclusion that there is some form of difference between the
managed WindowsIdentity.Impersonate() over the unmanaged
ImpersonateLoggedOnUser().
Below is my code showing a file copy to a remote computer's shared folder
using both WindowsImpersonationContext and
ImpersonateLoggedOnUser/RevertToSelf, with the latter currently commented out.
The issue I have is that the code executes and copies the file when using
ImpersonateLoggedOnUser, but not when using a WindowsImpersonationContext.
This wouldn't be an issue except that the ImpersonateLoggedOnUser does not
work when called on Windows 2000/2003 Pro/Server, only Windows XP.
The question would be why is this so and what can I do to get it working
with managed code. Note that the logon type and provider listed here are only
test values that I'm using, but no combination yields any better result other
than error 1326 "Logon failure: unknown user name or bad password".
Thanks.
using System;
using System.Runtime.InteropServices;
using System.Security.Principal;
using System.Security.Permissions;
namespace SecurityTest
{
/// <summary>
/// Summary description for Class1.
/// </summary>
class SecurityTest
{
[DllImport("advapi32.DLL", SetLastError = true)]
public static extern int LogonUser(string lpszUsername, string lpszDomain,
string lpszPassword, int dwLogonType, int dwLogonProvider, out IntPtr
phToken);
[DllImport("advapi32.DLL")]
public static extern bool ImpersonateLoggedOnUser(IntPtr hToken); //
handle to token for logged-on user
[DllImport("advapi32.DLL")]
public static extern bool RevertToSelf();
/// <summary>
/// The main entry point for the application.
/// </summary>
[STAThread]
static void Main(string[] args)
{
IntPtr admin_token;
//WindowsIdentity wid_current = WindowsIdentity.GetCurrent();
WindowsIdentity wid_admin = null;
WindowsImpersonationContext wic = null;
try
{
Console.WriteLine("Copying file...");
if (LogonUser("Administrator", "192.168.0.1", "password", 9, 0, out
admin_token) != 0)
{
//ImpersonateLoggedOnUser(admin_token);
wid_admin = new WindowsIdentity(admin_token);
wic = wid_admin.Impersonate();
System.IO.File.Copy("C:\\rpmtest.txt",
"\\\\192.168.0.1\\bb.uploads\\test.txt", true);
Console.WriteLine("Copy succeeded");
}
else Console.WriteLine("Copy Failed");
}
catch (System.Exception se)
{
int ret = Marshal.GetLastWin32Error();
Console.WriteLine(ret.ToString(), "Error code: " + ret.ToString());
Console.WriteLine(se.Message);
}
finally
{
//RevertToSelf();
if (wic != null) wic.Undo();
}
//Console.ReadLine();
}
}
}
come to the conclusion that there is some form of difference between the
managed WindowsIdentity.Impersonate() over the unmanaged
ImpersonateLoggedOnUser().
Below is my code showing a file copy to a remote computer's shared folder
using both WindowsImpersonationContext and
ImpersonateLoggedOnUser/RevertToSelf, with the latter currently commented out.
The issue I have is that the code executes and copies the file when using
ImpersonateLoggedOnUser, but not when using a WindowsImpersonationContext.
This wouldn't be an issue except that the ImpersonateLoggedOnUser does not
work when called on Windows 2000/2003 Pro/Server, only Windows XP.
The question would be why is this so and what can I do to get it working
with managed code. Note that the logon type and provider listed here are only
test values that I'm using, but no combination yields any better result other
than error 1326 "Logon failure: unknown user name or bad password".
Thanks.
using System;
using System.Runtime.InteropServices;
using System.Security.Principal;
using System.Security.Permissions;
namespace SecurityTest
{
/// <summary>
/// Summary description for Class1.
/// </summary>
class SecurityTest
{
[DllImport("advapi32.DLL", SetLastError = true)]
public static extern int LogonUser(string lpszUsername, string lpszDomain,
string lpszPassword, int dwLogonType, int dwLogonProvider, out IntPtr
phToken);
[DllImport("advapi32.DLL")]
public static extern bool ImpersonateLoggedOnUser(IntPtr hToken); //
handle to token for logged-on user
[DllImport("advapi32.DLL")]
public static extern bool RevertToSelf();
/// <summary>
/// The main entry point for the application.
/// </summary>
[STAThread]
static void Main(string[] args)
{
IntPtr admin_token;
//WindowsIdentity wid_current = WindowsIdentity.GetCurrent();
WindowsIdentity wid_admin = null;
WindowsImpersonationContext wic = null;
try
{
Console.WriteLine("Copying file...");
if (LogonUser("Administrator", "192.168.0.1", "password", 9, 0, out
admin_token) != 0)
{
//ImpersonateLoggedOnUser(admin_token);
wid_admin = new WindowsIdentity(admin_token);
wic = wid_admin.Impersonate();
System.IO.File.Copy("C:\\rpmtest.txt",
"\\\\192.168.0.1\\bb.uploads\\test.txt", true);
Console.WriteLine("Copy succeeded");
}
else Console.WriteLine("Copy Failed");
}
catch (System.Exception se)
{
int ret = Marshal.GetLastWin32Error();
Console.WriteLine(ret.ToString(), "Error code: " + ret.ToString());
Console.WriteLine(se.Message);
}
finally
{
//RevertToSelf();
if (wic != null) wic.Undo();
}
//Console.ReadLine();
}
}
}