Impersonate not working from command line

• Previous message: Matt: "Re: Security based on session, what's wrong?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 27 Apr 2005 14:00:19 -0700

Hello,

I am developing a simple move file utility to move files from one domain to
another in the same internal network. My program runs fine when it reads the
parameters (user, domain, password etc) from a XML file to move files across
the internal network to a different domain. This is a console application
that should have the option of specifying the parameters at the commandline
prompt. When I specify the parameters at cmd line, it gives me a "Access
denied" (access to the file at the destination) error message.

I debugged the code in both the above cases (1-reading params from Xml file
and 2-reading params from commandline). The values of username, password,
destination domain, source file and destination file were the same in both
the cases. But I am getting the Access denied error only when I do this from
cmd line.

Do you know how I can fix this? Any help in this regard will be appreciated.

Thanks,
-Divya

I am using the following Impersonator class to login as the admin of the
destination domain -

public class Impersonator
        {
                public WindowsImpersonationContext impersonationContext;

                [DllImport("advapi32.dll")]
                public static extern int LogonUser(String lpszUsername, String lpszDomain,
                        String lpszPassword,
                        int dwLogonType, int dwLogonProvider, ref IntPtr phToken);

                [DllImport("kernel32.dll")]
                public extern static bool CloseHandle(IntPtr hToken);

                public bool Impersonate(string userName, string domain, string password)
                {
                        WindowsIdentity tempWindowsIdentity;
                        IntPtr token = IntPtr.Zero;
                        IntPtr tokenDuplicate = IntPtr.Zero;
                        // request default security provider a logon token with
LOGON32_LOGON_NEW_CREDENTIALS,
                        // token returned is impersonation token, no need to duplicate
                        if(LogonUser(userName, domain, password, 9, 0, ref token) != 0)
                        {
                                tempWindowsIdentity = new WindowsIdentity(token);
                                impersonationContext = tempWindowsIdentity.Impersonate();
                                // close impersonation token, no longer needed
                                CloseHandle(token);
                                if (impersonationContext != null)
                                        return true;
                        }
                        return false; // Failed to impersonate.
                }
        }

• Previous message: Matt: "Re: Security based on session, what's wrong?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Copy a file from 1 domain to another ... did you get an access denied reading the file or creating the ... Using WebRequest object to write the file to the destination domain - ... > This is a console application and the 2 domains I am referring to are on ... > same internal network and not across the internet. ... (microsoft.public.dotnet.languages.csharp) Re: Copy a file from 1 domain to another ... I have the username ... Using WebRequest object to write the file to the destination domain - ... > same internal network and not across the internet. ... > Could someone please give me a pointer to solve this problem? ... (microsoft.public.dotnet.languages.csharp) Copy a file from 1 domain to another ... I have the username ... Using WebRequest object to write the file to the destination domain - ... same internal network and not across the internet. ... Could someone please give me a pointer to solve this problem? ... (microsoft.public.dotnet.languages.csharp)