WindowsImpersonationContext and DirectoryServices

From: danycloutier@xxxxxxxxx
Date: 16 Nov 2006 07:54:34 -0800

Hi everybody,

I'm developping an application where I have to read information in the
Active Directory (windows 2000). I have to impersonate my calls with
specific users to have acces to different parts of the AD.

I impersonate the user with the code below (I get token via the
function LogonUser in ADVAPI32.DLL ).

WindowsImpersonationContext wic;
if (token != IntPtr.Zero)
{
WindowsIdentity wi;
using (wi = new WindowsIdentity(token))
{
wic = wi.Impersonate();
}
}
dirEntry = new DirectoryEntry(myConnString)

But after it, I'm unable to read in the AD. I think the directoryEntry
constructor is called with the credentials of my web server (the user
USR_... on local computer) and the connection is refused. Is there any
solutions to impersonate the call to the AD without specifying the
credentials in the DirectoryEntry constructor ?

Thank you

Dany

.

Follow-Ups:
- Re: WindowsImpersonationContext and DirectoryServices
  - From: Joe Kaplan

Prev by Date: Re: IIS Authentication Methods
Next by Date: Re: WindowsImpersonationContext and DirectoryServices
Previous by thread: Re: IIS Authentication Methods
Next by thread: Re: WindowsImpersonationContext and DirectoryServices
Index(es):
- Date
- Thread

Relevant Pages

Re: Authenticate agains several Active Directory Domains
... the DirectoryEntry fails is because by default, ... can impersonate another user to run under for this operation. ... > I need to restrict access to a certain part of a ASP.NET page to some> admin user and check their password agains the windows domain. ... > But when I try to access de.Children I get an error saying> ...
(microsoft.public.dotnet.languages.csharp)
Re: WindowsImpersonationContext and DirectoryServices
... Note that with the DirectoryEntry, you don't need impersonation like you do ... Active Directory (windows 2000). ... I impersonate the user with the code below (I get token via the ... credentials in the DirectoryEntry constructor? ...
(microsoft.public.dotnet.framework.aspnet.security)
Save File to Server on Different Domain
... The file server is on a different domain than the web server. ... Sometimes you might need to obtain a Windows NT account token to impersonate ... Imports System.Collections ...
(microsoft.public.dotnet.framework.aspnet.security)
Save File to Different Domain - 2nd Post
... Sometimes you might need to obtain a Windows NT account token to impersonate ... Imports System.Collections ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: Save File to Different Domain - 2nd Post
... maybe the user doesn't have logon permissions on the server ... > impersonate a user with the proper permissions on the file server: ... > Sometimes you might need to obtain a Windows NT account token to ... > Imports System.Collections ...
(microsoft.public.dotnet.framework.aspnet.security)