RpcImpersonateClient for local RPC

I have a local RPC implementation, where RPC server and client are
running on the local machine. I am using RpcBindingSetAuthInfoEx to do
the authentication. I'd like to use another user's credential on the
machine (the one other than the current logged on user) to
authenticate and hope that the server can later on impersonate that
user.

The data structure I pass into RpcBindingSetAuthInfoEx looks like
this:

wchar_t username[] = L"username";
wchar_t password[] = L"password";
wchar_t domain[] = L"."; //it is a local user

SEC_WINNT_AUTH_IDENTITY authIdentity;
authIdentity.User = (unsigned short*) username;
authIdentity.UserLength = (unsigned long) wcslen(username);
authIdentity.Password = (unsigned short*) password;
authIdentity.PasswordLength = (unsigned long) wcslen(password);
authIdentity.Domain = (unsigned short*) domain;
authIdentity.DomainLength = (unsigned long) wcslen(domain);
authIdentity.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;

RPC_SECURITY_QOS securityQos;
securityQos.Version = RPC_C_SECURITY_QOS_VERSION_1;
securityQos.IdentityTracking = RPC_C_QOS_IDENTITY_DYNAMIC;
securityQos.Capabilities = RPC_C_QOS_CAPABILITIES_LOCAL_MA_HINT;
securityQos.ImpersonationType = RPC_C_IMP_LEVEL_IMPERSONATE;

status = RpcBindingSetAuthInfoEx(
myrpc_IfHandle,
serverPrincipal,
RPC_C_AUTHN_LEVEL_PKT_PRIVACY,
RPC_C_AUTHN_WINNT,
&authIdentity,
0,
&securityQos);

Both functions: RpcBindingSetAuthInfoEx and RpcImpersonateClient
return successfully. But it seems the impersonation is not working, as
I am still getting currently logged on user informtion...

My questions is:
Is it supported for explicit credential and impersoation with local
RPC?

In fact I noticed that even if I pass in an incorrect password, the
authentiction is successful -- that I can call the followup RPC
functions.

.

Relevant Pages