Anyone know the impersonate mechanism when application run as TCB.

From: Joseph QIAO (joe_at_ceithk.com)
Date: 04/28/04


Date: Wed, 28 Apr 2004 11:55:49 +0800

Dear All,

On my last post, asking about the impersonate problems, David Cross told me
that if I have the TCB privilege, and the computer is trusted for
delegation, I can impersonate an account without logon the user account with
his/her username/password. Could some one provide detail explaination about
how can I achieve this impersonation. I mean if anyone can provide the
sample program to achieve this target, or explain which API should I use,
and the procedure.

Thanks in advance for any help.

Joe



Relevant Pages

  • RE: COM dll thread security issue while accessing from ASP.NET
    ... I save a reference to the current WindowsIdentity ... IIS authenticated user account. ... impersonate the identity of the WindowsIdentity object saved above. ... the 'Impersonator' event handler is running inside the COM dll thread, ...
    (microsoft.public.dotnet.security)
  • Re: Linked Server Connection Problem
    ... Delegation is the act of allowing a service to impersonate a user account ... or computer account in order to access resources throughout the network. ...
    (microsoft.public.sqlserver.connect)
  • Re: Impersonation - Is this possible?
    ... applicable to what you want to do (impersonate a specific user). ... > the current user account does not have access to. ... > impersonate the required user account and map to the drive in code, ... >, thus stopping tampering with the ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Web service Impersonatation?
    ... don't necessarily map to windows users and groups. ... This line of code will get me the user> account I set to impersonate: ... > This line of code will get me my user account ever time:> ...
    (microsoft.public.dotnet.framework)
  • Re: Web service Impersonatation?
    ... don't necessarily map to windows users and groups. ... This line of code will get me the user> account I set to impersonate: ... > This line of code will get me my user account ever time:> ...
    (microsoft.public.dotnet.framework.aspnet)