It looks like you want HostingEnvironment.Impersonate
Example:
using (var imp = HostingEnvironment.Impersonate()) {
This works fantastically, unfortunately, the standard here is not to use application pools, since managing passwords is easier for them if you update them in each command by placing them in web.config
Well, that seems counter-intuitive, but I came across the worst politicians in my time, so I can hardly judge.;)
As I mentioned in my comment, there are Impersonate overloads that allow you to impersonate an arbitrary account. To do this, you must get the Windows authentication token for this user, and this is not trivial, and not, as far as I know, what you can do 100% in managed code. You will have to use an unmanaged code, and you will need to find out the username and password of the account you issued in your application. This is much less secure than just setting up an account as an application pool identifier if you ever want to argue the point with your BTW network architect. Just some ammo for you.
Anyway, here is an example of the code that I adapted from the internet:
#region native imports. public const int Logon_LogonTypeInteractive = 2; public const int Logon_ProviderDefault = 0; public const int Duplicate_ImpersonationLevelImpersonate = 2; [DllImport("advapi32.dll")] public static extern bool LogonUser(string lpszUserName, string lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken); [DllImport("advapi32.dll", CharSet=CharSet.Auto, SetLastError=true)] public static extern bool DuplicateToken(IntPtr hToken, int impersonationLevel, ref IntPtr hNewToken); [DllImport("advapi32.dll", CharSet=CharSet.Auto, SetLastError=true)] public static extern bool RevertToSelf(); [DllImport("kernel32.dll", CharSet=CharSet.Auto)] public static extern bool CloseHandle(IntPtr handle);