Given your username and password, how do you impersonate this user?

Question

Given your username and password, how do you impersonate this user?

On Windows Vista and later, LogonUser returns a non-privileged token, even if the user is provided by an administrator. That way, when you personalize the use of this token, you are not increasing. Given the correct username and password for the administrator user, how do you run code with elevated privileges for this administrator?

+6

c # elevated-privileges impersonation

Mark raymond Sep 27 '13 at 12:11

source share

2 answers

I just worked with this example , it actually works fine. I assume that if you want to run the code in this context, you will need to set the current thread directive to:

 Thread.CurrentPrincipal = new System.Security.Principal.WindowsPrincipal(WindowsIdentity.GetCurrent());

+1

Michac Sep 27 '13 at 12:55

source share

Mark raymond · Accepted Answer · 2013-09-27T16:40:59+0000

If you are writing a Windows service, using LOGON32_LOGON_SERVICE instead of LOGON32_LOGON_INTERACTIVE or LOGON32_LOGON_NEW_CREDENTIALS will result in a privileged token if the user you want to impersonate has the "log in as a service" access rights.

This does not provide a general solution (it will not work if you are writing a user-oriented application), but this is enough to solve a specific problem.

Given your username and password, how do you impersonate this user?

More articles: