 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / .NET Framework / New Users / October 2006thread to impersonates user
I have an application that needs to connect to a file share to copy files. I can create and successfully use the System.Diagnostics.ProcessStartInfo class in Application "A" to set the domain, password, and call a different executable ( Applic "B" ) . But how do I use a thread of the application "A" and change the user for the thread - INSTEAD of a having to call Application B -?? Ideas ? I am hoping someone has a short & elegant way like I am using with Applic A , instead unmanaged code.  SignatureAndrew This example shows how to do it; http://msdn2.microsoft.com/en-us/library/system.security.principal.windowsimpers onationcontext.aspx You just need to have your thread log in as that user, call the methods you want, then undo the impersonation. SignatureChris Mullins, MCSD.NET, MCPD:Enterprise http://www.coversant.net/blogs/cmullins >I have an application that needs to connect to a file share to copy files. > I can create and successfully use the System.Diagnostics.ProcessStartInfo [quoted text clipped - 9 lines] > A > , instead unmanaged code. Hi Chris, I am rather surprised ( disappointed ) that the sample is written for .NET 1.1 and includes the unmanaged code calls - that the System.Diagnostics.ProcessStartInfo either avoided or hid. Is this as good as it gets ?? Thanks SignatureAndrew > This example shows how to do it; > http://msdn2.microsoft.com/en-us/library/system.security.principal.windowsimpers onationcontext.aspx [quoted text clipped - 15 lines] > > A > > , instead unmanaged code. I've seen this in a number of ways: 1 - If you know the credentials, you can impersonate via your config file. ASP.NET is very good at this. 2 - If you have a user connected using Windows Auth, and very verify they're using Kerberos, you can impersonate them and then hit network resources. Often they're not Kerberos authenticated though, and you run into the network hop problem. 3 - You can do SSPI impersonation, but that really sucks. I would just cut/paste that code and give it a try. Throw it in a "Don't look at me" class, and just hide the implementation details from view. There may well be a better way, but nothing comes to mind. SignatureChris Mullins, MCSD.NET, MCPD:Enterprise > Hi Chris, > [quoted text clipped - 28 lines] >> > A >> > , instead unmanaged code. Understood. I am replacing the same functionality with .NET as I have in VB 6 just see how succint this is: (XX = password) Wsh.MapNetworkDrive sLetter & ":", sName, , "NW\downloaduser", XX what's like this in .NET - I might just as well interop WSH. as do any of the other work. Its embarrassing to replace with reams of code :D SignatureAndrew > I've seen this in a number of ways: > [quoted text clipped - 43 lines] > >> > A > >> > , instead unmanaged code. I understand your frustration. Ah well, 99% of the time you get to eliminate whole pages of vb6 code with a single line of .Net code. This time you're going the other way. Think of how much conversion karma you'll gain in the process! :) SignatureChris Mullins, MCSD.NET, MCPD:Enterprise http://www.coversant.net/blogs/cmullins > Understood. I am replacing the same functionality with .NET as I have in > VB 6 [quoted text clipped - 58 lines] >> >> > A >> >> > , instead unmanaged code. Unless you want to impersonate a single user for all users, which you can do in config, it IS as good as it gets. In this particular instance, the potential security hole opens up the issue. You might be able to alter some of the unmanaged calls a bit to get credentials and attach to a Process object, but I have not personally tried it. SignatureGregory A. Beamer MVP; MCP: +I, SE, SD, DBA http://gregorybeamer.spaces.live.com ************************************************* Think outside of the box! ************************************************* > Hi Chris, > [quoted text clipped - 28 lines] >> > A >> > , instead unmanaged code. Maybe I my request is too simple - as noted I am just replacing VB 6 code like this; Wsh.MapNetworkDrive sLetter & ":", sName, , "domain\username", XX where XX = password That allows me to copy files where I need them. Hard to imagine the >NET replacement is so convoluted - ( except for System.Diagnostics.ProcessStartInfo ) which works just fne. SignatureAndrew > Unless you want to impersonate a single user for all users, which you can do > in config, it IS as good as it gets. In this particular instance, the [quoted text clipped - 36 lines] > >> > A > >> > , instead unmanaged code. Hi, You can still use Windows Scripting host if you'd like. After all, you don't have an entirely managed option anyway. Like Chris said, you can grab that MSDN code and hide it in a class. You could do the same with your wsh code if you find it easier to work with. SignatureDave Sexton > Maybe I my request is too simple - as noted I am just replacing VB 6 code > like this; Wsh.MapNetworkDrive sLetter & ":", sName, , "domain\username", XX [quoted text clipped - 44 lines] >> >> > A >> >> > , instead unmanaged code. Yes indeed - there did not seem to be any gain in my case in going to the net classes that just fell back on WIN 32 API's. So I will proceed with that interop... maybe .NET 3 has encapsulated some of this 'plumbing' . Thanks All ! SignatureAndrew > Hi, > [quoted text clipped - 50 lines] > >> >> > A > >> >> > , instead unmanaged code. Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.