Reason why this Impersonator code doesn't work?

Posted on 2007-11-20
Last Modified: 2008-02-01
Hi All -
I'm using C#

I got this code over a year ago from here. It worked then, but when i added it into my new project it doesn't work. The code doesn't error out, i just get "access denied" when i try to update the list.

public class Impersonator


            public static WindowsIdentity CreateIdentity(string User, string Domain, string Password)


                  // The Windows NT user token.

                  IntPtr tokenHandle = new IntPtr(0);

                  const int LOGON32_PROVIDER_DEFAULT = 0;

                  const int LOGON32_LOGON_NETWORK = 3;

                  tokenHandle = IntPtr.Zero;

                  // Call LogonUser to obtain a handle to an access token.

                  bool returnValue = LogonUser(User, Domain, Password, 


                        ref tokenHandle);

                  if (false == returnValue)


                        int ret = Marshal.GetLastWin32Error();

                        throw new Exception("LogonUser failed with error code: " +  ret);


                  //System.Diagnostics.Debug.WriteLine("Created user token: " + tokenHandle);

                  //The WindowsIdentity class makes a new copy of the token.

                  //It also handles calling CloseHandle for the copy.

                  WindowsIdentity id = new WindowsIdentity(tokenHandle);


                  return id;


            [DllImport("advapi32.dll", SetLastError=true)]

            private static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword,

                  int dwLogonType, int dwLogonProvider, ref IntPtr phToken);

            [DllImport("kernel32.dll", CharSet=CharSet.Auto)]

            private extern static bool CloseHandle(IntPtr handle);



protected void btnSaveExit_Click(object sender, EventArgs e)


WindowsImpersonationContext wic = Impersonator.CreateIdentity("Admin User Name", "Domain where Admin resids", "Password").Impersonate();

            SPSite site = SPControl.GetContextSite(Context);

            //site.CatchAccessDeniedException = false;

            SPWeb subSite = site.AllWebs["mysite"];

            subSite.AllowUnsafeUpdates = true;

            SPListCollection allSiteLists = subSite.Lists;

            SPList list = subSite.Lists["mylist"];

            SPListItemCollection listItems = list.Items;

            SPListItem newItem = list.GetItemById(Convert.ToInt32(lblUnique.Text));



            newItem["ApprovedBy"] = txtApprovedBy.Text;

            newItem["ApprovedDate"] = txtApprovedDate.Text;



Open in new window

Question by:JordanBlackler
  • 2
LVL 11

Accepted Solution

Salim Fayad earned 500 total points
ID: 20321028
Make sure that the user has access to the Sharepoint site and that he has write access on the list

Author Comment

ID: 20321401
If they have write access, then wouldn't they people able to edit the list anyways?

Author Comment

ID: 20322631
I did what your suggested and i also changed the way i got the site and list. Now it works.

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

This article is for Object-Oriented Programming (OOP) beginners. An Interface contains declarations of events, indexers, methods and/or properties. Any class which implements the Interface should provide the concrete implementation for each Inter…
Calculating holidays and working days is a function that is often needed yet it is not one found within the Framework. This article presents one approach to building a working-day calculator for use in .NET.
Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now