We help IT Professionals succeed at work.
Get Started

User Impersonation Problem

MiSheps
MiSheps asked
on
297 Views
Last Modified: 2013-12-17
Ok, I've got a problem that's making my brain hurt! I need your help!

I am using user impersonation to perform certain tasks within my application. I am fortunate in that in this situation I can hard code the Admin user/pass.

I am using impersonation successfully to do things such as writing files to permission locked areas, etc. so I know that my impersonation is working correctly. (ie writing to the root of C:\ with admin rights allows me to write a file, whereas without admin rights I am denied.) When I write the file using my impersonation I AM able to write the files to admin only security sections.

HOWEVER, what ISN'T WORKING is a certain function which I need most.

I need the ability to release a specific IP of a specific type of adapter and then the ability to renew that IP of that adapter.

The command that I'm using to do so is:

ipconfig.exe /release "Wireless Network Connection"

I'm doing so in the following code snip:

            using (new ImpersonatedUser("administrator", Environment.MachineName, _adminPass))
            {
                ProcessStartInfo pInfo = new ProcessStartInfo();
                pInfo.FileName = @"ipconfig.exe";
                pInfo.Arguments = @"/release ""Wireless Network Connection""";
                Process p = Process.Start(pInfo);  //Start the process.

                StreamWriter sw = File.CreateText(@"C:\AAATest.log");
                sw.WriteLine("test1");
                sw.Close();
            }

In the example above, the file "C:\AAATest.log" IS created with the first line of "test1" however, the IP is NOT released for the "wireless network adapter".

I know that my syntax for releasing the IP is correct because when I right click/runas a cmd.exe with admin rights, and execute the same command manually, it DOES successfully release it.

But for some reason, it doesn't release it when I do it programatically.

My only guess is that perhaps since I'm logged in as a different user, the "wireless network adapter" doesn't actually show in the "administrator" environment since that isn't actually who is logged in?

I'm not sure, but I do know that I need a programatic solution for it.

I'll also attack as a code snip the clase in which I'm using to impersonate the specified user:

Any help would be GREATLY appreciated!


using System;
using System.ComponentModel;
using System.Runtime.InteropServices;
using System.Security.Principal;

namespace SandBox001
{
    public class ImpersonatedUser : IDisposable
    {
        IntPtr userHandle;
        WindowsImpersonationContext impersonationContext;

        public ImpersonatedUser(string user, string domain, string password)
        {
            userHandle = IntPtr.Zero;
            bool loggedOn = LogonUser(
                user,
                domain,
                password,
                LogonType.Interactive,
                LogonProvider.Default,
                out userHandle);

            if (!loggedOn)
                throw new Win32Exception(Marshal.GetLastWin32Error());

            // Begin impersonating the user
            impersonationContext = WindowsIdentity.Impersonate(userHandle);
        }

        public void Dispose()
        {
            if (userHandle != IntPtr.Zero)
            {
                CloseHandle(userHandle);
                userHandle = IntPtr.Zero;
                impersonationContext.Undo();
            }
        }

        [DllImport("advapi32.dll", SetLastError = true)]
        static extern bool LogonUser(
            string lpszUsername,
            string lpszDomain,
            string lpszPassword,

            LogonType dwLogonType,
            LogonProvider dwLogonProvider,
            out IntPtr phToken
            );

        [DllImport("kernel32.dll", SetLastError = true)]
        static extern bool CloseHandle(IntPtr hHandle);

        enum LogonType : int
        {
            Interactive = 2,
            Network = 3,
            Batch = 4,
            Service = 5,
            NetworkCleartext = 8,
            NewCredentials = 9,
        }

        enum LogonProvider : int
        {
            Default = 0,
        }
    }
}

Open in new window

Comment
Watch Question
Commented:
This problem has been solved!
Unlock 1 Answer and 5 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE