I am encountering an error: "Attempted to perform an unauthorized operation." when trying to read, (well any access actually) the registry on a remote machine. I am using impersonation with a Domain Administrator for that machine, so it should have access to the registry (I cannot log out the machine to log in the domain admin and be sure). I know I cannot access the RegistryHive.CurrentUser remotely, so I am using RegistryHive.Users and then the SID of the user in question to get access the path, but even that does not allow me access.
If I run the application without impersonation, I am able to access the RegistryHive.Users, but cannot go any further due to the error "Requested registry access is not allowed.". This makes sense, since my account does not have access to the registry on that machine.
There are several remote machines that this code will eventually access (once I can get it working for one!), and they are either Windows XP Pro, or Windows 2003 server.
I've attached a snippit of the code, hopefully it helps. The error is occuring on the line:
rkRegistry = RegistryKey.OpenRemoteBase
'Code to Do impersonate and connect to remote registry
strSID = GetSIDUsingADSearch(strRemoteUser)
'The Windows NT user token.
Dim token1 As Integer
Dim loggedOn As Boolean = LogonUser(strUserName, strDomain, strPassword, 3, 0, token1)
'Starting impersonation here:
Dim mWI1 As WindowsIdentity = WindowsIdentity.GetCurrent()
Dim token2 As IntPtr = New IntPtr(token1)
Dim mWI2 As WindowsIdentity = New WindowsIdentity(token2)
'Impersonate the user.
mWIC = mWI2.Impersonate()
Dim rkRegistry As RegistryKey
rkRegistry = RegistryKey.OpenRemoteBaseKey(RegistryHive.Users, strIPAddress).OpenSubKey(strSID)
Public Shared Function LogonUser(ByVal lpszUsername As String, ByVal lpszDomain As String, ByVal lpszPassword As String, ByVal dwLogonType As Integer, ByVal dwLogonProvider As Integer, ByRef phToken As Integer) As Boolean