Hello,
I have a c# application which impersonate other users on my domain using their credentials(User name and password).
It's working as expected. However an attempt to impersonate a User on a PC in a certain Workgroup that is connected to my domain would give me an error:
Login Failure: unknown user name or bad password.
This is the method that does the actual impersonation:
private void ImpersonateValidUser(
string userName,
string domain,
string password) {
WindowsIdentity tempWindowsIdentity = null;
IntPtr token = IntPtr.Zero;
IntPtr tokenDuplicate = IntPtr.Zero;
try {
if (RevertToSelf()) {
if (LogonUser(
userName,
domain,
password,
LOGON32_LOGON_INTERACTIVE,
LOGON32_PROVIDER_DEFAULT,
ref token) != 0) {
if (DuplicateToken(token, 2, ref tokenDuplicate) != 0) {
tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);
impersonationContext = tempWindowsIdentity.Impersonate();
}
else {
throw new Win32Exception(Marshal.GetLastWin32Error());
}
}
else {
throw new Win32Exception(Marshal.GetLastWin32Error());
}
}
else {
throw new Win32Exception(Marshal.GetLastWin32Error());
}
}
finally {
if (token != IntPtr.Zero) {
CloseHandle(token);
}
if (tokenDuplicate != IntPtr.Zero) {
CloseHandle(tokenDuplicate);
}
}
}
And as I said, this works perfectly if I try to impersonate a user on my domain. What I want is to be able to impersonate a User on a PC that's in a workgroup connected to my domain.
Any idea how to resolve this issue?
Thank you