how to do Impersonation by coding in vb.net

Question

0.00/5 (No votes)

See more:

Hi guys..

My requirement is that once a user is logged in an application which is hosted on server windows 2008 R2(IIS v7.5), he requests some pages and then he want to switch as another user because some page calls taskscheduler.exe which requires to run as an administrator.
so now i am trying to do impersonation by coding(VB.NET) except declare into the web.config file.

please help me
your help is appreciated

Sanjay G.

Posted 29-Mar-12 23:52pm

sanjayv.gade

Updated 30-Mar-12 1:40am

v2

Add a Solution

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

RDBurmon · Answer 1 · 2012-03-30T01:38:00

Try this

VB

Public Class Form1
    Private Function IsAdmin() As Boolean
        Return My.User.IsInRole( _
             Microsoft.VisualBasic.ApplicationServices. _
             BuiltInRole.Administrator)
    End Function

Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load

        If IsAdmin() = False Then
            If System.Environment.OSVersion.Version.Major = 6 Then
                MsgBox("Sorry... my app need to run as administrator" & vbCr & "Press ok to Restart in Administrator mode", MsgBoxStyle.Information)
                Dim process As System.Diagnostics.Process = Nothing
                Dim processStartInfo As System.Diagnostics.ProcessStartInfo

                processStartInfo = New System.Diagnostics.ProcessStartInfo()

                processStartInfo.FileName = "myapp.exe"

                If System.Environment.OSVersion.Version.Major >= 6 Then ' Windows Vista or higher
                    processStartInfo.Verb = "runas"
                Else
                    ' No need to prompt to run as admin
                End If

                processStartInfo.Arguments = ""
                processStartInfo.WindowStyle = System.Diagnostics.ProcessWindowStyle.Normal
                processStartInfo.UseShellExecute = True

                Try
                    process = System.Diagnostics.Process.Start(processStartInfo)
                Catch ex As Exception
                    MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
                Finally

                    If Not (process Is Nothing) Then
                        process.Dispose()
                    End If

                End Try

            End If
            End
        End If

Dave Kreskowiak · Answer 2 · 2012-03-30T07:01:00

Solution 2

If your app is launched by a User, the code is running AS that User. Normal users cannot impersonate other users. Only a setvice account or admin account can impersonate other users.

So, is your code running on the server and under an account specifically created to tun this app?

Posted 30-Mar-12 7:01am

Dave Kreskowiak

Comments

sanjayv.gade 2-Apr-12 7:33am

Actually i want a status of jobs from task scheduler through application. for that i have used dll it has a function which retrives job status. application hosted on windows server 2008-R2, on this server we want some rights so we need to do impersonation.

You are right, Only service or admin account can impersonate other users. and i have service/admin account, when i provide admin details into the web config file it works fine. but it is not working same with coding(VB.Net)

below is code i have tried:

Public Function StartImpersonation(ByVal sUserName As String, ByVal sDomain As String, ByVal sPassword As String) As Boolean

Dim bResults As Boolean = False Dim sErrorMessage As String

Dim oWindowsIdentity As WindowsIdentity

Dim hPrimaryToken As IntPtr = IntPtr.Zero 'a Win32 handle to our authentication token

Dim hImpersonationToken As IntPtr = IntPtr.Zero 'a Win32 handle to our impersonation token

If sUserName = String.Empty Then

Throw New ArgumentException("UserName may not be NULL or String.Empty")

End If 'If no domain is given, assume the account is a local one

If sDomain = String.Empty Then

sDomain = Environment.MachineName End If Try

'Validate the provided userid, password and domain.

If LogonUserA(sUserName, sDomain, sPassword, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, hPrimaryToken) <> 0 Then

'Convert our token to one whos handle has TOKEN_IMPERSONATE set

If DuplicateToken(hPrimaryToken, SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation, hImpersonationToken) <> 0 Then

'Create a new identity object based on our impersonation token

oWindowsIdentity = New WindowsIdentity(hImpersonationToken)

'Switch to our new identity

m_oImpersonationContext = oWindowsIdentity.Impersonate()

If Not (m_oImpersonationContext Is Nothing) Then

m_bImpersonationActive = True

bResults = True End If

Else

sErrorMessage = String.Format("DuplicateToken failed (rc={0})", Runtime.InteropServices.Marshal.GetLastWin32Error)

'Throw New Security.Authentication.AuthenticationException(sErrorMessage)

End If Else

sErrorMessage = String.Format("LogonUser failed (rc={0})", Runtime.InteropServices.Marshal.GetLastWin32Error)

'Throw New Security.Authentication.AuthenticationException(sErrorMessage)

End If Finally

If Not hImpersonationToken.Equals(IntPtr.Zero) Then

CloseHandle(hImpersonationToken)

hImpersonationToken = IntPtr.Zero End If

If Not hPrimaryToken.Equals(IntPtr.Zero) Then

CloseHandle(hPrimaryToken)

hPrimaryToken = IntPtr.Zero End If End Try

Return bResults End Function