Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Get impersonated user name

Tags:

.net

impersonation

I have a class that needs to know name of a user currently in effect. Environment.UserName or WindowsIdentity.GetCurrent().Name is for that. But when impersonation is enabled, they return LocalUser name not the ImpersonatedUser name.

How to get name of currently impersonated user?

The app is C# console application, I know that impersonation is in effect since I get priviledges of ImpersonatedUser. Sure I can make impersonation code save impersonated username to some global variable, but it would be wrong.

UPDATE:

Impersonation code:

if (LogonUser(userName, domain, password, LOGON32_LOGON_NEW_CREDENTIALS/*=9*/, LOGON32_PROVIDER_DEFAULT, ref token) != 0)
{
  if (DuplicateToken(token, 2, ref tokenDuplicate) != 0)
  {
    WindowsIdentity tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);
    _impersonationContext = tempWindowsIdentity.Impersonate();

    // WindowsIdentity.GetCurrent().Name equals "LocalUser" 
    // while userName equals "ImpersonatedUser"
    ...

I have control over impersonation code, but I would prefer to keep it independant from other parts of solution.

like image 374
zzandy Avatar asked Mar 01 '11 10:03

zzandy

People also ask

What is impersonated user?

User impersonation allows you to temporarily sign in as a different user in your network. Users with full impersonation permissions can impersonate all other users in their network and take any action, regardless of the impersonating user's own permission level. Impersonators appear as themselves in the change history.

What is impersonate user C#?

The term "Impersonation" in a programming context refers to a technique that executes the code under another user context than the user who originally started an application, i.e. the user context is temporarily changed once or multiple times during the execution of an application.

What is selected to impersonate users?

To impersonate another user, the impersonator selects the Impersonate icon on the far right of the Tab Bar and selects the user from the Impersonate drop-down list. To stop impersonating a user, the impersonator clicks the Impersonate icon and selects Stop Impersonate from the Impersonate drop-down list.

How do I impersonate a Windows user?

To impersonate another user you must first retrieve the security information of the user you want to impersonate, cache that information in a security context structure, and then later use the information in the security context structure to send the impersonated messages.

1 Answers

Just this (instance member)

WindowsIdentity.Name

http://msdn.microsoft.com/en-us/library/system.security.principal.windowsidentity.aspx

You don't even have to have called Impersonate().

EDIT

Without access or knowledge of the impersonation,

WindowsIdentity.GetCurrent(false).Name
(same as)
WindowsIdentity.GetCurrent().Name

should work. http://msdn.microsoft.com/en-us/library/x22bbxz6.aspx

false to return the WindowsIdentity of the thread if it is impersonating or the WindowsIdentity of the process if the thread is not currently impersonating.

If you were using LOGON32_LOGON_NEW_CREDENTIALS, bear in mind that (http://www.pcreview.co.uk/forums/logonuser-issues-t1385578.html) the logged in context remains unchanged while a second token is created for remote resources - this is why your WindowsIdentity.Name remains unchanged - in effect it is still correct, because you have not actually impersonated the identity, all you have is a token to access resources as the secondary identity while the entire program/thread is still running under the original Windows Identity.
like image 138
RichardTheKiwi Avatar answered Oct 08 '22 15:10

RichardTheKiwi
Sign in to Comment

Related questions

Why does StreamReader.ReadLine throw OutOfMemoryException?
How to mock everything?
What is a native library? What is the need for binding?
Query a Dictionary of Dictionaries?
Library for visualizing object graphs in .NET
Group by in Datagrid View
Castle Windsor Internal Constructor/Class
Get .NET to consider a specific network share to be fully trusted
Some questions about thread synchronization
Remote MSMQ, Transactions and ReceiveById fails - "Message requested was not found in the queue specified"
How to secure .NET DLL's
How do I explicitly run the static constructor of an unknown type? [duplicate]
Delete Image from PictureBox in C#
How do I programmatically send information to a web service in C# with .NET?
Getting a WPF Listview to display ObservableCollection<T> using databinding
Free font and color chooser for WPF?
AssemblyResolve always get raised, asking for MyAssembly.resources
Invoking Word for rtf to docx conversion
What is the best way to log a .NET Func<>

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!