stackoom
  简体   繁体   中英

Is running code under a different user (impersonation) possible with a service account (domain) without a windows service?

 原文  2020-07-16 11:35:09       c#/ wpf/ impersonation

Question

We want to run a process under the context of a service account. Can a method within a WPF application be executed (using Process.Start) impersonated with a service user account (domain) without a windows service?

If possible, how can this be achieved?

1 answers

solution1
 2 ACCPTED  2020-07-16 11:43:41

OP:

Can a method within a WPF application be executed (using Process.Start) impersonated with a service user account (domain) without a windows service?

You can impersonate a user regardless of what type the calling process is. ie WPF, Windows Service, Console App . It does not matter. However on Windows Vista and later the process must be running as an administrator .

Example courtesy of MSDN

string userName, domainName;
// Get the user token for the specified user, domain, and password using the
// unmanaged LogonUser method.
// The local machine name can be used for the domain name to impersonate a user on this machine.
Console.Write("Enter the name of the domain on which to log on: ");
domainName = Console.ReadLine();

Console.Write("Enter the login of a user on {0} that you wish to impersonate: ", domainName);
userName = Console.ReadLine();

Console.Write("Enter the password for {0}: ", userName);

...

// Call LogonUser to obtain a handle to an access token.
bool returnValue = LogonUser(userName, domainName, Console.ReadLine(),
                LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,
                out safeTokenHandle);
...

using (safeTokenHandle)
{
...

    using (WindowsIdentity newId = new WindowsIdentity(safeTokenHandle.DangerousGetHandle()))
    {
        using (WindowsImpersonationContext impersonatedUser = newId.Impersonate())
        {
            // Check the identity.
            Console.WriteLine("After impersonation: "
                             + WindowsIdentity.GetCurrent().Name);
        }
    }
}

For more information and the complete example , I recommend viewing the link above as I didn't wish to quote the entire sample.

More

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question WCF service running under domain account WCF Service running under app pool impersonating domain user account prints to network printer for one domain account but not another Is it possible to programmatically set the user account for a windows service? Impersonation in Windows Service Is it possible for a Windows service impersonate a user without a password? Windows service with User account Login Windows service installer for different user account (other than local system) Does Impersonation and running service with logon set to Administrator user is same thing? WCF service Process.Start under network service account impersonating as a different user Access Windows Share under Network Service account
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM