Run Code as a different user

Question

Is there a way to tell my code to run as a different user?

I am calling NetUserSetInfo via a PInvoke and I need to call it as a different user. Is there a way to do that?

score 31 · Answer 1 · edited Jun 17 '19 at 20:22

31

Probably the best and the cleanest code that I have seen so far is this:

var credentials = new UserCredentials(domain, username, password);
Impersonation.RunAsUser(credentials, logonType, () =>
{
    // do whatever you want as this user.
});

Just follow Github or Nuget.

edited Jun 17 '19 at 20:22

answered May 26 '15 at 18:48

Milan Matějka

2,654
1
21
23

2

This certainly was easy to implement but I can't validate that it is working. I do a process.start("cmd.exe") and the process still shows as owned by the ID that started the program not the impersonated ID. What could I be missing? – Christopher Painter Oct 27 '16 at 18:09

score 30 · Accepted Answer · edited Jan 30 '15 at 12:45

30

Impersonation requires calling some native APIs (namely, LogonUser) so it's probably not worth posting 3 pages of wrapper code. This page has a complete working sample: http://platinumdogs.wordpress.com/2008/10/30/net-c-impersonation-with-network-credentials/

Note that impersonation has important security considerations. Make sure you follow best practices.

edited Jan 30 '15 at 12:45

Niklas

13,005
23
79
119

answered Jul 22 '09 at 22:17

Richard Berg

20,629
2
66
86

JohnFx · Answer 3 · 2009-07-22T22:32:04.207

This article explains it pretty succinctly:

Here's a code snippet from the article:

IntPtr accessToken = IntPtr.Zero;
....
//You have to initialize your accessToken with API calling 
....
WindowsIdentity identity = new WindowsIdentity(accessToken);
WindowsImpersonationContext context = identity.Impersonate();
...
// Now your code is using the new WindowsLogin and you can do what ever this login can do
...

//Now you can return to your current login of Windows
context.Undo();

Run Code as a different user

3 Answers3

Linked