4

I have a click once application that uses Windows Auth to authenticate against WCF services. However I am trying to allow users to run this application at home via a VPN connection. The main issue here is that the DefaultNetworkCredentials aren't setup correctly.

I was hoping to detect if the user was AD connected by using

WindowsIdentity.GetCurrent().Name.StartsWith(@"{DOMAIN NAME}\", StringComparison.InvariantCultureIgnoreCase)

But after that I can't figure out how to impersonate the domain user whilst on a home machine...

Aron
  • 15,464
  • 3
  • 31
  • 64
  • 1
    Have you tried [this](http://stackoverflow.com/questions/125341/how-do-you-do-impersonation-in-net)? – Michael-O May 27 '13 at 20:47
  • tried what? I've so far been pretty unsuccessful in trying to impersonate a user on a non-AD machine. – Aron May 28 '13 at 02:14
  • The approaches described in the link. You cannot impersonate someone unless you either have his/her UPN and PW or a delegated Kerberos credential. Since this is outside of a domain, Kerberos won't work. – Michael-O May 28 '13 at 07:44

1 Answers1

2

I think you need to tackle this at the user level,

C:\Windows\System32\runas.exe /netonly /user:\ "YOURAPPPATH"

Try having them run your app like this from the command line. (Or possibly, with the installation include a shortcut that looks like that)

They'll need to re-enter the domain password each time they run.

Here's more info on runas here

Char George
  • 104
  • 5