.net impersonation on windows server

Asked Mar 17 '16 at 14:57

Active Mar 17 '16 at 14:57

Viewed 52 times

We have hardened systems and currently in process of engineering an application that utilizes .NET Impersonation of a logged in user. I have scoured high and low, from google to alta-vista (:P) looking for an answer.

I came across this link, but it's lessons learned did not work on our systems.

User rights needed for IIS 7.5 application pool user (domain user, not the AppPoolIdentity)

Can any of you programmers share knowledge of what permissions (local policies, folder permissions, IIS settings etc.) are needed to get .NET Impersonation working?

Here is our code (sanitized for internet display):

using (impersonationContext = ((System.Security.Principal.WindowsIdentity)User.Identity).Impersonate())
  {
    returnResult["testStatus"] = ((System.Security.Principal.WindowsIdentity)User.Identity).Name;
  }

edited May 23 '17 at 12:31

Community

asked Mar 17 '16 at 14:57

EightyFour

Well, you can't just cast an IIDentity to WindowsIdentity unless it actuall *IS* a WindowsIdentity. Are you certain it is? – Erik Funkenbusch Mar 17 '16 at 15:01
Yes, i have tested this and it works. This is just sanitized code. – EightyFour Mar 17 '16 at 15:02
Then what kind of error are you getting? – Erik Funkenbusch Mar 17 '16 at 15:03
And what is the identity of your application pool? Does that account have rights to impersonate on your domain? – Erik Funkenbusch Mar 17 '16 at 15:11
I'm not getting any error message from this application. Our API that we use from a vendor is not generating an exception. Our application does not have a database, and only connects to a server (application is for diagnostic use). – EightyFour Mar 17 '16 at 16:04
Application pool is running under "ApplicationPoolIdentity." – EightyFour Mar 17 '16 at 16:05

.net impersonation on windows server

0 Answers0