2

Good Day,

My web app is set to use Windows Authentication and Impersontation is set to true.

I wan't to launch a process using the logged-in user account. However, when I tried to launch notepad.exe, it was run as a NETWORK SERVICE.

I've tried different impersonation techniques, but none of them worked.

Please help.

http://msdn.microsoft.com/en-us/library/ms998351.aspx#paght000023_impersonatingbyusingwindowsidentity

Ian
  • 5,625
  • 11
  • 57
  • 93

1 Answers1

2

Simple impersonation won't allow you to start a process as another user. You would have to use CreateProcessAsUser from the Windows API together with the appropriate privileges

The CreateProcessAsUser function does not need the password of a user. It requires a primary token which can be obtained from the System.Security.Principal.WindowsIdentity object. Your ASP.NET process must have the Act as part of the operating system privilege to get an impersonation-level token.

How To: Use Impersonation and Delegation in ASP.NET 2.0 has all the details on this topic.

A related question which also might be relevant is this one: Using Process.Start() to start a process as a different user from within a Windows Service.

Community
  • 1
  • 1
Dirk Vollmar
  • 172,527
  • 53
  • 255
  • 316
  • We don't want the user to re-supply the password again. Since we are using Windows Authentication, the user logs in using his domain account. Using User.Identity.Name reveals that the current user is successfully authenticated using that account. We just want to run a process using the account provided by the user. – Ian May 07 '09 at 09:34