Re: [DOTNET] calling LoadUserProfile from a ASP.NET webservice

Fri, 10 May 2002 01:00:00 -0700 

Chris,

The thread is impersonating "gcsadmin", so LoadUserProfile is called by "gcsadmin", 
this account must have
Administrators privileges to do so.

Willy.

----- Original Message -----
From: "Chris Post" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, May 10, 2002 12:52 AM
Subject: [DOTNET] calling LoadUserProfile from a ASP.NET webservice


> I am attempting to call LoadUserProfile from a web service. However, I
> get an ERROR_PRIVILEGE_NOT_HELD error when I make the call.  I have
> assigned, the "Act as part of the operating system" privilege to the
> ASPNET account.
>
> The account I am using in the LogonUser call has Administrator privileges
> as well as the "Act as part of the operating system" privilege.
>
> I am running on Windows XP and have the .NET Framework SP1 installed as
> well.  Any assistance that you can offer would be greatly appreciated.
>
> Thanks in advance.
>
> Here is the code that generates the error:
>
> [WebMethod]
> public void LoadUserProfile()
> {
>    int LastError = 0;
>    if(impersonateValidUser("gcsadmin", ".", "bobo99"))
>    {
>       m_Profile.dwFlags=0x00000001;
>       m_Profile.UserName="gcsadmin";
>       m_Profile.dwSize=(uint)Marshal.SizeOf(m_Profile);
>
>       if(0==LoadUserProfile(m_DuplicateToken, ref m_Profile))
>       {
>          LastError = Marshal.GetLastWin32Error();
>       }
>       undoImpersonation();
>    }
>    else
>    {
>      //Your impersonation failed. Therefore, include a
>      //fail-safe mechanism here.
>    }
> }
>
> private bool impersonateValidUser(String userName, String domain,
>                                      String password)
> {
>    WindowsIdentity tempWindowsIdentity;
>    this.m_Token = IntPtr.Zero;
>    this.m_DuplicateToken = IntPtr.Zero;
>
>    if(LogonUser(userName, domain, password, LOGON32_LOGON_INTERACTIVE,
>    LOGON32_PROVIDER_DEFAULT, ref m_Token) != 0)
>    {
>       if(DuplicateToken(m_Token, 2, ref m_DuplicateToken) != 0)
>       {
>          tempWindowsIdentity = new WindowsIdentity(m_DuplicateToken);
>   m_impersonationContext = tempWindowsIdentity.Impersonate();
>    if (m_impersonationContext != null)
>      return true;
>   else
>      return false;
>       }
>       else
>          return false;
>    }
>    else
>       return false;
> }
>
> private void undoImpersonation()
> {
>    m_impersonationContext.Undo();
> }
>
> You can read messages from the DOTNET archive, unsubscribe from DOTNET, or
> subscribe to other DevelopMentor lists at http://discuss.develop.com.
>

You can read messages from the DOTNET archive, unsubscribe from DOTNET, or
subscribe to other DevelopMentor lists at http://discuss.develop.com.

Reply via email to