I am attempting to call LoadUserProfile from a web service. However, I
get an ERROR_PRIVILEGE_NOT_HELD error when I make the call. I have
assigned, the "Act as part of the operating system" privilege to the
ASPNET account.
The account I am using in the LogonUser call has Administrator privileges
as well as the "Act as part of the operating system" privilege.
I am running on Windows XP and have the .NET Framework SP1 installed as
well. Any assistance that you can offer would be greatly appreciated.
Thanks in advance.
Here is the code that generates the error:
[WebMethod]
public void LoadUserProfile()
{
int LastError = 0;
if(impersonateValidUser("gcsadmin", ".", "bobo99"))
{
m_Profile.dwFlags=0x00000001;
m_Profile.UserName="gcsadmin";
m_Profile.dwSize=(uint)Marshal.SizeOf(m_Profile);
if(0==LoadUserProfile(m_DuplicateToken, ref m_Profile))
{
LastError = Marshal.GetLastWin32Error();
}
undoImpersonation();
}
else
{
//Your impersonation failed. Therefore, include a
//fail-safe mechanism here.
}
}
private bool impersonateValidUser(String userName, String domain,
String password)
{
WindowsIdentity tempWindowsIdentity;
this.m_Token = IntPtr.Zero;
this.m_DuplicateToken = IntPtr.Zero;
if(LogonUser(userName, domain, password, LOGON32_LOGON_INTERACTIVE,
LOGON32_PROVIDER_DEFAULT, ref m_Token) != 0)
{
if(DuplicateToken(m_Token, 2, ref m_DuplicateToken) != 0)
{
tempWindowsIdentity = new WindowsIdentity(m_DuplicateToken);
m_impersonationContext = tempWindowsIdentity.Impersonate();
if (m_impersonationContext != null)
return true;
else
return false;
}
else
return false;
}
else
return false;
}
private void undoImpersonation()
{
m_impersonationContext.Undo();
}
You can read messages from the DOTNET archive, unsubscribe from DOTNET, or
subscribe to other DevelopMentor lists at http://discuss.develop.com.
