1

I have app level impersonation with a special account which allows for Database Access and other functions.

But for one specific operation (Reading files from the user's PC), i need to disable the app level impersonation.

Is there a way I can use "WindowsImpersonationContext" to disable app impersonation for a section and reactivate itself as soon as the code is done... (Preferably through a using statement).

ArjaaAine
  • 886
  • 5
  • 14
  • 27
  • You can revert to process identity (search for samples)... but it should not help you with "Reading files from the user's PC". – Alexei Levenkov Jul 19 '14 at 00:32
  • If I would not have impersonated with the service account, the user account is used to do the database calls. So, i was hoping that I can disable the impersonation in my filecopy method and it would revert back to the user account. – ArjaaAine Jul 19 '14 at 00:38
  • Misread your question - you already impersonate particular account, not incoming one... It may be possible to impersonate incoming user's account in this case, but I've not seen such code. But anyway I'm not sure what your "Reading files from the user's PC" requirement means. – Alexei Levenkov Jul 19 '14 at 00:45
  • I have an attachment control. User's add files through there. (because i have IE9, I can't use the FileAPI) So i take the path of the attachment and run a copy command to copy from the user's PC to my server. But because my impersonate account does not have permissions on the user's machine.. I am not able to open the file. Our firm's security makes this situation a little complicated. – ArjaaAine Jul 19 '14 at 00:47
  • 1
    Impersonation of incoming user not going to help you with copying files from remote machine to server unless you have Kerberos and not NTLM. Make sure to search and read about "NTLM one hop". – Alexei Levenkov Jul 19 '14 at 00:51

1 Answers1

2

So, I was able to solve it.

Thanks to: Can I turn off impersonation just in a couple instances

I used:

using (var impersonationContext = WindowsIdentity.Impersonate(IntPtr.Zero))
Community
  • 1
  • 1
ArjaaAine
  • 886
  • 5
  • 14
  • 27