Scenario:
I've a remote computer without domain with a User, called hereafter Admin.
These are the steps I want to achive:
Connecting to that computer
Create a folder and give full control to Admin
Share the created folder so can be accessed via NFS
Run some code that underneath uses that directory to create temporary backup file and/or permanent ones.
So, I've used the functionalities exposed by the System.Management namespace, creating an object of type ManagementScope like this:
_managementScope = new ManagementScope($@"\\{_host}\root\cimv2",
new ConnectionOptions
{
Username = user,
Password = password
});
I think I can do the second and the third part using the Win32_Directory and Win32_Share class because they expose the ChangeSecurityPermissions and Create methods, respectively, and they seem to match my goal.
The problem to me is the last point, since the ManagementScope is configured to impersonate the user but it does no provide any object related to that so I could use it to run impersonated code.
In a nutshell, the ideal to me would be something like this:
if (_managementScope.Connected())
{
var directory = CreateDirectory(pathName);
SetFullPermission(directory, Admin); //managed with the Win32_Directory management class
ShareDirectory(directory); //managed with the Win32_Share management class
WindowsIdentity.RunImpersonated(_managementScope.Identity.AccessToken, () =>
{
//_managementScope.Identity is not available
Install(); //This method uses the directory and shall be managed by the user Admin
//so I need to run this code as Admin.
};
}
What's the best way to do so? Thanks
