How to get WindowsIdentity from domain\ username without password?
-
I can get WindowsIdentity with this Function: [DllImport("advapi32.dll", CallingConvention = CallingConvention.StdCall)] public static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken); private static WindowsIdentity getWindowsIdentity(string userName, string Domain, string Password) { bool posix = ((int) Environment.OSVersion.Platform == 128); WindowsIdentity user = null; try { if (posix) { user = new WindowsIdentity(userName); } else { IntPtr token = IntPtr.Zero; LogonUser(userName, Domain, Password, 2, 0, ref token); if (token == IntPtr.Zero) { return null; } user = new WindowsIdentity(token); } } catch (Exception ex) { return null; } return user; } But I want to get WindowIdentity with only Domain\UserName argument? Thanks for any idea !
QuynhTD
-
I can get WindowsIdentity with this Function: [DllImport("advapi32.dll", CallingConvention = CallingConvention.StdCall)] public static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken); private static WindowsIdentity getWindowsIdentity(string userName, string Domain, string Password) { bool posix = ((int) Environment.OSVersion.Platform == 128); WindowsIdentity user = null; try { if (posix) { user = new WindowsIdentity(userName); } else { IntPtr token = IntPtr.Zero; LogonUser(userName, Domain, Password, 2, 0, ref token); if (token == IntPtr.Zero) { return null; } user = new WindowsIdentity(token); } } catch (Exception ex) { return null; } return user; } But I want to get WindowIdentity with only Domain\UserName argument? Thanks for any idea !
QuynhTD
Wow. That's alot of code to do this:
string userName = Environment.UserName; string userDomain = Environment.UserDomainName;A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007, 2008 -
Wow. That's alot of code to do this:
string userName = Environment.UserName; string userDomain = Environment.UserDomainName;A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007, 2008No, I don't want those information. I want to get WindowsIdentity object from username. I want to have a function that : WindowsIdentity identity = GetWindowsIdentityFromUserName(string userName) ???
QuynhTD
-
No, I don't want those information. I want to get WindowsIdentity object from username. I want to have a function that : WindowsIdentity identity = GetWindowsIdentityFromUserName(string userName) ???
QuynhTD
OK, I misunderstood what you were after. .NET 2.0 and above has the System.Windows.Principle namespace, but that WindowsIdentity class can only return the currently logged on entity, unless your attached to a Windows 2003 domain. What are you trying to do with this??
A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007, 2008 -
OK, I misunderstood what you were after. .NET 2.0 and above has the System.Windows.Principle namespace, but that WindowsIdentity class can only return the currently logged on entity, unless your attached to a Windows 2003 domain. What are you trying to do with this??
A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007, 2008In fact I want to get,set all permission (Read, write, ..in FileSystemRights) in Folder's ACL of one user on WinNT. I solved it but I have to get WindowsIdentity object of user . Here is the code:
public void SetFolderPermission(string userName, string fullPath, AccessControlType accessControlType,
FileSystemRights fileAccessPermisson)
{
var dInfo = new DirectoryInfo(fullPath);DirectorySecurity dSecurity = dInfo.GetAccessControl(); dSecurity.AddAccessRule(new FileSystemAccessRule(userName, fileAccessPermisson, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, accessControlType)); dInfo.SetAccessControl(dSecurity); } public void RemoveAllFolderPermission(string userName, string fullPath, string password, string domain) { WindowsIdentity \_principal = getWindowsIdentity(userName, domain, password); if (\_principal == null) { throw new Exception("Invalid domain\\\\username or password"); return; } var dInfo = new DirectoryInfo(fullPath); DirectorySecurity dSecurity = dInfo.GetAccessControl(); AuthorizationRuleCollection acl = dSecurity.GetAccessRules (true, true, typeof (SecurityIdentifier)); int count = acl.Count; int i = 0; while (i < count) { var rule = (FileSystemAccessRule) acl\[i\]; if (\_principal.User.Equals(rule.IdentityReference)) { dSecurity.RemoveAccessRule(rule); } i++; } dInfo.SetAccessControl(dSecurity); } \[DllImport("advapi32.dll", CallingConvention = CallingConvention.StdCall)\] public static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken); private static WindowsIdentity getWindowsIdentity(string userName, string Domain, string Password) { -
In fact I want to get,set all permission (Read, write, ..in FileSystemRights) in Folder's ACL of one user on WinNT. I solved it but I have to get WindowsIdentity object of user . Here is the code:
public void SetFolderPermission(string userName, string fullPath, AccessControlType accessControlType,
FileSystemRights fileAccessPermisson)
{
var dInfo = new DirectoryInfo(fullPath);DirectorySecurity dSecurity = dInfo.GetAccessControl(); dSecurity.AddAccessRule(new FileSystemAccessRule(userName, fileAccessPermisson, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, accessControlType)); dInfo.SetAccessControl(dSecurity); } public void RemoveAllFolderPermission(string userName, string fullPath, string password, string domain) { WindowsIdentity \_principal = getWindowsIdentity(userName, domain, password); if (\_principal == null) { throw new Exception("Invalid domain\\\\username or password"); return; } var dInfo = new DirectoryInfo(fullPath); DirectorySecurity dSecurity = dInfo.GetAccessControl(); AuthorizationRuleCollection acl = dSecurity.GetAccessRules (true, true, typeof (SecurityIdentifier)); int count = acl.Count; int i = 0; while (i < count) { var rule = (FileSystemAccessRule) acl\[i\]; if (\_principal.User.Equals(rule.IdentityReference)) { dSecurity.RemoveAccessRule(rule); } i++; } dInfo.SetAccessControl(dSecurity); } \[DllImport("advapi32.dll", CallingConvention = CallingConvention.StdCall)\] public static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken); private static WindowsIdentity getWindowsIdentity(string userName, string Domain, string Password) {The code for setting the folder permission is good, but since removing a permission is just about the same as setting it, you'd have to think that code would be about the same size. I hate to say that you solved the problem, but went way beyond what's required to get the job done. Have a look at this example[^] discussion.
A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007, 2008 -
The code for setting the folder permission is good, but since removing a permission is just about the same as setting it, you'd have to think that code would be about the same size. I hate to say that you solved the problem, but went way beyond what's required to get the job done. Have a look at this example[^] discussion.
A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007, 2008OK, your ideals are very helpful. Thank u very much! Rdgs,
QuynhTD