Windows Identity of the currently logged in user
-
Hi, I have created an application which runs on a Web Server. This web server in-turn runs as a windows service. This windows service's account is configured as follows
ServiceProcessInstaller serviceProcessInstaller = new ServiceProcessInstaller();
serviceProcessInstaller.Account = ServiceAccount.LocalSystem;
Now I have a scenario in which I have to access a database and execute queries in it which needs the currently logged in user. The problem is that whenever I try to use
System.Security.Principal.WindowsIdentity.GetCurrent().Name
I am getting the name as "SYSTEM" and not the logged in user's name. And I know that this is because the service is run at the system level. I can change the ServiceAccount as
serviceProcessInstaller.Account = ServiceAccount.User
I can now get the currently logged in user name. But, this requires the user to enter his user name and password when the service is being installed and I do not want that to happen. Hence is there any other way in which I can get the WindowsIdentity object of the currently logged in user? Please suggest.. Thanks, ramz_g
-
Hi, I have created an application which runs on a Web Server. This web server in-turn runs as a windows service. This windows service's account is configured as follows
ServiceProcessInstaller serviceProcessInstaller = new ServiceProcessInstaller();
serviceProcessInstaller.Account = ServiceAccount.LocalSystem;
Now I have a scenario in which I have to access a database and execute queries in it which needs the currently logged in user. The problem is that whenever I try to use
System.Security.Principal.WindowsIdentity.GetCurrent().Name
I am getting the name as "SYSTEM" and not the logged in user's name. And I know that this is because the service is run at the system level. I can change the ServiceAccount as
serviceProcessInstaller.Account = ServiceAccount.User
I can now get the currently logged in user name. But, this requires the user to enter his user name and password when the service is being installed and I do not want that to happen. Hence is there any other way in which I can get the WindowsIdentity object of the currently logged in user? Please suggest.. Thanks, ramz_g
-
Hi stancrm, Thanks for your reply.. But I have tried
Environment.UserNamealready but it doesn't help, maybe because my service is running at the System level and the environment here is the System and not the user. Also, I would like to know whether there is any class that actually returns me the Windows Identity object of a specified user. Thanks, ramz_g -
Hi, I have created an application which runs on a Web Server. This web server in-turn runs as a windows service. This windows service's account is configured as follows
ServiceProcessInstaller serviceProcessInstaller = new ServiceProcessInstaller();
serviceProcessInstaller.Account = ServiceAccount.LocalSystem;
Now I have a scenario in which I have to access a database and execute queries in it which needs the currently logged in user. The problem is that whenever I try to use
System.Security.Principal.WindowsIdentity.GetCurrent().Name
I am getting the name as "SYSTEM" and not the logged in user's name. And I know that this is because the service is run at the system level. I can change the ServiceAccount as
serviceProcessInstaller.Account = ServiceAccount.User
I can now get the currently logged in user name. But, this requires the user to enter his user name and password when the service is being installed and I do not want that to happen. Hence is there any other way in which I can get the WindowsIdentity object of the currently logged in user? Please suggest.. Thanks, ramz_g
ramz_g wrote:
System.Security.Principal.WindowsIdentity.GetCurrent().Name I am getting the name as "SYSTEM" and not the logged in user's name. And I know that this is because the service is run at the system level.
That's correct. Your service is running with the privileges of the system account.
ramz_g wrote:
I can now get the currently logged in user name. But, this requires the user to enter his user name and password when the service is being installed and I do not want that to happen.
It would be a breach in security if you could impersonate that user without them entering a password for their account. Either your database needs to grant access to the builtin system-account, or the service needs to run under it's own account, or you use the users' account. If you're using SQL Server, then you might want to switch to a SQL-login (as compared to Windows Authentication). You wouldn't want to do that with the 'sa' user, but it would get you started :)
I are Troll :suss:
-
ramz_g wrote:
System.Security.Principal.WindowsIdentity.GetCurrent().Name I am getting the name as "SYSTEM" and not the logged in user's name. And I know that this is because the service is run at the system level.
That's correct. Your service is running with the privileges of the system account.
ramz_g wrote:
I can now get the currently logged in user name. But, this requires the user to enter his user name and password when the service is being installed and I do not want that to happen.
It would be a breach in security if you could impersonate that user without them entering a password for their account. Either your database needs to grant access to the builtin system-account, or the service needs to run under it's own account, or you use the users' account. If you're using SQL Server, then you might want to switch to a SQL-login (as compared to Windows Authentication). You wouldn't want to do that with the 'sa' user, but it would get you started :)
I are Troll :suss:
Hi Eddy, Thanks a lot for your reply..
Eddy Vluggen wrote:
It would be a breach in security if you could impersonate that user without them entering a password for their account.
Yes I understand that.
Eddy Vluggen wrote:
If you're using SQL Server, then you might want to switch to a SQL-login
No, I'm not using SQL Server. All I'm using is a simple Sqlite database and I'm using simple queries where I have to use the windows logged-in user name. So, is there any way that I can obtain the logged in user name alone? Thanks, ramz_g
-
Hi Eddy, Thanks a lot for your reply..
Eddy Vluggen wrote:
It would be a breach in security if you could impersonate that user without them entering a password for their account.
Yes I understand that.
Eddy Vluggen wrote:
If you're using SQL Server, then you might want to switch to a SQL-login
No, I'm not using SQL Server. All I'm using is a simple Sqlite database and I'm using simple queries where I have to use the windows logged-in user name. So, is there any way that I can obtain the logged in user name alone? Thanks, ramz_g
ramz_g wrote:
All I'm using is a simple Sqlite database and I'm using simple queries where I have to use the windows logged-in user name.
A service is started before a user logs in to the system, and there might be more than a single user signed in. The simplest way would be to create a small application that writes the username to a file, and to drop it in the Startup-folder. Alternatively, you might try WMI[^].
I are Troll :suss:
-
ramz_g wrote:
All I'm using is a simple Sqlite database and I'm using simple queries where I have to use the windows logged-in user name.
A service is started before a user logs in to the system, and there might be more than a single user signed in. The simplest way would be to create a small application that writes the username to a file, and to drop it in the Startup-folder. Alternatively, you might try WMI[^].
I are Troll :suss: