Hi everyone,
I'm writing a program that will require a windows PowerUser to write to the registry and I need to get Impersonation working. I bought a book entitled, "Visual Basic .Net Programmer's Cookbook" (sounds fancy) and I got the following code for an impersonation module:
Module RunAs
'This API function gets the security token for a user.
Private Declare Auto Function LogonUser Lib "advapi32.dll" _
(ByVal lpszUsername As String, ByVal lpszDomain As String, _
ByVal lpszPassword As String, ByVal dwlogonType As Integer, _
ByVal dwLogonProvider As Integer, ByRef phToken As IntPtr) As Integer
Private Enum Logon
Interactive = 2
NetworkCleartext = 8
End Enum
Private Enum Provider
[Default] = 0
WindowsNT25 = 1
WindowsNT40 = 2
Windows2000 = 3
End Enum
'This API function duplicates a security token so you can use it.
Private Declare Auto Function DuplicateToken Lib "advapi32.dll" _
(ByVal ExistingTokenHandle As IntPtr, _
ByVal ImpersonationLevel As Integer, _
ByRef DuplicateTokenHandle As IntPtr) As Integer
Public Sub Main()
Console.WriteLine("*** Current User ****")
DisplayIdentityInfo()
' Get the login information from the user.
Console.WriteLine("Enter the information for the user " & _
"you want to impersonate")
Dim UserName, Domain, Password As String
Console.Write("Domain: ")
Domain = Console.ReadLine()
Console.Write("User Name: ")
UserName = Console.ReadLine()
Console.Write("Password: ")
Password = Console.ReadLine()
' Log the new identity in
Dim NewIdentity As WindowsIdentity
NewIdentity = GetWindowsIdentity(UserName, Domain, Password)
Console.WriteLine()
If NewIdentity Is Nothing Then
Console.WriteLine("Invalid credentials.")
Else
' Impersonate the new identity
Dim NewContext As WindowsImpersonationContext
NewContext = NewIdentity.Impersonate
Console.WriteLine("*** Starting Runas ***")
DisplayIdentityInfo()
End If
Console.ReadLine()
End Sub
' This function displays information about the current user.
Private Sub DisplayIdentityInfo()
Dim Identity As WindowsIdentity = WindowsIdentity.GetCurrent()
Console.WriteLine("ATSS is now executing as " & Identity.Name)
Console.WriteLine()
End Sub
' This function uses the Win32 API functions to return a WindowsIdentity object for a given user
Private Function GetWindowsIdentity(ByVal UserName As String, _
ByVal Domain As String, ByVal Password As String) As WindowsIdentity
Dim SecurityToken, TokenDuplicate As IntPtr
If LogonUser(UserName, Domain, Password, _
Logon.Interactive, Provider.Default, SecurityToken) > 0 Then
DuplicateToken(SecurityToken, 2, TokenDuplicate)
Return New WindowsIdentity(TokenDuplicate)
Else
' Invalid user information
Return Nothing
End If
End Function
End Module
As I've only been using VB .Net for about a month now, I have no idea how to call the functions of this module. I would like to actually code-in the username and password so that the user is not prompted for authentication(I know this is a security risk but it's okay for my environment) and the program automatically writes to the registry. Here is an example of a registry edit in my program:
Private Sub DisableProxy_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles DisableProxy.Click
Dim regKey As RegistryKey
Dim ver As Decimal
regKey = Registry.CurrentUser.OpenSubKey("Software\Microsoft\Windows\CurrentVersion\Internet Settings\", True)
regKey.SetValue("ProxyEnable", 0)
MsgBox("Proxy Server Disabled!", 64, "Proxy Settings")
End Sub
Thanks a million!
Pat
I'm writing a program that will require a windows PowerUser to write to the registry and I need to get Impersonation working. I bought a book entitled, "Visual Basic .Net Programmer's Cookbook" (sounds fancy) and I got the following code for an impersonation module:
Module RunAs
'This API function gets the security token for a user.
Private Declare Auto Function LogonUser Lib "advapi32.dll" _
(ByVal lpszUsername As String, ByVal lpszDomain As String, _
ByVal lpszPassword As String, ByVal dwlogonType As Integer, _
ByVal dwLogonProvider As Integer, ByRef phToken As IntPtr) As Integer
Private Enum Logon
Interactive = 2
NetworkCleartext = 8
End Enum
Private Enum Provider
[Default] = 0
WindowsNT25 = 1
WindowsNT40 = 2
Windows2000 = 3
End Enum
'This API function duplicates a security token so you can use it.
Private Declare Auto Function DuplicateToken Lib "advapi32.dll" _
(ByVal ExistingTokenHandle As IntPtr, _
ByVal ImpersonationLevel As Integer, _
ByRef DuplicateTokenHandle As IntPtr) As Integer
Public Sub Main()
Console.WriteLine("*** Current User ****")
DisplayIdentityInfo()
' Get the login information from the user.
Console.WriteLine("Enter the information for the user " & _
"you want to impersonate")
Dim UserName, Domain, Password As String
Console.Write("Domain: ")
Domain = Console.ReadLine()
Console.Write("User Name: ")
UserName = Console.ReadLine()
Console.Write("Password: ")
Password = Console.ReadLine()
' Log the new identity in
Dim NewIdentity As WindowsIdentity
NewIdentity = GetWindowsIdentity(UserName, Domain, Password)
Console.WriteLine()
If NewIdentity Is Nothing Then
Console.WriteLine("Invalid credentials.")
Else
' Impersonate the new identity
Dim NewContext As WindowsImpersonationContext
NewContext = NewIdentity.Impersonate
Console.WriteLine("*** Starting Runas ***")
DisplayIdentityInfo()
End If
Console.ReadLine()
End Sub
' This function displays information about the current user.
Private Sub DisplayIdentityInfo()
Dim Identity As WindowsIdentity = WindowsIdentity.GetCurrent()
Console.WriteLine("ATSS is now executing as " & Identity.Name)
Console.WriteLine()
End Sub
' This function uses the Win32 API functions to return a WindowsIdentity object for a given user
Private Function GetWindowsIdentity(ByVal UserName As String, _
ByVal Domain As String, ByVal Password As String) As WindowsIdentity
Dim SecurityToken, TokenDuplicate As IntPtr
If LogonUser(UserName, Domain, Password, _
Logon.Interactive, Provider.Default, SecurityToken) > 0 Then
DuplicateToken(SecurityToken, 2, TokenDuplicate)
Return New WindowsIdentity(TokenDuplicate)
Else
' Invalid user information
Return Nothing
End If
End Function
End Module
As I've only been using VB .Net for about a month now, I have no idea how to call the functions of this module. I would like to actually code-in the username and password so that the user is not prompted for authentication(I know this is a security risk but it's okay for my environment) and the program automatically writes to the registry. Here is an example of a registry edit in my program:
Private Sub DisableProxy_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles DisableProxy.Click
Dim regKey As RegistryKey
Dim ver As Decimal
regKey = Registry.CurrentUser.OpenSubKey("Software\Microsoft\Windows\CurrentVersion\Internet Settings\", True)
regKey.SetValue("ProxyEnable", 0)
MsgBox("Proxy Server Disabled!", 64, "Proxy Settings")
End Sub
Thanks a million!
Pat
