we are running a windows server 2003 os on our network.
The application i develop needs to be able to move files to folder
that the user running the app can't access.

The application already stores the user details of the administrator , how can i use those details(username,password and the network) to enable a basic user to move files to hidden path.


sknake commented: duplicate posts -2

Recommended Answers

All 3 Replies

using System.Runtime.InteropServices; // DllImport
using System.Security.Principal; // WindowsImpersonationContext
using System.Security.Permissions; // PermissionSetAttribute

public WindowsImpersonationContext 
    ImpersonateUser(string sUsername, string sDomain, string sPassword)
    // initialize tokens
    IntPtr pExistingTokenHandle = new IntPtr(0);
    IntPtr pDuplicateTokenHandle = new IntPtr(0);
    pExistingTokenHandle = IntPtr.Zero;
    pDuplicateTokenHandle = IntPtr.Zero;
    // if domain name was blank, assume local machine
    if (sDomain == "")
        sDomain = System.Environment.MachineName;

        string sResult = null;

        const int LOGON32_PROVIDER_DEFAULT = 0;

        // create token
        const int LOGON32_LOGON_INTERACTIVE = 2;
        //const int SecurityImpersonation = 2;

        // get handle to token
        bool bImpersonated = LogonUser(sUsername, sDomain, sPassword, 
                ref pExistingTokenHandle);

        // did impersonation fail?
        if (false == bImpersonated)
            int nErrorCode = Marshal.GetLastWin32Error();
            sResult = "LogonUser() failed with error code: " + 
                nErrorCode + "\r\n";

            // show the reason why LogonUser failed
            MessageBox.Show(this, sResult, "Error", 
                MessageBoxButtons.OK, MessageBoxIcon.Error);

        // Get identity before impersonation
        sResult += "Before impersonation: " + 
            WindowsIdentity.GetCurrent().Name + "\r\n";

        bool bRetVal = DuplicateToken(pExistingTokenHandle, 
                ref pDuplicateTokenHandle);

        // did DuplicateToken fail?
        if (false == bRetVal)
            int nErrorCode = Marshal.GetLastWin32Error();
            // close existing handle
            sResult += "DuplicateToken() failed with error code: " 
                + nErrorCode + "\r\n";

            // show the reason why DuplicateToken failed
            MessageBox.Show(this, sResult, "Error", 
                MessageBoxButtons.OK, MessageBoxIcon.Error);
            return null;
            // create new identity using new primary token
            WindowsIdentity newId = new WindowsIdentity
            WindowsImpersonationContext impersonatedUser = 

            // check the identity after impersonation
            sResult += "After impersonation: " + 
                WindowsIdentity.GetCurrent().Name + "\r\n";
            MessageBox.Show(this, sResult, "Success", 
                MessageBoxButtons.OK, MessageBoxIcon.Information);
            return impersonatedUser;
    catch (Exception ex)
        throw ex;
        // close handle(s)
        if (pExistingTokenHandle != IntPtr.Zero)
        if (pDuplicateTokenHandle != IntPtr.Zero) 

Borrowed from:

Hi , the code that you use is right.
I will test it tomorrow , with an administrator's login details to see whether the code i execute would execute as it would if he/she is logged in.

I had an exception thrown (using my own id) ,
"DirectoryNotFoundException " , and on the codeproject discussions it shows that you must use UNC path and it worked.

If works i will mark as solved , thanks!

Hi , the code above worked to move a file to a hidden path:icon_mrgreen:

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.