Impersonate User (I found that it is not that simple in VB6)

.net , vb6 Lebanon
  • 13 years ago


    I previously used a function in C# that allowed users to copy files from the server through passing administrative logon information using Logon, ImpersonateLoggedOnUser and DuplicateToken APIs.


    Now am trying doing it in VB6, it is not that easy, in .net there is a lot of support for those APIs as well as a lot of predefined variables and types.


    I reached a level in which am being able to logon as the administrative user but am not being able to stick this logon information with the handle needed to open the remote file.


    If any one knows better way to logon to remote secured files (I already have administrative user name and password but for security reasons we don’t want to keep the folder accessible all the time but just when accessed through our application) it would be highly appreciated (I have already tried “net use \\server\folder password /user:username” but it is not that reliable).


    Any help will be highly appreciated , I have included the code I have already used (some statements may be missing others are not needed, but am still in the trial stage).


    Public Declare Function LogonUser Lib "advapi32.dll" Alias "LogonUserA" (ByVal lpszUsername As String, ByVal lpszDomain As String, ByVal lpszPassword As String, _

    ByVal dwLogonType As Long, ByVal dwLogonProvider As Long, phToken As Long) As Long


    Public Declare Function ImpersonateLoggedOnUser Lib "advapi32.dll" (ByVal hToken As Long) As Long


    Public Declare Function RevertToSelf Lib "advapi32.dll" () As Long


    Public Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long


    Public Declare Function ShellExecute Lib "shell32.dll" Alias "ShellExecuteA" (ByVal hwnd As Long, ByVal lpOperation As String, ByVal lpFile As String, ByVal lpParameters As String, ByVal lpDirectory As String, ByVal nShowCmd As Long) As Long


    Const SW_SHOWNORMAL = 1


    Public Declare Function DuplicateToken Lib "advapi32.dll" (ByVal ExistingTokenHandle As Long, ImpersonationLevel As Integer, DuplicateTokenHandle As Long) As Long



    Public Sub Logon(ByVal strAdminUser As String, ByVal strAdminPassword As String, ByVal strAdminDomain As String)


        Dim lngLogonType, lngLogonProvider, lngTokenHandle As Long

        Dim blnResult As Boolean


        lngLogonType = 2

        lngLogonProvider = 0

        lngTokenHandle = Me.hwnd


        blnResult = RevertToSelf()


        blnResult = LogonUser(strAdminUser, strAdminDomain, strAdminPassword, lngLogonType, lngLogonProvider, lngTokenHandle)


        blnResult = ImpersonateLoggedOnUser(lngTokenHandle)


        DuplicateToken lngTokenHandle, 2, 0


        ShellExecute lngTokenHandle, vbNullString, "\\Server1\data\a.txt", vbNullString, "\\Server1\data\", 1


        CloseHandle (lngTokenHandle)




    End Sub


    Public Sub Logoff()


         Dim blnResult As Boolean

         blnResult = RevertToSelf()


    End Sub



    Private Sub Command1_Click()


         Logon "xxxusername", "xxxpassword", "xxxdomain"


    End Sub

Post a reply

No one has replied yet! Why not be the first?

Sign in or Join us (it's free).


Why not write for us? Or you could submit an event or a user group in your area. Alternatively just tell us what you think!

Our tools

We've got automatic conversion tools to convert C# to VB.NET, VB.NET to C#. Also you can compress javascript and compress css and generate sql connection strings.

“Beware of bugs in the above code; I have only proved it correct, not tried it.” - Donald Knuth