Re: Performance monitoring: strange error in .Net 2.0

On Fri, 6 Jan 2006 11:44:20 +0100, "Willy Denoyette [MVP]"
<willy.denoyette@xxxxxxxxxx> wrote:

> It works for me, did you check the impersonating identity in your timer
> event handler?

Did you try the code I posted, or construct your own?

It fails in VS.Net 2005 here, while it runs successfully in VS.Net 2003.

This is some output under the VS.2005 debugger:

| Logon OK
| 0, 0
| A first chance exception of type 'System.ComponentModel.Win32Exception' occurred in System.dll
| -1, 26431.12
| A first chance exception of type 'System.ComponentModel.Win32Exception' occurred in System.dll
| -1, 26431.62
| A first chance exception of type 'System.ComponentModel.Win32Exception' occurred in System.dll
| -1, 26432.1

This is what it gives under VS.2003:

| Logon OK
| 0, 0
| 3.12376, 26521.38
| 0, 26521.88
| 0, 26522.38
| 3.12376, 26522.88
| 1.561242, 26523.38


To test it, I started under an account with administrator rights and
impersonated another account with administrator rights (neither of the two
the 'original' administrator created by setup, but both new accounts that
were removed from 'users' and put in the administrators group instead).


> Note also that your code is impersonating an interactive logon type, why?

The real app uses either interactive or LOGON32_LOGON_NEW_CREDENTIALS,
depending on settings.

It's not a web app, but a simple windows forms app that has to connect to a
SQL server that may be running either locally or on another machine.

The user's own account will not always have access to the server, the app
impersonates another account for that reason.

Remote works with NEW_CREDENTIALS, but it refused to work locally if I
didn't use interactive logon. It might work if I force it to connect to
the server differently (force TCP/IP), but the overhead for the new logon
didn't look too high (you don't notice any delay).

I can still (and maybe will) change it later, the app is only half finished
yet.
.

Relevant Pages

  • Access Is Denied
    ... object from my COM component in an ASP.NET app, ... the \ASPNET account for this file, ... impersonating, unless it's really necessary. ... the current web request. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Removing IUSR_computername rights on IIS5
    ... > What about IWAM_computername account? ... Medium application protection will cause web site to ... logon user somehow on the machine, and it uses "logo as batch job" logon ... If you set your app. ...
    (Focus-Microsoft)
  • Re: Impersonating Users
    ... After impersonating the user, ... CertOpenStore(), I make the call to LoadUserProfile(). ... >> I can successfully impersonate any local user account ...
    (microsoft.public.platformsdk.security)
  • Re: problem writing a file
    ... if you are impersonating depends on the impersonate=true/false switch in web.config. ... trust for delegation is a active directory setting. ... Dominick Baier - DevelopMentor ... The local ASPNET account has no network credentials on another ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: creating a new user in Active Directory
    ... If not check the "Local Security Policy" ... Does the impersonating account have kerberos delegation enabled? ... > settings and ensure that logon failures are enabled under local audit ...
    (microsoft.public.dotnet.general)