WindowsImpersonationContext

Z/\ppos

Hi All,

Bit of an odd one this. The usual story, I have an c# app that needs to impersonate an admin user to read the security event log. If I run the code without impersonation and my account in the admin group, it works fine. If I remove my account from the local admin group and impersonate the local admin account or the domain admin account (which is a member of local admin) the impersonation works fine, ie: WindowsIdentity.GetCurrent().Name returns the correct ID. However, if I then try to access the event log via:

System.Diagnostics.EventLog EventLog1 = new System.Diagnostics.EventLog("Security");
if (EventLog1.Entries.Count > 0)
foreach (System.Diagnostics.EventLogEntry entry in EventLog1.Entries)

As soon as it gets to check the count, I get and access denied exception. Even if I impersonate myself, I still get the error.

The code used to impersonate is straight from the Microsoft help and does seem to work, but it is as if the impersonated user does not have permissions - which in reality it does.

After much trawling on the web, I am still puzzled . Have I missed something obvious Any help would be much appricated!

Thanks

OmegaMan

Do you by chance set the principle policy (via AppDomain.SetPrincipalPolicy) off of the current app domain In my blog entitled, Security Principles and Local Admin Rights in C# .Net I show some basics on security and provide an example. In the example I set the app domain. If the example doesn't set the app domain, the example will fail with the same Exception you are getting even though the user is a local admin.

TaylorMichaelL

What OS are you running If Vista then do you have UAC enabled

Michael Taylor - 9/14/07

http://p3net.mvps.org