Home

Linqpad giving “Access Denied” with a special admin account logged in is vague

I get a vague "Access Denied" error while using the .Dump command when impersonating a specialized admin account.

I have the specialized account added as admin on my PC as well. I tried creating and deleting a file where the linqpad is located, and that works fine.


void Main()
{
string[] criticalFileExtensions = { ".dat", ".pn", ".json", ".sts3", ".lst", ".xml", ".fin", ".brd" };
Util.ProgressBar _overallProgressBar = new Util.ProgressBar("Init").Dump();
StsInfo.OnOverallProgressChanged += (string name, int percentage) =>
{
_overallProgressBar.Caption = name;
_overallProgressBar.Percent = percentage != 0? percentage: 1;
};
}

public class ImpersonateUser
{
const int LOGON32_PROVIDER_DEFAULT = 0;
const int LOGON32_LOGON_INTERACTIVE = 2;
const string ACTIVE_DIRECTORY_ADDRESS = "ad.selinc.com";

[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
static extern bool LogonUser(string userName, string domain,
string password, int logonType, int logonProvider,
ref IntPtr accessToken);

string _username;
string _password;
IntPtr accessToken = IntPtr.Zero;
WindowsImpersonationContext impContext;

public ImpersonateUser(string username, string password)
{
_username = username;
_password = password;
}

public void Enable()
{
bool success = LogonUser
(
_username, // username to log on.
ACTIVE_DIRECTORY_ADDRESS, // connection
_password, // user's password.
LOGON32_LOGON_INTERACTIVE, // create an interactive login.
LOGON32_PROVIDER_DEFAULT, // use the default logon provider.
ref accessToken // receives access token handle.
);
if (!success)
{
throw new System.ComponentModel.Win32Exception(Marshal.GetLastWin32Error());
}
WindowsIdentity identity = new WindowsIdentity(accessToken);
impContext = identity.Impersonate();
}

public void Disable()
{
impContext.Undo();
}

public string GetCurrentUser()
{
return WindowsIdentity.GetCurrent().Name;
}
}



I would expect to be able to call this StsInfo.OnOverallProgressChanged as many times as I would like, but after a seemingly random number of calls it produces the access error
Sign In or Register to comment.