c# - Windows Impersonation: A Flaw in the Ointment -

-

in journey master nuances of user impersonation in windows first had issue getting impersonation remote database occur @ (see this question) figured out. next hurdle undoing/cancelling/reverting (choose favorite verb) impersonation.

i have tried couple different impersonation libraries seem credible me:

the results identical both libraries. best practices dictate using logon32_logon_new_credentials logon type (see windows api logonuser function) remote db connection. when here sample code produces:

// scenario begin impersonation. local user = mydomain\myuser db reports: mydomain\impersonateduser end impersonation. local user = mydomain\myuser db reports: mydomain\impersonateduser << not expected here!!

the workaround have found use logon32_logon_interactive logon type , this:

// scenario b begin impersonation. local user = mydomain\impersonateduser << expected, not wanted! db reports: mydomain\impersonateduser end impersonation. local user = mydomain\myuser db reports: mydomain\myuser

from terse description of windowsimpersonationcontext.undo method sure seems should have worked in scenario a.

is possible revert using logon32_logon_new_credentials logon type?

thanks input harry johnston (in comments attached question) , phil harding (in separate communication) able determine sql server connection pooling culprit here. since pooling determined uniqueness of connection string, varying connection string (e.g. reversing order of parameters within, or adding space on end) observed behaviors expected.

===== test same conn string: true begin impersonation local user: mydomain\msorens db reports: mydomain\testuser end impersonation local user: mydomain\msorens db reports: mydomain\testuser <<<<< still impersonating !!  ===== test same conn string: false begin impersonation local user: mydomain\msorens db reports: mydomain\testuser end impersonation local user: mydomain\msorens db reports: mydomain\msorens  <<<<< wanted

Comments

Post a Comment

Popular posts from this blog

ios - UICollectionView Self Sizing Cells with Auto Layout -

-
Image
i'm trying self sizing uicollectionviewcells working auto layout, can't seem cells size content. i'm having trouble understanding how cell's size updated contents of what's inside cell's contentview. here's setup i've tried: custom uicollectionviewcell uitextview in contentview. scrolling uitextview disabled. the contentview's horizontal constraint is: "h:|[_textview(320)]", i.e. uitextview pinned left of cell explicit width of 320. the contentview's vertical constraint is: "v:|-0-[_textview]", i.e. uitextview pinned top of cell. the uitextview has height constraint set constant uitextview reports fit text. here's looks cell background set red, , uitextview background set blue: i put project i've been playing on github here . updated ios 9 after seeing github solution break under ios 9 got time investigate issue fully. have updated repo include several examples of different configurations s
Read more

node.js - ldapjs - write after end error -

-
i have created authentication service using following code in node.js , ldapjs. var when = require ('when'); var authenticationerror = require('../errors/authenticationerror'); var sessionmanagerservice = require('./sessionmanagerservice'); var ldap = require('ldapjs'); var client = ldap.createclient({ url: 'ldaps://ad.mycompany.com:636', tlsoptions: {'rejectunauthorized': false} }); module.exports = { signin: function (email, password) { return this.ldapbind(email, password).then( function () { return sessionmanagerservice.createsessionhash({email: email}); } ); }, ldapbind: function (email, password) { var deferred = when.defer(); client.bind(email, password, function(err) { if (err) { deferred.reject (new authenticationerror('invalid username and/or password!', 'authentication.signin.error')
Read more

DOM Manipulation in Wordpress (and elsewhere) using php -

-
DOM Manipulation in Wordpress (and elsewhere) using php - i'm quite new dom manipulation world , head start in order avoid mutual errors. i looking efficient way manipulate content generated wordpress using php. @ moment using simple html dom seems work fine. found domdocument , few others , helpfull if cleared out 1 faster, improve or @ to the lowest degree generate less errors in case of bad markup. also on side can explain syntax (instead of $html @$html) thank much php wordpress domdocument simple-html-dom
Read more