I believe I've read all the relevant Process.Start impersonation questions - at least all I could find via Google, but I haven't found one that matches this situation (and 90% are re: ASP which is a whole different ballgame)
Scenario: We've got a little tool which uses the current users credentials to query AD, get a list of servers matching a search, connect to them over SMB and get a list of shares.
I've been asked to make it possible for this process to work when run on a machine not on the domain, using credentials of a domain user.
I've added a switch which will prompt for credentials onstartup and then Process.Start() the same executable using the appropriate credentials (to save someone learning runas /netonly ...).
This is giving me a couple of issues. The code I'm testing with is below...
Dim ProcInfo As New ProcessStartInfo With {
.Domain = dlgImpersonate.Domain,
.UserName = dlgImpersonate.Username,
.Password = dlgImpersonate.Password,
.FileName = Reflection.Assembly.GetEntryAssembly.Location,
.UseShellExecute = False}
Try
Process.Start(ProcInfo)
ShouldEnd = True
Catch ex As Exception
'HandleException(ex)
MessageBox.Show(ex.Message, "Impersonation failed", MessageBoxButtons.OK, MessageBoxIcon.Exclamation)
End Try
So... If I run the code on my machine (on the domain), I can impersonate anybody. There are some quirks around querying AD but that's a different issue.
If I run the code on a brand new machine (not on the domain) I get:
Win32Exception: Logon failure: unknown user name or bad password
Stack:
at Process.StartWithCreateProcess(ProcessStartInfo startInfo)
at Process.Start(ProcessStartInfo startInfo)
...My code
I wondered if the machine was simply unaware of the domain or how to authenticate against it so I then tried from a command prompt...
runas /netonly /user:MyDomain\MyUser Test.exe
And this works fine.
So... How can I track down why Process.Start isn't authenticating as I expect?
NB: The credentials are correct - I've even resorted to copying/pasting from notepad to sanity check