G
Guest
I'm trying to use DPAPI via impersonation. (.Net 2.0)
* DPAPI works fine
* impersonation works fine (via PInvoke)
However, when I try to use DPAPI after impersonation, it fails. The failure
appears to be that the profile is not loaded. I get:
System.Security.Cryptography.CryptographicException : The system cannot find
the file specified.
So. I use PInvoke to load the users profile. That fails with an access
violation.
So. Again using PInvoke, I add SE_BACK_PRIVILEGE and SE_RESTORE_PRIVILEGE t
the process token, before impersonation. Still an access violation on the
profile load. If I attempt to add the token privileges after impersonation,
the attempt fails with an access violation.
Does anybody know the secret sauce to using DPAPI under impersonation? This
is not for ASP.Net and this part of the app could run with admin privileges
if needed.
Thanks!
* DPAPI works fine
* impersonation works fine (via PInvoke)
However, when I try to use DPAPI after impersonation, it fails. The failure
appears to be that the profile is not loaded. I get:
System.Security.Cryptography.CryptographicException : The system cannot find
the file specified.
So. I use PInvoke to load the users profile. That fails with an access
violation.
So. Again using PInvoke, I add SE_BACK_PRIVILEGE and SE_RESTORE_PRIVILEGE t
the process token, before impersonation. Still an access violation on the
profile load. If I attempt to add the token privileges after impersonation,
the attempt fails with an access violation.
Does anybody know the secret sauce to using DPAPI under impersonation? This
is not for ASP.Net and this part of the app could run with admin privileges
if needed.
Thanks!