Sending username/password/domain to remote pc to access services

[Terry Olsen]

I have administrator access on 2 different domains on the network at my job.
I wrote a program to query the registry key on remote PC's and return the
results to an excel spreadsheet. However, the program only works for the
domain I am currently logged into. If I try to query a machine on another
domain I get "permission denied". So I have to log out and log back in to
the other domain.

I recently used a program that added users to a group on remote pc's. This
program allowed you to enter your userid & password for each domain, then it
went out to all the pc's in the list and added the users it needed.

I have 2 questions now:

1. How do I send userid, password, domain name to a remote pc for access?
2. Add, change, delete users remotely?

Thanks!

 

[Rob Teixeira [MVP]]

You'll have to impersonate the other login. Query the .NET docs in MSDN for
Impersonation and WindowsPrincipal, and you should see some samples.
Be careful of the options you pass to LogonUser (read the API docs for
LogonUser carefully), because some options create a fast login token, but
bypass some of the steps required to access network resouces.

-Rob Teixeira [MVP]

 

[Terry Olsen]

I've used the example found in MSDN for impersonation. But as the article
says, it doesn't work in W2K because of the default security settings. I
get "Client does not posess the required permissions." Is there a way to
override this in the code without changing the security policy? This other
program I have seems to do it, as it "impersonates" users from 2 domains on
a pc logged in with a "standard user" id.