locked
LocalDB operations within impersonation context RRS feed

  • Question

  • Hello there

    Using the following method I impersonate as local administrator user (with elevated privileges) and pass the function that has to be executed within the impersonation context.

    /// <summary>
        /// Attemps to impersonate a given windows user and to run a given function within the impersonation context.
        /// </summary>
        /// <param name="userInformation">The user name and password for impersonation.</param>
        /// <param name="functionAsImpersonatedUser">The function to be executed within the impersonation context.</param>
        /// <returns>True if the operation was successful, false and an error message otherwise.</returns>
        public static BooleanResult ExecuteAsImpersonatedUser(UserInformation userInformation, Func<BooleanResult> functionAsImpersonatedUser)
        {
            BooleanResult retval = new BooleanResult();
            IntPtr returnedToken = IntPtr.Zero;
            try
            {
                //Note: the logon type 'batch' seems to return a token with elevated privileges
                bool success = NativeMethods.LogonUser(userInformation.Name, userInformation.Domain ?? ".", userInformation.Password, (int)LogonType.Batch, (int)LogonProvider.Default, out returnedToken);
                if (false == success)
                {
                    int ret = Marshal.GetLastWin32Error();
                    throw new Win32Exception(ret);
                }
                using (WindowsImpersonationContext impersonatedUser = WindowsIdentity.Impersonate(returnedToken))
                {
                    retval = functionAsImpersonatedUser();
                }
            }
            catch (Exception e)
            {
                string logMessage = String.Format(CultureInfo.InvariantCulture, ErrorMessages.ErrorImpersonatingUser, userInformation.Domain, userInformation.Name, e.Message);
                retval.ProcessGeneralException(e, logMessage);
            }
            finally
            {
                if (NativeMethods.CloseHandle(returnedToken))
                    LogUtility.Instance.Write(String.Format(CultureInfo.InvariantCulture, TranslationStrings.CloseUserHandleSuccess, userInformation.Domain, userInformation.Name), 4);
                else
                    LogUtility.Instance.Write(String.Format(CultureInfo.InvariantCulture, ErrorMessages.ErrorCloseUserHandle, userInformation.Domain, userInformation.Name), 2);
            }
            return retval;
        }

    No problems with the impersonation. The function within the impersonation context creates a localDB instance if required and starts it. As soon as I want to open the connection using "Data Source=(localdb).[instanceName];Initial Catalog=[databaseName];Integrated Security=true" i get the error: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 50 - Local Database Runtime error occurred. The specified LocalDB instance does not exist.

    Best Regards,

    Stephan


    • Edited by Stephan M Gross Thursday, December 5, 2013 4:17 PM Source Code updated to latest version
    Wednesday, November 20, 2013 2:21 PM

All replies

  • Hi Stephan,

    I am trying to involve someone more familiar with this topic for a further look at this issue. Sometime delay might be expected from the job transferring. Your patience is greatly appreciated.
    Thank you for your understanding and support.

    Thanks,
    Sofiya Li


    Sofiya Li
    TechNet Community Support

    Thursday, November 21, 2013 9:29 AM
  • Hi,

    I think LocalDB will create instance based on currently logon user profile.

    To verify this, you can use command:

    "C:\Program Files\Microsoft SQL Server\110\Tools\Binn\SqlLocalDB.exe" info <instance-name>

    http://technet.microsoft.com/en-us/library/hh510202.aspx


    Regards,
    Christian HL
    Microsoft Online Community Support


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Friday, November 22, 2013 5:45 AM
  • Thanks again for your responses already.

    It turned out that my previous answer doesn't solve the issue. I'm wondering whether the LocalDB instance needs to be shared, I'll have a try at that as soon as possible and finally mark the solution, if it truly works this time...

    Best regards,

    Stephan Gross

    Thursday, December 5, 2013 4:21 PM