ImpersonateUser (Dundas Upload Control 2.0)

Dundas

ImpersonateUser (Dundas Upload Control 2.0)

Overview | Properties | Methods

Call this method to switch from the default user account to another account with different permissions.

Syntax

UploadObject.ImpersonateUser(UserName As String, Password As String, [Domain As String], [Type As Long = 2])

The ImpersonateUser method syntax has the following parts:

Part

Description

UserName

The username of the Windows account to use.

Password

The password of the Windows account to use.

Domain

The domain of the Windows account to use. If not specified the domain of the current default account is used.

Type

Specifies the type of logon operation to perform.

  Remarks

An exception is thrown if this operation fails. You can trap for success/failure by examining VBScript's Err object immediately after calling this method (the Number property of the Err object will be a non-zero value if it failed). MAKE SURE that you have enabled inline error trapping by using an On Error Resume Next statement at the beginning of the ASP page.

This method is useful if you need to perform an operation for which the default user account (usually the IUSR account) does not have the appropriate permissions. For example, you can call ImpersonateUser to use an account which has the rights to delete, move or copy files, and when the file operation is complete you can then call ImpersonationTerminate to revert back to the default account.

IMPORTANT: If your virtual web site directory has "Run in separate memory space" checked then in order to use ImpersonateUser you MUST give the default account "Part of the operating system" priviledges. See below for instructions on how to do this.

The Type argument determines how the logon operation is to be performed (you can use the distributed include file named UploadControl.inc to incorporate named constants in your ASP source code). The possible values for this are:

  • LOGON_INTERACTIVE (2).

  • LOGON_NETWORK (3).

  • LOGON_BATCH (4).

  • LOGON_SERVICE (5).

 For more details concerning the logon type refer to your MSDN under the "LogonUser" topic.

 
Granting Operating System Priviledges in Windows NT
:

  1. Open "Start Menu | Administrative Tools | User Manager".

  2. Then open "Policies | User Rights" from the menu, MAKING SURE that the "Show Advanced User Rights" box is checked.

  3. From the dropdown listbox select "Act as Part of the Operating System".

  4. Add the default user account to the list of accounts which have this priviledge by clicking on the ADD button. If the default account is not listed then add it by clicking on "Show Users" and selecting the default account and then clicking the "Add" and "OK" buttons.

  5. Reboot.

 Granting Operating System Priviledges in Windows 2000:

  1. Open "Administrative Tools | Local Security Policy" and then double-click on "Local Policies".

  2. Open "User Rights Assignment" and then double-click on "Act as Part of the Operating System".

  3. Add the default (i.e. IUSR) account to the current list. If the default account is not listed follow Step 4 from above.

See Also: ImpersonationTerminate