A required privilege is not held by the client

Re: A required privilege is not held by the client

In order to do this, the user making the call has to have the
SeTcbPrivilege priviledge set. Your administrator has to set this up.

Hope this helps.


--
- Nicholas Paldino [.NET/C# MVP]
- mvp@spam.guard. caspershouse.co m

"Parv" <Parveen.Beniwa l.Daffodil@gmai l.comwrote in message
news:1152965980 .154184.145690@ b28g2000cwb.goo glegroups.com.. .

Re: A required privilege is not held by the client

thanx, let me elaborate my case. I am working in a domain environment.
I am working on my System named Parveen. I have to copy a file to other
system in other domain named project.com. I have have added myself in
Act as part of operating System in local security policy of my system
but it still not working. I am in confusion that i have to give this
permission on mysystem Parveen, Or MyDomain in which i am working or on
the target domain. I am working on Windows 2000 Professional.

Best Regards
Parveen Beniwal
Nicholas Paldino [.NET/C# MVP] wrote:

Re: A required privilege is not held by the client

Windows 2000 needs this privilege in order to impersonate, more exactly,
LogonUser API can only be called when the caller's identity has this
privilege enabled. Did you logout followed by a login after you changed the
accounts privilege?
You will have to post your code or a complete sample that illustrates the
issue, whithout this it's nearly impossible to help you out.

Willy.

"Parv" <Parveen.Beniwa l.Daffodil@gmai l.comwrote in message
news:1153023725 .857718.127760@ b28g2000cwb.goo glegroups.com.. .
| thanx, let me elaborate my case. I am working in a domain environment.
| I am working on my System named Parveen. I have to copy a file to other
| system in other domain named project.com. I have have added myself in
| Act as part of operating System in local security policy of my system
| but it still not working. I am in confusion that i have to give this
| permission on mysystem Parveen, Or MyDomain in which i am working or on
| the target domain. I am working on Windows 2000 Professional.
|
| Best Regards
| Parveen Beniwal
| Nicholas Paldino [.NET/C# MVP] wrote:
| In order to do this, the user making the call has to have the
| SeTcbPrivilege priviledge set. Your administrator has to set this up.
| >
| Hope this helps.
| >
| >
| --
| - Nicholas Paldino [.NET/C# MVP]
| - mvp@spam.guard. caspershouse.co m
| >
| "Parv" <Parveen.Beniwa l.Daffodil@gmai l.comwrote in message
| news:1152965980 .154184.145690@ b28g2000cwb.goo glegroups.com.. .
| I am impersoanting a user to an other domain. But while doing so i am
| getting
|
| A required privilege is not held by the client
|
| exception. I have tried with aal possible usernames and passwords but
| didn't get success. I am getting same error if i am enetring blank
user
| and password. What i am doing wrong ?
|
|

Re: A required privilege is not held by the client

Thanx, I had logoff but not restarted the system. Not its working after
system restart. But now i am facing new problem

Logon failure: unknown user name or bad password

while using the following code to impersonate

public class Impersonator : IDisposable
{
public Impersonator(st ring userName,string domainName,stri ng
password)
{
ImpersonateVali dUser(userName, domainName, password);
}

public void Dispose()
{
UndoImpersonati on();
}

[DllImport("adva pi32.dll", SetLastError = true)]
private static extern int LogonUser(strin g lpszUserName,st ring
lpszDomain,stri ng lpszPassword,in t dwLogonType,int dwLogonProvider ,ref
IntPtr phToken);

[DllImport("adva pi32.dll", CharSet = CharSet.Auto, SetLastError
= true)]
private static extern int DuplicateToken( IntPtr hToken,int
impersonationLe vel,ref IntPtr hNewToken);

[DllImport("adva pi32.dll", CharSet = CharSet.Auto, SetLastError
= true)]
private static extern bool RevertToSelf();

[DllImport("kern el32.dll", CharSet = CharSet.Auto)]
private static extern bool CloseHandle(Int Ptr handle);

private const int LOGON32_LOGON_I NTERACTIVE = 2;
private const int LOGON32_PROVIDE R_DEFAULT = 0;

private void ImpersonateVali dUser(string userName,string
domain,string password)
{
WindowsIdentity tempWindowsIden tity = null;
IntPtr token = IntPtr.Zero;
IntPtr tokenDuplicate = IntPtr.Zero;

try
{
if (RevertToSelf() )
{
if
(LogonUser(user Name,domain,pas sword,LOGON32_L OGON_INTERACTIV E,LOGON32_PROVI DER_DEFAULT,ref
token) != 0)
{
if (DuplicateToken (token, 2, ref
tokenDuplicate) != 0)
{
tempWindowsIden tity = new
WindowsIdentity (tokenDuplicate );
impersonationCo ntext =
tempWindowsIden tity.Impersonat e();
}
else
{
throw new
Win32Exception( Marshal.GetLast Win32Error());
}
}
else
{
throw new
Win32Exception( Marshal.GetLast Win32Error());
}
}
else
{
throw new
Win32Exception( Marshal.GetLast Win32Error());
}
}
finally
{
if (token != IntPtr.Zero)
{
CloseHandle(tok en);
}
if (tokenDuplicate != IntPtr.Zero)
{
CloseHandle(tok enDuplicate);
}
}
}

private void UndoImpersonati on()
{
if (impersonationC ontext != null)
{
impersonationCo ntext.Undo();
}
}
private WindowsImperson ationContext impersonationCo ntext =
null;
}


and using as below :

using (new Impersonator("a dministrator", "project.co m", "pass"))
{
//Never executed.

System.IO.File. Copy(@"C:\temp\ UsingUIExecutin gJob.txt",
@"\\Mine\cdrv\t est.txt", true);
}

I am getting error in constructor and copy statement is never
executed. What may be reason ?

Regards
Parveen Beniwal


Willy Denoyette [MVP] wrote:

Re: A required privilege is not held by the client

problem solved, after changing values for the

private const int LOGON32_LOGON_I NTERACTIVE = 2;
private const int LOGON32_PROVIDE R_DEFAULT = 0;

to

private const int LOGON32_LOGON_I NTERACTIVE = 9;
private const int LOGON32_PROVIDE R_DEFAULT = 3;

following code is working, anyway thanx for help to everyone.

Best Regards
Parveen Beniwal

Parv wrote:

Re: A required privilege is not held by the client

Great; I hope you understand why this is working :-))

Another remark, don't do this...
private const int LOGON32_LOGON_I NTERACTIVE = 9;
LOGON32_LOGON_I NTERACTIVE is 3 and carved in stone....
change the declaration into:
private const int LOGON32_LOGON_N EW_CREDENTIALS = 9;
and stay good friends with those who have to maintain this code.

Willy.

"Parv" <Parveen.Beniwa l.Daffodil@gmai l.comwrote in message
news:1153118325 .405935.13760@p 79g2000cwp.goog legroups.com...
| problem solved, after changing values for the
|
| private const int LOGON32_LOGON_I NTERACTIVE = 2;
| private const int LOGON32_PROVIDE R_DEFAULT = 0;
|
| to
|
| private const int LOGON32_LOGON_I NTERACTIVE = 9;
| private const int LOGON32_PROVIDE R_DEFAULT = 3;
|
| following code is working, anyway thanx for help to everyone.
|
| Best Regards
| Parveen Beniwal
|
| Parv wrote:
| Thanx, I had logoff but not restarted the system. Not its working after
| system restart. But now i am facing new problem
| >
| Logon failure: unknown user name or bad password
| >
| while using the following code to impersonate
| >
| public class Impersonator : IDisposable
| {
| public Impersonator(st ring userName,string domainName,stri ng
| password)
| {
| ImpersonateVali dUser(userName, domainName, password);
| }
| >
| public void Dispose()
| {
| UndoImpersonati on();
| }
| >
| [DllImport("adva pi32.dll", SetLastError = true)]
| private static extern int LogonUser(strin g lpszUserName,st ring
| lpszDomain,stri ng lpszPassword,in t dwLogonType,int dwLogonProvider ,ref
| IntPtr phToken);
| >
| [DllImport("adva pi32.dll", CharSet = CharSet.Auto, SetLastError
| = true)]
| private static extern int DuplicateToken( IntPtr hToken,int
| impersonationLe vel,ref IntPtr hNewToken);
| >
| [DllImport("adva pi32.dll", CharSet = CharSet.Auto, SetLastError
| = true)]
| private static extern bool RevertToSelf();
| >
| [DllImport("kern el32.dll", CharSet = CharSet.Auto)]
| private static extern bool CloseHandle(Int Ptr handle);
| >
| private const int LOGON32_LOGON_I NTERACTIVE = 2;
| private const int LOGON32_PROVIDE R_DEFAULT = 0;
| >
| private void ImpersonateVali dUser(string userName,string
| domain,string password)
| {
| WindowsIdentity tempWindowsIden tity = null;
| IntPtr token = IntPtr.Zero;
| IntPtr tokenDuplicate = IntPtr.Zero;
| >
| try
| {
| if (RevertToSelf() )
| {
| if
| >
(LogonUser(user Name,domain,pas sword,LOGON32_L OGON_INTERACTIV E,LOGON32_PROVI DER_DEFAULT,ref
| token) != 0)
| {
| if (DuplicateToken (token, 2, ref
| tokenDuplicate) != 0)
| {
| tempWindowsIden tity = new
| WindowsIdentity (tokenDuplicate );
| impersonationCo ntext =
| tempWindowsIden tity.Impersonat e();
| }
| else
| {
| throw new
| Win32Exception( Marshal.GetLast Win32Error());
| }
| }
| else
| {
| throw new
| Win32Exception( Marshal.GetLast Win32Error());
| }
| }
| else
| {
| throw new
| Win32Exception( Marshal.GetLast Win32Error());
| }
| }
| finally
| {
| if (token != IntPtr.Zero)
| {
| CloseHandle(tok en);
| }
| if (tokenDuplicate != IntPtr.Zero)
| {
| CloseHandle(tok enDuplicate);
| }
| }
| }
| >
| private void UndoImpersonati on()
| {
| if (impersonationC ontext != null)
| {
| impersonationCo ntext.Undo();
| }
| }
| private WindowsImperson ationContext impersonationCo ntext =
| null;
| }
| >
| >
| and using as below :
| >
| using (new Impersonator("a dministrator", "project.co m", "pass"))
| {
| //Never executed.
| >
| System.IO.File. Copy(@"C:\temp\ UsingUIExecutin gJob.txt",
| @"\\Mine\cdrv\t est.txt", true);
| }
| >
| I am getting error in constructor and copy statement is never
| executed. What may be reason ?
| >
| Regards
| Parveen Beniwal
| >
| >
| Willy Denoyette [MVP] wrote:
| Windows 2000 needs this privilege in order to impersonate, more
exactly,
| LogonUser API can only be called when the caller's identity has this
| privilege enabled. Did you logout followed by a login after you
changed the
| accounts privilege?
| You will have to post your code or a complete sample that illustrates
the
| issue, whithout this it's nearly impossible to help you out.
|
| Willy.
|
| "Parv" <Parveen.Beniwa l.Daffodil@gmai l.comwrote in message
| news:1153023725 .857718.127760@ b28g2000cwb.goo glegroups.com.. .
| | thanx, let me elaborate my case. I am working in a domain
environment.
| | I am working on my System named Parveen. I have to copy a file to
other
| | system in other domain named project.com. I have have added myself
in
| | Act as part of operating System in local security policy of my
system
| | but it still not working. I am in confusion that i have to give this
| | permission on mysystem Parveen, Or MyDomain in which i am working or
on
| | the target domain. I am working on Windows 2000 Professional.
| |
| | Best Regards
| | Parveen Beniwal
| | Nicholas Paldino [.NET/C# MVP] wrote:
| | In order to do this, the user making the call has to have the
| | SeTcbPrivilege priviledge set. Your administrator has to set this
up.
| | >
| | Hope this helps.
| | >
| | >
| | --
| | - Nicholas Paldino [.NET/C# MVP]
| | - mvp@spam.guard. caspershouse.co m
| | >
| | "Parv" <Parveen.Beniwa l.Daffodil@gmai l.comwrote in message
| | news:1152965980 .154184.145690@ b28g2000cwb.goo glegroups.com.. .
| | I am impersoanting a user to an other domain. But while doing so
i am
| | getting
| |
| | A required privilege is not held by the client
| |
| | exception. I have tried with aal possible usernames and
passwords but
| | didn't get success. I am getting same error if i am enetring
blank
| user
| | and password. What i am doing wrong ?
| |
| |
|

Re: A required privilege is not held by the client

I am getting a strange problem as i mentioned above my code is
working for the window 2000 professional but is gives me error

A required privilege is not held by the client

on window 2000 Advanced server even i have added current user that is
administrator to the Act as part of the operating System to this user.
Please reply ASAP its urgent.

Best Regards
Parveen Beniwal

Willy Denoyette [MVP] wrote: