Article ID: 319615 - View products that this article applies to.
This article was previously published under Q319615
When you use the System.Security.Principal.WindowsIdentity.Impersonate method, you may receive the following error message:
Unable to impersonate user.
This problem occurs because of the type of token that is used when the WindowsIdentity object is created. You receive the error message that is listed in the "Symptoms" section if the token is not a primary token when you try to impersonate. You must have an impersonation token for the WindowsIdentity.Impersonate method to work.
To obtain a primary token from an impersonation token, use the DuplicateToken Win32 function.
This bug was corrected in Microsoft .NET Framework Class Libraries 1.1.
Use the Visual C# sample code that follows to reproduce the error message. This code passes the LOGON32_LOGON_INTERACTIVE value to the LogonUser function, which causes the token that is being created to be a primary token. This code also passes the SecurityImpersonation element to the DuplicateToken function. This allows the token that is being duplicated to be an impersonation token.
To resolve this problem, call the code that follows before you create the WindowsIdentity object. You can then pass the duplicated token to the constructor of the WindowsIdentity object.
For more information, visit the following MSDN Web sites:
Article ID: 319615 - Last Review: February 12, 2007 - Revision: 3.3
Retired KB Content Disclaimer
This article was written about products for which Microsoft no longer offers support. Therefore, this article is offered "as is" and will no longer be updated.