«

That's ok with me, I just wanted to explained to Krishnan why I couldn't use his or her solution.

--
Sorin Dolha [MCAD, MCSD .NET]
"Willy Denoyette [MVP]" <> wrote in message news:edw0An6$...

"Sorin Dolha [MCSD .NET]" <> wrote in message news:eWF7TZ6$...
Krishnan,

I've looked into the MSDN sample code for Impersonation and I wanted to state that I have already tried code impersonating (I've already saw and tested this sample code), but this code only sets up a new user for currently executing code in the current process only (for example, if the code in the process tries to access a file, the user who is accessing the file is the impersonated user). However, if I try to start a new process using Process.Start() from inside the code, during active impersonation, the external process does not start as running on the impersonated user, but instead is run under the same account which originally started the sample code. Therefore, I think that this is not the correct solution for my problem.

To better visualize why this code doesn't solve my problem, I'll provide a step-by-step execution diagram below:
a.. User1 starts sample code process
b.. Sample code process is impersonated to User2
c.. Sample code process can access a file as it would be User2
d.. Sample code process uses Process.Start() to run a second process while it still is impersonated to User2: however, second process starts under User1!
This behavior is by design, the child process takes the calling process token, not the impersonation token of the calling thread, or in other words, the new process runs in the security context of the calling process.

Willy.