Anybody using RUNAS utility

Level Extreme platform

Subscription

Corporate profile

Products & Services

Support

Legal

Français

Anybody using RUNAS utility

Message

From

25/05/2006 17:38:36

Ali Marandi
North Vancouver, British Columbia, Canada

04/10/2004 14:40:09

Hugo Ranea
Bc Rapid Transit
British Columbia, Canada

General information

Forum:

Visual FoxPro

Category:

Installation, Setup and Configuration

Title:

Re: Anybody using RUNAS utility

Miscellaneous

Thread ID:

00948554

Message ID:

01125093

Views:

Hi Hugo,

I am looking for something like Runas. When I see this thread of you, I became very happy, but then you told in there that the user have access to the server as well as application (dangerous note). I like the runas idea, but is there any way that I could hide the password from the user? I am using VFP 9 on Windows Server 2003.

Thank you,
Ali

Hi
>>Problem: how to limit access to database files only to designated FoxPro application?
>>
>>Please follow this link:
>>http://fox.wikis.com/wc.dll?Wiki~RunAsAnotherUser
>>
>>Thanks!
>
>>Problem: how to limit access to database files only to designated FoxPro application?
>>
>>Please follow this link:
>>http://fox.wikis.com/wc.dll?Wiki~RunAsAnotherUser
>>
>>Thanks!
>
>We had done this for testing some time ago, and it worked pretty well AFAWK, but without using run as, just doing the impersonation directly from within foxpro code.
>
>

>
>* If the table "Products" is in a protected folder, for example and the user "ProdAdmin" has rights to the folder, then:
>
>if Impersonate("ProdAdmin", "ProdPassword")
>   * I use a mapped drive just as an example, of course it is not needed or desireble
>   USE X:\ProductFolder\Products
>endif
>
>* Do some process
>
>EndImpersonate()
>
>
>FUNCTION Impersonate(UserName As String, UserPassword As String) As Boolean
>   LOCAL nToken, loNet
>   Declare Integer LogonUser IN advapi32 ;
>   	String lpszUsername, ;
>   	String lpszDomain, ;
>   	String lpszPassword, ;
>   	Integer dwLogonType, ;
>   	Integer dwLogonProvider, ;
>   	Long @phToken
>
>   Declare Integer ImpersonateLoggedOnUser IN WIN32API Long ptr
>
>   Declare RevertToSelf IN ADVAPI32
>
>   nToken	= 0
>   loNET		= CREATEOBJECT('wscript.Network')
>   IF LogonUser(UserName, loNET.UserDomain, UserPassword, 2, 0, @nToken) > 0
>      IF ImpersonateLoggedOnUser(nToken) > 0
>         CLEAR DLLS
>         loNet.MapNetworkDrive('X:', '\\skyapps\apps') && Map all network drives is necessary
>         RETURN .t.
>      ENDIF
>   ENDIF
>   CLEAR DLLS
>   RETURN .F.
>ENDFUNC
>
>FUNCTION EndImpersonate() As Boolean
>   Declare RevertToSelf IN ADVAPI32
>   RevertToSelf()
>   CLEAR DLLS
>ENDFUNC
>
>

>
>Now the code between Impersonate() and EndImpersonate() would have the rights of the user passed as parameter. Note that this can be dangerous, for example if you open explorer while impersonating (within the program, for the impersonation is just scoped to the vfp session), the user would have all rights of the impersonated user.

Map

View

Click here to load this message in the networking platform