ImpersonateLoggedOnUser (advapi32)
Last changed: -37.160.138.42

.
Summary
Lets the calling thread impersonate the security context of a logged-on user. The user is represented by a token handle.

C# Signature:

[DllImport("advapi32.dll", SetLastError=true)]
static extern int ImpersonateLoggedOnUser(IntPtr hToken);

VB Signature:

Declare Function ImpersonateLoggedOnUser Lib "advapi32.dll" (ByVal hToken As Integer) As Integer

User-Defined Types:

None.

Notes:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/impersonateloggedonuser.asp

Tips & Tricks:

Don't forget to call RevertToSelf when done.

The last param in LogonUser (phToken) can be declared as Integer to work with the following VB.Net sample. The key is making sure it is ByRef vs ByVal.

Sample Code:

Public Sub Logon(ByVal strUser As String, ByVal strPassword As String, ByVal strDomain As String)
    Dim lngLogonType, lngLogonProvider, lngTokenHandle As Integer
    Dim blnResult As Boolean

    lngLogonType = LOGON32_LOGON_INTERACTIVE
    lngLogonProvider = LOGON32_PROVIDER_DEFAULT

    blnResult = RevertToSelf()

    blnResult = LogonUser(strUser, strDomain, strPassword, _
                         lngLogonType, lngLogonProvider, _
                         lngTokenHandle)
    If blnResult Then
        blnResult = ImpersonateLoggedOnUser(lngTokenHandle)
        CloseHandle(lngTokenHandle)
    Else
        MsgBox("Error logging on")
    End If
End Sub

Alternative Managed API:

WindowsIdentity.Impersonate

Documentation