Impersonation and EFS

Tags: .NET

A quick reminder, after having spent too much time on it this morning:

When impersonating a client context (in this case through SSPI over Remoting), not only can you not access external network resources, you also can't access files and directories encrypted with EFS. I was stumped over this - WindowsIdentity.GetCurrent() returned the proper user, but trying to create a new file in an encrypted folder resulted in UnauthorizedAccessExceptions (Win32 error #5).

The solution - my Unimpersonator to the rescue!

Hmm. Remoting, impersonation, EFS and Access Denied - that should be enough for google to work with, right? :)

No Comments