Hi,
What can be the cause a call to PsImpersonateClient with an impersonation token and SecurityImpersonation as level ends setting the thread with a token at identity level?
Regards,
Mauro.
What status are you getting back on your call to PsImpersonateClient.
I would guess this is possible if that call is returning something other than STATUS_SUCCESS…
Peter
OSR
@OSRDrivers
Checked and no success code different than STATUS_SUCCESS but couldn’t verify yet the return code of the internal SeTokenCanImpersonate.
The only error codes I get under other scenarios are STATUS_BAD_IMPERSONATION_LEVEL and STATUS_ACCESS_DENIED as expected.
Basically resolved avoiding calling PsImpersonateClient if the current thread token is the same than the one I want to set. Doesn’t like reimpersonation 