home
products
contribute
download
documentation
forum
Home
Forums
New posts
Search forums
What's new
New posts
All posts
Latest activity
Members
Registered members
Current visitors
Donate
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Search forums
Search titles only
By:
Menu
Log in
Register
Navigation
Install the app
Install
More options
Contact us
Close Menu
Forums
MediaPortal 2
Plugin Development
Featured Plugins
MP2Extended
Plugin: MP2Extended
Contact us
RSS
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="MJGraf" data-source="post: 1158655" data-attributes="member: 17886"><p>Hi everyone and sorry for the late answer, I'm currently travelling.</p><p>Morph, there is no such logic as you describe. We always 'impersonate' - no matter whether we are running as service, admin or regular user. The reason is that we don't really 'impersonate'. The local thread identity is not changed. The credentials are only used to access remote resources. Reason for using this way is (a) it also works if the credentials do not exist on the local machine but only on the remote one and (b) this requires the lowest privileges locally, as the local identity doesn't change.</p><p>Reason for not checking whether service, admin or regular user is that the whole thing just requires two windows privileges - and these can be assigned to all kinds of users.</p><p>I remember that I did a very deep analysis about these privileges and wrote it down here in the forum. I also remember that someone mentioned this should go to the wiki, but as usual, there was no time for that...</p><p>I'll post here as soon as I found my analysis...</p><p>Michael</p></blockquote><p></p>
[QUOTE="MJGraf, post: 1158655, member: 17886"] Hi everyone and sorry for the late answer, I'm currently travelling. Morph, there is no such logic as you describe. We always 'impersonate' - no matter whether we are running as service, admin or regular user. The reason is that we don't really 'impersonate'. The local thread identity is not changed. The credentials are only used to access remote resources. Reason for using this way is (a) it also works if the credentials do not exist on the local machine but only on the remote one and (b) this requires the lowest privileges locally, as the local identity doesn't change. Reason for not checking whether service, admin or regular user is that the whole thing just requires two windows privileges - and these can be assigned to all kinds of users. I remember that I did a very deep analysis about these privileges and wrote it down here in the forum. I also remember that someone mentioned this should go to the wiki, but as usual, there was no time for that... I'll post here as soon as I found my analysis... Michael [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
MediaPortal 2
Plugin Development
Featured Plugins
MP2Extended
Plugin: MP2Extended
Contact us
RSS
Top
Bottom
