impersonationlevel=impersonate, (Backup, Security) in .Net
Yury Averkiev
I'm working on a Event log management application and I got stack
implementing Clear Event Log feature.
The application is being developed in C# + WMI. ClearEventlog WMI call works
fine when executed against remote computers but it fails with "Access
Denied" error in case of the local computer. I saw several vbscript samples
on how Win32_NTEventlogFile.ClearEventlog and all of them have the following
line:
Set objWMIService = GetObject ("winmgmts:" &
"{impersonationlevel=impersonate, (Backup, Security)}!\\" &
strComputer & "\root\cimv2")
so the question is how to assign "(Backup, Security)" to the
ConnectionOptions.ImpersonationLevel in a .Net application?
Thanks,
Yury
urkec
You don't need to change the impersonation level, but user privileges. When
you use WMI scripting API (like in VBScript) you can set them in the moniker,
like you showed, or you can use SWbemPrivilege object. I don't know much
about C# and System.Management namespace, but I managed to avoid the error
you mention like this:
ConnectionOptions options = new ConnectionOptions ();
options.EnablePrivileges = true;
ManagementScope scope = new ManagementScope (@"\\.\root\cimv2", options);
then I used the ManagementScope object to connect to Win32_NTEventlogFile
class and backup the Security log file. I'm not really sure what
options.EnablePrivileges = true does (enables all privileges?), but It seemed
to work. I wasn't able to find the method to enable individual privileges
(security, backup itd), so if you find any information that clarifies this,
please post it here.
--
urkec