On Thu, Mar 1, 2012 at 11:24 AM, Heiko Hund <heiko.h...@sophos.com> wrote: > > On Thursday 01 March 2012 09:22:38 Alon Bar-Lev wrote: > > Also, (technically) impersonation token cannot be used for network > > access. > > So the solution of impersonating to user will not allow a script to > > mount remote filesystem. > > You can't create a process with an impersonation token that's why a > primary > token is used.
How do you create primary token of user without him typing his credentials again? or add the user "replace token" privilege? Anyway, I am curios to read your view about the alternate solution I suggested. Alon.
