SimpleImpersonation in Linux

Question

SimpleImpersonation in Linux

OHAVM opened this issue 6 years ago · 3 comments

Hello,

I was wondering if there were any plans to support Linux with SimpleImpersonation? I'm receiving the following error when trying to run it:

Unable to load DLL 'advapi32.dll': The specified module or one of its dependencies could not be found.

My company is migrating away from Windows to Linux and this library has been supremely awesome to use. I'd really prefer to try and continue with it as opposed to having to look for workarounds.

Thanks,
Victor

Answer 1 · 2019-03-13T23:15:34.000Z

See "Platform Support" in the readme.
https://github.com/mj1856/SimpleImpersonation#platform-support

Such an effort would require a deeper understanding of authentication models in these environments than I possess.

Another way to think about it is that under the hood we are working with WindowsIdentity objects and the Win32 LogonUser API. These don't exist outside of Windows.

Answer 2 · 2019-03-14T15:25:16.000Z

I read it on the readme, but was more curious about future plans. The reason for developing .NET Core was to allow for devs to use .NET in a Linux setting, particularly with AWS in play. If this library allow for us to interact with our Windows machines from Linux via Active Directory, it would be tremendously useful and fill a niche in the .NET ecosystem.

Answer 3 · 2019-03-14T19:42:54.000Z

I'd recommend exploring the various client libraries for Azure AD start here. Or for on-prem AD, you'll need to look at enabling ADFS, or using old-school tech like LDAP.

SimpleImpersonation is really just a simple library to work with auth on the local machine. The only remote auth it can offer is when it is provided by the local OS. For instance, there's nowhere here where you specify the IP address or DNS name of a domain server to authenticate against. If the local Windows computer can't find the domain you provide, then it's not going to work.

If there ever were a Linux story for this library, it would be around similar concepts - whatever the Linux equivalents are. Or perhaps it would work with the Linux VM extension for AAD. But it wouldn't do anything beyond interacting with the local OS or something installed on the local OS.