You are using a valid user of the box you are crawling?

Yes

How are you doing it. From what you say it should work.

I'm making win32 calls...

using System;
using System.IO;
using System.Net;
using System.Web;
using System.Web.Security;
using System.Security.Principal;
using System.Runtime.InteropServices;
class Crawler
{
 public const int LOGON32_LOGON_INTERACTIVE = 2;
 public const int LOGON32_PROVIDER_DEFAULT = 0;
 WindowsImpersonationContext impersonationContext;
 [STAThread]
 static void Main(string[] args)
 {
  Crawler i = new Crawler();
   
  Console.WriteLine("Current User: " + WindowsIdentity.GetCurrent().Name);
  if(i.impersonateValidUser("username", "domain", "password"))
  {
   /* Create URL Object */
   Uri uriObj = new Uri("https://urltocrawlhere");
   /* Create a WebRequest Object */
   WebRequest req = WebRequest.Create(uriObj);
   
   /* Explicitly convert an HttpWebRequest into a WebRequest */
   HttpWebRequest httpReq = (HttpWebRequest)req;
   /* Assign the user agent string */
   httpReq.UserAgent = "mozilla/4.0 (compatible; msie 6.0; windows nt 5.0; .net clr 1.1.4322)";
     
   /* Let the page route the crawler */
   httpReq.AllowAutoRedirect = true;
   /* Create a Response Object */
   WebResponse resp = req.GetResponse();
   
   /* explicitly convert the Response Object to an HttpWebResponse */
   HttpWebResponse httpResp = (HttpWebResponse)resp;
   
   /* Read the html of the page into a StreamReader */
   StreamReader s = new StreamReader(httpResp.GetResponseStream());
 
   /* stuff the html into a string */
   string allHtml = s.ReadToEnd();
   
   /* Close the stream */
   s.Close();
   
   /* Close the http connection */
   httpResp.Close(); 
   
   Console.WriteLine(allHtml);
   
   i.undoImpersonation();
   }
   else
   {
   Console.WriteLine("Security Impersonation failed...");
   }
  }
  
  [DllImport("advapi32.dll")]
  public static extern int LogonUserA(String lpszUserName, 
     String lpszDomain,
     String lpszPassword,
     int dwLogonType, 
     int dwLogonProvider,
     ref IntPtr phToken);
  [DllImport("advapi32.dll", CharSet=CharSet.Auto, SetLastError=true)]
  public static extern int DuplicateToken(IntPtr hToken, 
     int impersonationLevel, 
     ref IntPtr hNewToken);
  [DllImport("advapi32.dll", CharSet=CharSet.Auto, SetLastError=true)]
  public static extern bool RevertToSelf();
  [DllImport("kernel32.dll", CharSet=CharSet.Auto)]
  public static extern bool CloseHandle(IntPtr handle);
  private bool impersonateValidUser(String userName, String domain, String password)
  {
   WindowsIdentity tempWindowsIdentity;
   IntPtr token = IntPtr.Zero;
   IntPtr tokenDuplicate = IntPtr.Zero;
   if(RevertToSelf())
   {
   if(LogonUserA(userName, domain, password, LOGON32_LOGON_INTERACTIVE, 
     LOGON32_PROVIDER_DEFAULT, ref token)!= 0)
   {
    if(DuplicateToken(token, 2, ref tokenDuplicate)!= 0) 
    {
     tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);
     impersonationContext = tempWindowsIdentity.Impersonate();
     if (impersonationContext!= null)
     {
      CloseHandle(token);
      CloseHandle(tokenDuplicate);
      return true;
     }
    }
   } 
   }
   if(token!= IntPtr.Zero)
   CloseHandle(token);
   if(tokenDuplicate!=IntPtr.Zero)
   CloseHandle(tokenDuplicate);
   return false;
  }
  private void undoImpersonation()
  {
   impersonationContext.Undo();
  }
}

This is a problem with NT authentication through code on one NT Box to another. The impersonation will authenticate on the NT box that is calling the code...but it does not pass on the correct type of authentication token to the remote NT boxes in the domain.

To get this to work you need to try using Delegation on the Active Directory accounts...if you are using AD. Or, you can encapsulate your code in a COM object and run that object as certain Domain account that has access to all the sites/servers you are trying to access.

roger that TheNige...

Thanks for the information.