

Function Invoke-ImpersonateUser
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', '')]
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingUsernameAndPasswordParams', '')]



Add-Type @'
using System;
using System.Runtime.InteropServices;
using System.Security;
using System.Security.Principal;
using Microsoft.Win32.SafeHandles;
using System.Diagnostics;
namespace CustomProcess
    public struct PROFILEINFO {
        public int dwSize;
        public int dwFlags;
        public String lpUserName;
        public String lpProfilePath;
        public String lpDefaultPath;
        public String lpServerName;
        public String lpPolicyPath;
        public IntPtr hProfile;
    public static class ProcessInvoker
        [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
        public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword,
            int dwLogonType, int dwLogonProvider, out IntPtr phToken);
        [DllImport("userenv.dll", SetLastError=true, CharSet=CharSet.Auto)]
        public static extern bool LoadUserProfile(IntPtr hToken, ref PROFILEINFO lpProfileInfo);
        public static string Impersonate(string username, string domain, string password)
            const int LOGON32_PROVIDER_DEFAULT = 0;
            const int LOGON32_LOGON_INTERACTIVE = 2;
            IntPtr token = IntPtr.Zero;
            bool returnValue = LogonUser(username, domain, password,
                out token);
            if (false == returnValue)
                int ret = Marshal.GetLastWin32Error();
                Console.WriteLine("LogonUser failed with error code : {0}", ret);
                //throw new System.ComponentModel.Win32Exception(ret);
                return ("LogonUser Error: " + ret);
            var profileInfo = new PROFILEINFO();
            profileInfo.lpUserName = username;
            profileInfo.dwSize = Marshal.SizeOf(profileInfo);
            returnValue = LoadUserProfile(token, ref profileInfo);
            if (returnValue == false)
                int ret = Marshal.GetLastWin32Error();
                Console.WriteLine("LogonUser failed with error code : {0}", ret);
                //throw new System.ComponentModel.Win32Exception(ret);
                return ("LoadUserProfile Error: " + ret);
            var identity = new WindowsIdentity(token);
            var context = identity.Impersonate();
            return String.Empty;

        $domain = $null
        $user = $Username
        if ($Username.Contains("\"))
            $split = $Username.Split("\")
            if (($split | Measure-Object).Count -ne 2)
                Write-Error "Username contains invalid number of '\' characters."

            $domain = $split[0]
            $user = $split[1]

        [CustomProcess.ProcessInvoker]::Impersonate($user, $domain, $PasswordInPlaintext)