My net.pipe WCF binding does not work when the server runs non elevated. This blog helped me find the answer - http://weblogs.thinktecture.com/cweyer/2007/12/dealing-with-os-privilege-issues-in-wcf-named-pipes-scenarios.html

So, I added the SeCreateGlobalPrivilege privilege to the relevant non admin user, but now I have to enable the privilege programmatically in .NET

Now, there are several examples on the internet how to do it in .NET, but all of them essentially rewrite plain C code to C# with P/Invoke.

I wish to know how to do it using the dedicated .NET system types, like ObjectSecurity, Privilege and so on, so that my code does not do any P/Invoke - let the system code do it for me.

Is it possible?

Thanks.

EDIT1

What makes me think it is possible? Well, I searched for the AdjustTokenPrivileges P/Inovke API usage in .NET using Reflector and found, that there is ObjectSecurity.Persist method , which ultimately invokes this P/Invoke. Next, this ObjectSecurity has one protected constructor, meaning it is possible for a non MS code to derive from it and invoke this method.

So, it seems feasible using type-safe .NET code (i.e. no reflection).

If you don't want to use P/Invoke by yourself, you can still use the internal System.Security.AccessControl.Privilege class, using Reflection mechanisms, like this:

    // => privilege = new Privilege("SeCreateGlobalPrivilege");
    Type privilegeType = Type.GetType("System.Security.AccessControl.Privilege");
    object privilege = Activator.CreateInstance(privilegeType, "SeCreateGlobalPrivilege");

    // => privilege.Enable();
    privilegeType.GetMethod("Enable").Invoke(privilege, null);

    // =>  privilege.Revert();
    privilegeType.GetMethod("Revert").Invoke(privilege, null);

I'm not sure it's really better, because it's more or less a hack, not supported et al., but ok, it's easy for lazy guys :-)