I am having a problem with I think impersonation, but I could be mistaken.

I have an IBM XMS consumer, consuming data from a queue. Works fine. In order to be granted access to the queue the service needs to be running as specific user, for this I have implemented .Net impersonation. On all systems I am able to get the queue running, the problem occurs when there is a need to restart.

To test restart I have placed a simple if(messages == 500) throw... which triggers cancellation, disconnection and reconnection.

I installed the application as a Windows service to my local machine, it connects (using impersonation), reaches 500, throws, disconnects, reconnects and continues to process messages. However when I run the same code on our server it fails while trying to create a queue connection. Here is the error:

7765 [20] ERROR SIS (null) - Unable to connect to Websphere MQ IBM.XMS.XMSException: CWSMQ0006E: An exception was received during the call to the method ConnectionFactory.CreateConnection: System.ComponentModel.Win32Exception (0x80004005): Access is denied
at System.Diagnostics.ProcessManager.OpenProcess(Int32 processId, Int32 access, Boolean throwIfExited) at System.Diagnostics.NtProcessManager.GetModuleInfos(Int32 processId, Boolean firstModuleOnly) at System.Diagnostics.ProcessManager.GetModuleInfos(Int32 processId)
at System.Diagnostics.Process.get_Modules() at IBM.WMQ.CommonServices.TraceEnvironment() at IBM.WMQ.CommonServices.CreateCommonServices() at IBM.WMQ.CommonServices.TraceEnabled() at IBM.WMQ.MQBase..ctor()
at IBM.WMQ.Nmqi.Phconn..ctor(NmqiEnvironment env) at IBM.WMQ.Nmqi.NmqiEnvironment.NewPhconn() at IBM.XMS.Client.WMQ.WmqConnection..ctor(NmqiEnvironment nmqiEnv, NmqiMQ nmqiMQ, XmsPropertyContext connectProps) at IBM.XMS.Client.WMQ.Factories.WmqConnectionFactory.CreateV7ProviderConnection(XmsPropertyContext connectionProps). During execution of the specified method an exception was thrown by another component. See the linked exception for more information. at IBM.XMS.Client.WMQ.Factories.WmqConnectionFactory.CreateProviderConnection(XmsPropertyContext connectionProps) at IBM.XMS.Client.Impl.XmsConnectionFactoryImpl.CreateConnection(String userID, String password) at IBM.XMS.Client.Impl.XmsConnectionFactoryImpl.CreateConnection() at Spin.TradingServices.DataAcquisition.Domain.DataProcessing.SIS.SISMQConnection.Connect(ImpersonationCredentials impersonationCredentials)

Linked Exception : System.ComponentModel.Win32Exception (0x80004005): Access is denied at System.Diagnostics.ProcessManager.OpenProcess(Int32 processId, Int32 access, Boolean throwIfExited) at System.Diagnostics.NtProcessManager.GetModuleInfos(Int32 processId, Boolean firstModuleOnly) at System.Diagnostics.ProcessManager.GetModuleInfos(Int32 processId)
at System.Diagnostics.Process.get_Modules() at IBM.WMQ.CommonServices.TraceEnvironment() at IBM.WMQ.CommonServices.CreateCommonServices() at IBM.WMQ.CommonServices.TraceEnabled() at IBM.WMQ.MQBase..ctor()
at IBM.WMQ.Nmqi.Phconn..ctor(NmqiEnvironment env) at IBM.WMQ.Nmqi.NmqiEnvironment.NewPhconn() at IBM.XMS.Client.WMQ.WmqConnection..ctor(NmqiEnvironment nmqiEnv, NmqiMQ nmqiMQ, XmsPropertyContext connectProps) at IBM.XMS.Client.WMQ.Factories.WmqConnectionFactory.CreateV7ProviderConnection(XmsPropertyContext connectionProps)

Looks like the user id being impersonated does not have enough permissions and not a problem with XMS.

Here is a link that may be of help to you.

Access is denied at System.Diagnostics.Process.StartWithCreateProcess(ProcessStartInfo startInfo)

and this also.

It seems that on the IBM site there is a fix available for this error:

http://www-01.ibm.com/support/docview.wss?uid=swg1IC90674

(please use the Wayback Machine https://archive.org/web/ if the URL is no longer available)

They also say that there is a local fix:

Granting "Query process information and read process virtual memory" rights to the impersonated user so that OpenProcess succeeds.