SecureStringToGlobalAllocUnicode Method
Collapse the table of content
Expand the table of content

Marshal.SecureStringToGlobalAllocUnicode Method (SecureString)


Copies the contents of a managed SecureString object into unmanaged memory.

Namespace:   System.Runtime.InteropServices
Assembly:  mscorlib (in mscorlib.dll)

public static IntPtr SecureStringToGlobalAllocUnicode(
	SecureString s


Type: System.Security.SecureString

The managed object to copy.

Return Value

Type: System.IntPtr

The address, in unmanaged memory, where s was copied, or 0 if s is a SecureString object whose length is 0.

Exception Condition

The s parameter is null.


The current computer is not running Windows 2000 Service Pack 3 or later.


There is insufficient memory available.

The SecureStringToGlobalAllocUnicode method is useful for custom marshaling or for use when mixing managed and unmanaged code. Because this method allocates the unmanaged memory required for a string, always free the memory by calling the ZeroFreeGlobalAllocUnicode method.

Notes to Callers:

This method is supported only on computers running Windows 2000 Service Pack 3 or later.

The following example demonstrates how to use the SecureStringToGlobalAllocUnicode method with the unmanaged LogonUser function to perform impersonation with the SecureString class. The example then uses the ZeroFreeGlobalAllocUnicode method to zero out and free the unmanaged string reference.

using System;
using System.ComponentModel;
using System.Runtime.InteropServices;
using System.Security;
using System.Security.Principal;

class Example
     // Define the Windows LogonUser and CloseHandle functions.
     [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
     internal static extern bool LogonUser(String username, String domain, IntPtr password,
             int logonType, int logonProvider, ref IntPtr token);

     [DllImport("kernel32.dll", CharSet = CharSet.Auto)]
     public extern static bool CloseHandle(IntPtr handle);

     // Define the required LogonUser enumerations.
     const int LOGON32_PROVIDER_DEFAULT = 0;
     const int LOGON32_LOGON_INTERACTIVE = 2;

     static void Main()
          // Display the current user before impersonation.
          Console.WriteLine("Before impersonation: {0}",

          // Ask the user for a network domain.
          Console.Write("Please enter your domain: ");
          string domain = Console.ReadLine();

          // Ask the user for a user name.
          Console.Write("Please enter your user name: ");
          string username = Console.ReadLine();

          // Ask the user for a password.
          Console.Write("Please enter your password: ");
          SecureString passWord = GetPassword();

          // Impersonate the account provided by the user.
          try {
             WindowsImpersonationContext userContext =
                           ImpersonateUser(passWord, username, domain);
             // Display the current user after impersonation.
             Console.WriteLine("After impersonation: {0}",
          catch (ArgumentException e) {
             Console.WriteLine("{0}: {1}", e.GetType().Name, e.Message);
          catch (Win32Exception e) {
             Console.WriteLine("{0}: {1}", e.GetType().Name, e.Message);
          finally {

     public static SecureString GetPassword()
         SecureString password = new SecureString();

         // get the first character of the password
         ConsoleKeyInfo nextKey = Console.ReadKey(true);

         while (nextKey.Key != ConsoleKey.Enter) {
             if (nextKey.Key == ConsoleKey.Backspace) {
                 if (password.Length > 0) {
                     password.RemoveAt(password.Length - 1);

                     // erase the last * as well
                     Console.Write(" ");
             else {

             nextKey = Console.ReadKey(true);


         // lock the password down
         return password;

     public static WindowsImpersonationContext ImpersonateUser(SecureString password, string userName, string domainName)
         IntPtr tokenHandle = IntPtr.Zero;
         IntPtr passwordPtr = IntPtr.Zero;
         bool returnValue = false;
         int error = 0;

         // Marshal the SecureString to unmanaged memory.
         passwordPtr = Marshal.SecureStringToGlobalAllocUnicode(password);

         // Pass LogonUser the unmanaged (and decrypted) copy of the password.
         returnValue = LogonUser(userName, domainName, passwordPtr,
                                 LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,
                                 ref tokenHandle);
         if (!returnValue && tokenHandle == IntPtr.Zero)
            error = Marshal.GetLastWin32Error();

         // Perform cleanup whether or not the call succeeded.
         // Zero-out and free the unmanaged string reference.
         // Close the token handle.

         // Throw an exception if an error occurred.
         if (error != 0) {
             throw new System.ComponentModel.Win32Exception(error);
         // The token that is passed to the following constructor must 
         // be a primary token in order to use it for impersonation.
         WindowsIdentity newId = new WindowsIdentity(tokenHandle);

         return newId.Impersonate();


requires full trust for the immediate caller. This member cannot be used by partially trusted or transparent code.

.NET Framework
Available since 2.0
Return to top
© 2015 Microsoft