This documentation is archived and is not being maintained.

WindowsIdentity Constructor (String)

Initializes a new instance of the WindowsIdentity class for the user represented by the specified User Principal Name (UPN).

Namespace:  System.Security.Principal
Assembly:  mscorlib (in mscorlib.dll)

public WindowsIdentity(
	string sUserPrincipalName


Type: System.String
The UPN for the user on whose behalf the code is running.


Windows returned the Windows NT status code STATUS_ACCESS_DENIED.


There is insufficient memory available.


The caller does not have the correct permissions.


The computer is not attached to a Windows 2003 or later domain.


The computer is not running Windows 2003 or later.


The user is not a member of the domain the computer is attached to.

A UPN has the format, in other words, an email address. The UPN identified in sUserPrincipalName is used to retrieve a token for that user through the Win32 API LsaLogonUser function. In turn that token is used to identify the user. An exception might be returned due to the inability to log on using the supplied UPN.


This constructor is intended for use on computers joined only to Windows Server 2003 domains. An exception is thrown for other domain types. This restriction is because the constructor uses the KERB_S4U_LOGON structure.

.NET Framework

Supported in: 4, 3.5, 3.0, 2.0, 1.1

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.