confused by Impersonatting system thread?

Hi all,
I met a problem when I do network file opening in my FS filter driver.
When I block the IRP_MJ_XX, I cannot open my network file some times. The
error is: access denied.
Then I got some help from this list said that I shold impersonate my driver
routine thread to get the right to open network file. I read book about that
but confused by the info in book and some emails in the list:
In book:
I need to know a client thread, which has the right to open network file,
and create security context in that thread.
Then I impersonate my driver routine thread to that client thread’s security
context by calling SeImpersonateClientEx(), I need give parameter of the
security context created in the client thread before.

But In this email list:
I saw that all works seem done in one driver routine thread.
which one is crect?

Does anyone know some example about how to create a client thread which has
the right to network file, then I can impersonate my thread to that client
(except the filedisk sample. because it’s client thread is the driver
routine thread.)

Thanks for your help!


Do You Yahoo!?

Get your free address at