Generally, a mechanism for supporting client/server communication. In Microsoft Windows NT and Windows 2000, impersonation is a method that a server uses to determine whether a client has sufficient rights to access a resource.
Impersonation involves temporarily altering the security context of the server so that it matches that of the client. When the client attempts a connection to a resource on the server, it tells the server the impersonation level that the server can use to service the client’s request. The client can offer four impersonation levels:
An example of impersonation occurs when anonymous access is enabled on a Web site hosted on Internet Information Services (IIS). Anonymous access uses the IUSR_ComputerName anonymous account on the IIS server, which is part of the Guests local group.
If an IIS machine receives a Hypertext Transfer Protocol (HTTP) request from a remote Web browser, IIS impersonates the IUSR_ComputerName account so that it can allow the remote client to access the requested files or run the requested application.
This prevents access to system files on the IIS machine by the remote client.