There is a Windows service with a running thread that impersonates a security context of a logged-on user. Then there is system shutdown -> fast startup sequence that performs the user log off. After that the thread continues its execution but behaves weirdly, it seems the impersonation is lost and the thread security context is reverted to self.
ImpersonateLoggedOnUser documentation says:
The impersonation lasts until the thread exits or until it calls RevertToSelf.
There is nothing about log off or fast startup scenario.
I'm wondering if an access token and/or impersonation are invalidated when a user is logged-out? If so, are there any documentation links that describes that? Are there any workarounds to keep impersonation?