diff --git a/include/WinStd/Win.h b/include/WinStd/Win.h
index d9e9e986..c2c9ef30 100644
--- a/include/WinStd/Win.h
+++ b/include/WinStd/Win.h
@@ -67,6 +67,7 @@ namespace winstd
     class WINSTD_API library;
     class WINSTD_API heap;
     class WINSTD_API actctx_activator;
+    class WINSTD_API user_impersonator;
 }
 
 #pragma once
@@ -1002,5 +1003,32 @@ namespace winstd
         ULONG_PTR m_cookie; ///< Cookie for context deactivation
     };
 
+
+    ///
+    /// Lets the calling thread impersonate the security context of a logged-on user
+    ///
+    class WINSTD_API user_impersonator
+    {
+    public:
+        ///
+        /// Construct the impersonator and impersonates the given user
+        ///
+        /// \param[in] hToken  A handle to a primary or impersonation access token that represents a logged-on user
+        ///
+        /// \sa [ImpersonateLoggedOnUser function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa378612.aspx)
+        ///
+        user_impersonator(_In_ HANDLE hToken);
+
+        ///
+        /// Reverts to current user and destructs the impersonator
+        ///
+        /// \sa [RevertToSelf function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa379317.aspx)
+        ///
+        virtual ~user_impersonator();
+
+    protected:
+        BOOL m_cookie; ///< Did impersonation succeed?
+    };
+
     /// @}
 }
diff --git a/src/Win.cpp b/src/Win.cpp
index e38adfeb..e1001876 100644
--- a/src/Win.cpp
+++ b/src/Win.cpp
@@ -111,3 +111,20 @@ winstd::actctx_activator::~actctx_activator()
     if (m_cookie)
         DeactivateActCtx(0, m_cookie);
 }
+
+
+//////////////////////////////////////////////////////////////////////
+// winstd::user_impersonator
+//////////////////////////////////////////////////////////////////////
+
+winstd::user_impersonator::user_impersonator(_In_ HANDLE hToken)
+{
+    m_cookie = ImpersonateLoggedOnUser(hToken);
+}
+
+
+winstd::user_impersonator::~user_impersonator()
+{
+    if (m_cookie)
+        RevertToSelf();
+}