I found a Solution for that.
I set the dwLogonFlags to 2 that meens LOGON_NETCREDENTIALS_ONLY if you do so, you only act like this user but if you when you call Environment.UserName
or else you will get the Caller. now i switched to LOGON_WITH_PROFILE so the system is downloading the hole user from the Domain ... this takes a bit time at the first use but the process is now fully Impersonated.