[DllImport("advapi32.dll")]
public static extern bool LogonUser(
string lpszUsername,
string lpszDomain,
string lpszPassword,
int dwLogonType,
int dwLogonProvider,
ref IntPtr phToken
);
Declare Auto Function LogonUser Lib "advapi32.dll" (ByVal lpszUsername As String, _
ByVal lpszDomain As String, ByVal lpszPassword As String, ByVal dwLogonType As Integer, _
ByVal dwLogonProvider As Integer, ByRef phToken As IntPtr) As Integer
None.
It is very important to know which LOGON type you need. LOGON_NETWORK will allow access to network resources, while LOGON_INTERACTIVE will not. This will cause you hours of consteration if you don't pay attention to it.
To make this useful, you will also need to implement DuplicateToken.
Please add some!
Windows 2000 issue:
The LogonUser method works well with Windows XP, but when using Windows 2000, there are security issues that force you to grant the "Act as part of the Operating System" rights to each user that will invoke the method LogonUser. This is obviously undesirable. Since Microsoft advises against this one can use the CreateProcessWithLogonW API instead of LogonUser. This starts another process on the local machine, runs an application of your choice in that process, and uses a valid UserID and Password passed to the method.
const int LOGON32_LOGON_NETWORK = 3;
Int16 LOGON32_LOGON_INTERACTIVE = 2;
Int16 LOGON32_PROVIDER_DEFAULT = 0;
if (LogonUser(userName, domain, passWord, interactiveValue, LOGON32_PROVIDER_DEFAULT, ref token))
{
if (DuplicateToken(token, 2, ref tokenDuplicate))
{
tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);
impersonationContext = tempWindowsIdentity.Impersonate();
return impersonationContext == null;
}
else
return false;
}
else
return false;
TODO