LogonUser (advapi32)
Last changed: JM-163.116.163.139

.

Windows 2000 needs the SE_TCB_NAME (act as part of the operating system) set to work correctly

Check out the formatting tips on the right for help formatting and making links.

Use the template below then delete this header:

Summary
allows you to programmatically log a user on. Once done, the application space will take the identity of the newly logged on user.

C# Signature:

[DllImport("advapi32.dll")]
public static extern bool LogonUser (String lpszUsername, String lpszDomain, String lpszPassword,
    int dwLogonType, int dwLogonProvider, ref IntPtr phToken);

VB .NET Signature:

Declare Auto Function LogonUser Lib "advapi32.dll" (ByVal lpszUsername As String, ByVal lpszDomain As String, _
    ByVal lpszPassword As String, ByVal dwLogonType As Integer, ByVal dwLogonProvider As Integer, ByRef phToken As IntPtr) _
    As Integer

User-Defined Types:

None.

Notes:

It is very important to know which LOGON type you need. LOGON_NETWORK will allow access to network resources, while LOGON_INTERACTIVE will not. This will cause you hours of consteration if you don't pay attention to it.

To make this useful, you will also need to implement DuplicateToken.

After a successful Logon, you can also use ImpersonateLoggedOnUser (also in advapi32).

Tips & Tricks:

Please add some!

Sample Code:

const int LOGON32_LOGON_NETWORK = 3;
Int16 LOGON32_LOGON_INTERACTIVE  = 2;
Int16 LOGON32_PROVIDER_DEFAULT  = 0;

if(LogonUser(userName, domain, passWord, interactiveValue, LOGON32_PROVIDER_DEFAULT, ref token))
{
    if(DuplicateToken(token, 2, ref tokenDuplicate))
    {
        tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);
        impersonationContext = tempWindowsIdentity.Impersonate();
        if(impersonationContext == null)
        {
            return false;
        }
        else
        {
            return true;
        }
    }
    else
    {
        return false;
    }
}
else
{
    return false;
}

Alternative Managed API:

TODO

Documentation