pinvoke.net: advapi32.LogonUser(2005-01-21-00-06-59.5838--24.12.194.220)

Summary

allows you to programmatically log a user on. Once done, the application space will take the identity of the newly logged on user.

C# Signature:

[DllImport("advapi32.dll")]
public static extern bool LogonUser (String lpszUsername, String lpszDomain, String lpszPassword,
int dwLogonType, int dwLogonProvider, ref IntPtr phToken);

VB .NET Signature:

Declare Auto Function LogonUser Lib "advapi32.dll" (ByVal lpszUsername As String, ByVal lpszDomain As String, _
ByVal lpszPassword As String, ByVal dwLogonType As Integer, ByVal dwLogonProvider As Integer, ByRef phToken As IntPtr) _
As Integer

User-Defined Types:

None.

Notes:

It is very important to know which LOGON type you need. LOGON_NETWORK will allow access to network resources, while LOGON_INTERACTIVE will not. This will cause you hours of consteration if you don't pay attention to it.

To make this useful, you will also need to implement DuplicateToken.

After a successful Logon, you can also use ImpersonateLoggedOnUser (also in advapi32).

Tips & Tricks:

Please add some!

Sample Code:

const int LOGON32_LOGON_NETWORK = 3;
Int16 LOGON32_LOGON_INTERACTIVE  = 2;
Int16 LOGON32_PROVIDER_DEFAULT  = 0;

if(LogonUser(userName, domain, passWord, interactiveValue, LOGON32_PROVIDER_DEFAULT, ref token))
{
    if(DuplicateToken(token, 2, ref tokenDuplicate))
    {
        tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);
        impersonationContext = tempWindowsIdentity.Impersonate();
        if(impersonationContext == null)
        {
            return false;
        }
        else
        {
            return true;
        }
    }
    else
    {
        return false;
    }
}
else
{
    return false;
}

Alternative Managed API:

TODO

Documentation

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/security/logonuser.asp