[DllImport("advapi32.dll")]
static extern TODO CreateProcessWithLogonW(TODO);
<DllImport("advapi32.dll", EntryPoint:="CreateProcessWithLogonW", SetLastError:=True, CharSet:=CharSet.Unicode, CallingConvention:=CallingConvention.StdCall)>
Public Shared Function CreateProcessWithLogonW( _
ByVal lpUsername As String, _
ByVal lpDomain As String, _
ByVal lpPassword As String, _
ByVal dwLogonFlags As Integer, _
ByVal lpApplicationName As String, _
ByVal lpCommandLine As String, _
ByVal dwCreationFlags As Integer, _
ByVal lpEnvironment As IntPtr, _
ByVal lpCurrentDirectory As String, _
ByRef lpStartupInfo As STARTUPINFO, _
ByRef lpProcessInformation As PROCESS_INFORMATION _
) As Integer
End Function
STARTUPINFO, PROCESS_INFORMATION
On Win2K SP4 (and possibly earlier versions) CreateProcessWithLogonW has a bug which can cause native heap corruption when used from managed code. If you pass NULL as STARTUPINFO::lpDesktop, CreateProcessWithLogonW will overwrite this NULL pointer with a pointer to a stack allocated string. The P/Invoke marshaling code will notice that the pointer in non-NULL upon return and attempt to free it, corrupting the heap.
This can result in random access violations (observed in managed code as NullReferenceExceptions, often with no stack trace), hangs, etc.
The workaround is to declare STARTUPINFO::lpDesktop as IntPtr rather than String.
Please add some!
Private Const LOGON_WITH_PROFILE = &H1
Public Shared Function OpenAppAsUser(ByVal username As String, ByVal domainname As String, ByVal password As String) As Boolean
'The Windows NT user token.
Dim lpAppName As String
Dim appExe As SR.[Assembly]
Dim pi As PROCESS_INFORMATION
Dim si As STARTUPINFO
Dim fResult As Boolean
Dim dwCreationFlags As Integer = Nothing
Dim lpCommandLine As String = Nothing
Dim lpEnvironment As IntPtr
Dim lpCurrentDirectory As String = Nothing
Dim ret As Integer
appExe = SR.Assembly.GetEntryAssembly()
lpAppName = appExe.Location
si.cb = Len(si)
si.lpTitle = appExe.GetName().Name
' call the Win32 API to open the application under the userID passed in
' Implicit Integer to Boolean conversion. CreateProcessWithLogonW returns 0 (False) when it fails.
fResult = CreateProcessWithLogonW(username, domainname, password, LOGON_WITH_PROFILE, lpAppName, lpCommandLine, dwCreationFlags, lpEnvironment, lpCurrentDirectory, si, pi)
' if the logon fails then we need to generate an error
If Not fResult Then
' get the last error from Windows
ret = Marshal.GetLastWin32Error
' if the userid, password, or domain is bad we can display a friendly message
If ret = 1326 Then
MessageBox.Show("Invalid UserID or Password entered. Please try again.", "Logon Error")
Return False
Else
' the error code is unexpected so throw an exception to be logged.
Dim retMsg = GetErrorMessage(ret)
Throw New MAE.BaseApplicationException("Error occurred: " + ret.ToString() + " - " + retMsg)
Return False
End If
End If
Return True
End Function