Re: Win32 LogonUser()
From: Roman Gallauner (roman@gallauner.at)
Date: 06/16/02
- Next message: Simon Pallister: "Re: Event Log Access from ASP.NET"
- Previous message: Christopher Dedels: "force ssl encryption"
- In reply to: deligentman: "Re: Win32 LogonUser()"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Roman Gallauner" <roman@gallauner.at> Date: Sun, 16 Jun 2002 23:04:40 +0200
if thats an option for you try running it on windows xp/.net server - theres
no more need for the tcb-privilege
works fine here at my site
greets
roman
"deligentman" <email@spam.com> wrote in message
news:undRCOuECHA.1892@tkmsftngp03...
> Hi group
>
> This is my personal experience and after doing so, read an article (sorry
!
> I can not find it now)
> in win2k if you specify IIS to control IUserMachinename /anonymous account
> and it is in guests group,
> then logonuser api deosnot work if a web user imperonates
> IUserMachinename/anonymous user account.
>
> To make it work , put it in a privilidge group, change password sync
options
> in IIS and may be more other properties for IUserMachineName account.
(still
> the login will be treated as
> a user logged on to the IIS box locally)
>
> if I give more power to anonymous user then I will be a opening security
> risk/hole in my site as we all knows.
>
> thanks.
> Del.
>
>
>
>
>
>
>
>
> "Harout K" <haroutkat@hotmail.com> wrote in message
> news:#OqYkcg4BHA.2716@tkmsftngp04...
> > Hi all,
> > For three days now I have been trying to use LogonUser() API to login
> users
> > and impersonate them but I keep getting an error after the method call.
> > Error Code: 1314; "A required privilege is not held by the client";
> however,
> > I have assigned the required SE_TCB_NAME (i.e. "Act as part of the OS")
> > privilege to the calling client but it keeps complaining.
> > If you have successfully used LogonUser() in any language and/or
platform
> > please tell me how you did it.
> > Any pointers/help would greatly be appreciated!
> >
> > Thank you very much!!!!!!
> >
> >
> >
> > Here is the snipped of code in C++ and C# (VS 7.0)
> >
> > [C++]
> >
> > HANDLE token;
> >
> > LogonUser("bobs", "LAPTOP", "bobs", LOGON32_LOGON_NETWORK,
> > LOGON32_PROVIDER_DEFAULT, &token);
> >
> > DWORD error = GetLastError();
> >
> >
> >
> >
>
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> > ++++++++++++++
> >
> >
> > [C#]
> >
> > [assembly:SecurityPermissionAttribute(SecurityAction.RequestMinimum,
> > UnmanagedCode=true)]
> > public class Class1
> > {
> > [DllImport("C:\\WINNT\\System32\\advapi32.dll")]
> > public static extern bool LogonUser(String lpszUsername, String
> > lpszDomain, String lpszPassword, int dwLogonType, int dwLogonProvider,
out
> > int phToken);
> >
> > [DllImport("C:\\WINNT\\System32\\Kernel32.dll")]
> > public static extern int GetLastError();
> >
> > public static void Main(string[] args)
> > {
> > int token;
> >
> > bool isLoggedin = LogonUser("bobs", "LAPTOP", "bobs", 3, 0, out
> > token);
> > int error = GetLastError();
> > }
> > }
> >
> >
> >
> >
>
>
- Next message: Simon Pallister: "Re: Event Log Access from ASP.NET"
- Previous message: Christopher Dedels: "force ssl encryption"
- In reply to: deligentman: "Re: Win32 LogonUser()"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
