LogonUser failed with error code : 1314 [After explicitly giving TCB Privilage also]
From: Pradeep Kumar C (pkumar_at_cordiant.com)
Date: 07/27/04
- Next message: DM: "assembly verification"
- Previous message: EP: "Re: final word on exportable algorithms"
- Next in thread: Dmitrii Zakharov [MSFT]: "RE: LogonUser failed with error code : 1314 [After explicitly giving T"
- Reply: Dmitrii Zakharov [MSFT]: "RE: LogonUser failed with error code : 1314 [After explicitly giving T"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 27 Jul 2004 20:03:18 +0530
Hi,
Im trying to programmatically authenticate a user against NT under windows
2000. I use the LogonUser API[advapi32.dll]. Realizing that the call needs TCB privilege
I had set the 'Act as part of the operating system' and added the below code also
ManagementObject mo = new ManagementObject(new ManagementPath( ));
mo.Scope.Options.EnablePrivileges = true;
Still its giving the problem as given below.
LogonUser failed with error code: 1314
ps: it works on my machine (windows xp pro)
Any feedback greatly appreciated.
I know this issue is posted lots of time here and I tried allmost all the synarios and still its not working.
Below given is the full code which i written in C#
using System;
using System.Security.Principal;
using System.Configuration;
using System.Runtime.InteropServices;
using System.Text;
using System.Collections;
using System.Management;
namespace Research
{
public enum LogonType : int
{
LOGON32_LOGON_INTERACTIVE = 2,
LOGON32_LOGON_NETWORK = 3,
LOGON32_LOGON_BATCH = 4,
LOGON32_LOGON_SERVICE = 5,
LOGON32_LOGON_UNLOCK = 7,
LOGON32_LOGON_NETWORK_CLEARTEXT = 8, // Only for Win2K or higher
LOGON32_LOGON_NEW_CREDENTIALS = 9 // Only for Win2K or higher
};
public enum LogonProvider : int
{
LOGON32_PROVIDER_DEFAULT = 0,
LOGON32_PROVIDER_WINNT35 = 1,
LOGON32_PROVIDER_WINNT40 = 2,
LOGON32_PROVIDER_WINNT50 = 3
}
;
/// <summary>
/// Summary description for WinImpersonization.
/// </summary>
public class WinImpersonization
{
public WinImpersonization()
{
//
// TODO: Add constructor logic here
//
}
private static string user;
private static string domain;
private static string password;
static WinImpersonization()
{
string impersonateUser = ConfigurationSettings.AppSettings["impersonateUser"] ;
if (impersonateUser != null)
{
string[] details = impersonateUser.Split(',');
user = details[0];
domain = details[1];
password = details[2];
}
}
public static WindowsIdentity GetIdentity()
{
ManagementObject mo = new ManagementObject(new ManagementPath( ));
mo.Scope.Options.EnablePrivileges = true;
IntPtr tokenHandle = IntPtr.Zero;
// Call LogonUser to obtain a handle to an access token.
bool returnValue = LogonUser(user,domain,password,(int)LogonType.LOGON32_LOGON_INTERACTIVE ,(int)LogonProvider.LOGON32_PROVIDER_DEFAULT,ref tokenHandle);
if (false == returnValue)
{
int ret = Marshal.GetLastWin32Error();
throw new Exception("LogonUser failed with error code: " + ret);
}
System.Diagnostics.Debug.WriteLine("Created user token: " + tokenHandle);
//The WindowsIdentity class makes a new copy of the token.
//It also handles calling CloseHandle for the copy.
WindowsIdentity id = new WindowsIdentity(tokenHandle);
CloseHandle(tokenHandle);
return id;
}
[DllImport("advapi32.dll", SetLastError=true)]
private static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword,
int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
[DllImport("kernel32.dll", CharSet=CharSet.Auto)]
private extern static bool CloseHandle(IntPtr handle);
}
}
Thanks and Regards,
Pradeep kumar C
- Next message: DM: "assembly verification"
- Previous message: EP: "Re: final word on exportable algorithms"
- Next in thread: Dmitrii Zakharov [MSFT]: "RE: LogonUser failed with error code : 1314 [After explicitly giving T"
- Reply: Dmitrii Zakharov [MSFT]: "RE: LogonUser failed with error code : 1314 [After explicitly giving T"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
