RE: LogonUser failed with error code : 1314 [After explicitly giving T

• Previous message: VJ: "Re: SecurityException "Request Failed""
• In reply to: Pradeep Kumar C: "LogonUser failed with error code : 1314 [After explicitly giving TCB Privilage also]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 30 Jul 2004 17:55:01 -0700

you have to reboot machine after you assign TCB priv. to somebody, are you doing that?

"Pradeep Kumar C" wrote:

> Hi,
>
> Im trying to programmatically authenticate a user against NT under windows
> 2000. I use the LogonUser API[advapi32.dll]. Realizing that the call needs TCB privilege
> I had set the 'Act as part of the operating system' and added the below code also
> ManagementObject mo = new ManagementObject(new ManagementPath( ));
> mo.Scope.Options.EnablePrivileges = true;
>
> Still its giving the problem as given below.
>
> LogonUser failed with error code: 1314
>
> ps: it works on my machine (windows xp pro)
>
> Any feedback greatly appreciated.
>
> I know this issue is posted lots of time here and I tried allmost all the synarios and still its not working.
>
>
> Below given is the full code which i written in C#
>
> using System;
> using System.Security.Principal;
> using System.Configuration;
> using System.Runtime.InteropServices;
> using System.Text;
> using System.Collections;
> using System.Management;
>
>
> namespace Research
> {
> public enum LogonType : int
> {
> LOGON32_LOGON_INTERACTIVE = 2,
> LOGON32_LOGON_NETWORK = 3,
> LOGON32_LOGON_BATCH = 4,
> LOGON32_LOGON_SERVICE = 5,
> LOGON32_LOGON_UNLOCK = 7,
> LOGON32_LOGON_NETWORK_CLEARTEXT = 8, // Only for Win2K or higher
> LOGON32_LOGON_NEW_CREDENTIALS = 9 // Only for Win2K or higher
> };
>
> public enum LogonProvider : int
> {
> LOGON32_PROVIDER_DEFAULT = 0,
> LOGON32_PROVIDER_WINNT35 = 1,
> LOGON32_PROVIDER_WINNT40 = 2,
> LOGON32_PROVIDER_WINNT50 = 3
> }
> ;
>
> /// <summary>
> /// Summary description for WinImpersonization.
> /// </summary>
> public class WinImpersonization
> {
> public WinImpersonization()
> {
> //
> // TODO: Add constructor logic here
> //
> }
> private static string user;
> private static string domain;
> private static string password;
>
> static WinImpersonization()
> {
> string impersonateUser = ConfigurationSettings.AppSettings["impersonateUser"] ;
> if (impersonateUser != null)
> {
> string[] details = impersonateUser.Split(',');
> user = details[0];
> domain = details[1];
> password = details[2];
> }
>
> }
>
> public static WindowsIdentity GetIdentity()
> {
> ManagementObject mo = new ManagementObject(new ManagementPath( ));
> mo.Scope.Options.EnablePrivileges = true;
> IntPtr tokenHandle = IntPtr.Zero;
> // Call LogonUser to obtain a handle to an access token.
> bool returnValue = LogonUser(user,domain,password,(int)LogonType.LOGON32_LOGON_INTERACTIVE ,(int)LogonProvider.LOGON32_PROVIDER_DEFAULT,ref tokenHandle);
> if (false == returnValue)
> {
> int ret = Marshal.GetLastWin32Error();
> throw new Exception("LogonUser failed with error code: " + ret);
> }
> System.Diagnostics.Debug.WriteLine("Created user token: " + tokenHandle);
>
> //The WindowsIdentity class makes a new copy of the token.
> //It also handles calling CloseHandle for the copy.
> WindowsIdentity id = new WindowsIdentity(tokenHandle);
> CloseHandle(tokenHandle);
> return id;
>
> }
>
> [DllImport("advapi32.dll", SetLastError=true)]
> private static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword,
> int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
>
> [DllImport("kernel32.dll", CharSet=CharSet.Auto)]
> private extern static bool CloseHandle(IntPtr handle);
> }
> }
>
>
>
>
> Thanks and Regards,
> Pradeep kumar C

• Previous message: VJ: "Re: SecurityException "Request Failed""
• In reply to: Pradeep Kumar C: "LogonUser failed with error code : 1314 [After explicitly giving TCB Privilage also]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]