Re: Authenticating against network server using non-domain account

Hello Joe,

if you use


in LogonUser - the credentials will only get verified if you use a network resource -

this is the same as runas /netonly

this could do what you want.

Dominick Baier - DevelopMentor

Have you tried logging in with an account local to the server that has
the same username and password as the user on the remote machine and
impersonating that instead?  My understanding is that this "trick"
will work with NTLM in a situation where you can't use domain

Joe K.

"Martin Robins" <martin dot robins at technicaldirect dot co dot uk>
wrote in message news:eysELimAGHA.3184@xxxxxxxxxxxxxxxxxxxxxxx
IntPtr tokenHandle = new IntPtr(0), duplicateTokenHandle = new
bool result = advapi32.LogonUser(userName, domain, password,
advapi32.LogonType.Interactive, advapi32.LogonProvider.Default, ref

LogonType.Interactive = 2, LogonProvider.Default = 0

Sorry; error code is 1326 - "Logon failure: unknown user name or bad
password" even though the details are correct (I created the account

"Willy Denoyette [MVP]" <willy.denoyette@xxxxxxxxxx> wrote in
message news:OxcgIbmAGHA.4004@xxxxxxxxxxxxxxxxxxxxxxx
Not accepted is a little vague isn't it? What is the return code
the LogonUser call? Some code would help also.
LogonUser doesn't "log on", it retuns an access token that can be
used to access the remote server, so when you specify the credentials,
as valid on a remote server,  this server 'security system' returns a
token that can be used to access the remote server when


"Martin Robins" <martin dot robins at technicaldirect dot co dot

uk>> wrote in message news:e7dADQmAGHA.3352@xxxxxxxxxxxxxxxxxxxxxxx
I have; it is not accepted.
LogonUser will only work when specifying the local machine name
or a domain name that is valid for the local machine as you are
effectively logging a new user onto that machine (and of course a
local user on another machine would not be able to log onto the local


"Nicholas Paldino [.NET/C# MVP]"
<mvp@xxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
Have you tried using the machine name in the domain

- Nicholas Paldino [.NET/C# MVP]
- mvp@xxxxxxxxxxxxxxxxxxxxxxxxxxx
"Martin Robins" <martin dot robins at technicaldirect dot co
dot uk> wrote in message news:e9Ma45kAGHA.2788@xxxxxxxxxxxxxxxxxxxxxxx
I need to access the scheduler service on a network computer
in order to manipulate it remotely from .NET; I have all of the
necessary code to perform the manipulation and it works - great - but
I am having problems with authentication.

I have tried using LogonUser and this works fine with a
domain account, however it is not possible to use this with an account
that is defined only on the remote computer - it only works with local
or domain accounts.

Any suggestions as to how I can authenticate my connection
to the remote PC using a logon and password local to that machine?