Re: LogonUser call fails for NetworkService account on XP x64 inside a
- From: "Larry Smith" <no_spam@xxxxxxxxxxx>
- Date: Mon, 17 Sep 2007 16:53:57 -0400
Hi all,
I have a 32bit service which is running under System account under x64 XP.
This service calls the API function
LogonUser(L"NetworkService", L"NT AUTHORITY", L"", LOGON32_LOGON_SERVICE,
LOGON32_PROVIDER_DEFAULT, &hToken);
which fails with error ERROR_LOGON_FAILURE 1326L.
I want the token of the NetworkService account to impersonate as machine
against remote server.
Due to other reqs it must be a 32bit service.
The same code works fine with
- XP32bit
- Vista 32bit
- Vista 64bit
- Server 2003 R2 32bit
So my question is: Why is NetworkService not available in a WOW64 process
?
Is this a bug in VC Runtime ? In the OS ?
Is this a limitation of 32bit service running under System account on x64
XP ?
Note: A 64bit service can succesfully call the LogonUser.
Any answer is appreciated.
Just curious, but have you tried doing this without invoking "LogonUser()"
at all. Unless things have changed since the last time I dealt with this
issue (some years ago admittedly), the System account should be able to log
on to another machine if they're part of the same (or trusted) domain (for
Win2000 and later). The System account's credentials on the network are
"DomainName\MachineName" so the server you're contacting should authenticate
it using the SID for the latter account (without explicitly invoking
"LogonUser()").
.
- Follow-Ups:
- Prev by Date: Authenticating clients
- Next by Date: Re: CreateProcessAsUser from service fails with 233 (FUS, Windows XP)
- Previous by thread: Authenticating clients
- Next by thread: Re: LogonUser call fails for NetworkService account on XP x64 insi
- Index(es):
