Programmatic verification of password

From: Dave Williams (davewilliams29_at_yahoo.com)
Date: 07/06/05


Date: Wed, 6 Jul 2005 11:29:47 +0100

Hi all, this is a coding question, but I couldn't find a suitable developer
group so I guess they're all here - if there's somewhere better I can post,
please tell me.

I have a service that's running as a user that's a member of domain admins
group, which needs to veryify an account password - actually the password of
the account currently running the service, to see if someone has changed it
since the service started.

I've had a go at using LogonUser but it refuses as it says it requires a
right I don't have. I'm suspecting this is the 'act as a part of the
operating system' right, which indeed my user doesn't have. When I grant it
that right, it's then able to use LogonUser to tell if the stored password
is still correct.

However, since I don't want to log on as the user, only verify the password,
having the 'act as a part of the operating system' right seems quite
heavyweight. Is there any other way I can achieve my goal?

Thanks for any suggestions,
Dave



Relevant Pages

  • Re: Programmatic verification of password
    ... LogonUser() with LOGON_NETWORK? ... which needs to veryify an account password - actually the password ... I'm suspecting this is the 'act as a part of the ... > operating system' right, which indeed my user doesn't have. ...
    (microsoft.public.win32.programmer.kernel)
  • Re: Programmatic verification of password
    ... I'm suspecting this is the 'act as a part of the ... > operating system' right, which indeed my user doesn't have. ... it's then able to use LogonUser to tell if the stored password ...
    (microsoft.public.win32.programmer.kernel)
  • Programmatic verification of password
    ... find a suitable developer group - if there's somewhere better I can post, ... I'm suspecting this is the 'act as a part of the ... operating system' right, which indeed my user doesn't have. ... it's then able to use LogonUser to tell if the stored password ...
    (microsoft.public.win32.programmer.kernel)
  • Unable to assign SeTcbPrivilege (SE_TCB_NAME)!?!?
    ... it seems the process token making the call to LogonUser ... "Act as part of the operating system" aka SeTcbPrivilege aka SE_TCB_NAME... ... I see that my process token still does not have the desired privilege ...
    (microsoft.public.security)
  • Unable to assign SeTcbPrivilege (SE_TCB_NAME)!?!?
    ... it seems the process token making the call to LogonUser ... "Act as part of the operating system" aka SeTcbPrivilege aka SE_TCB_NAME... ... I see that my process token still does not have the desired privilege ...
    (microsoft.public.win2000.security)