/// <summary>
/// Logs in, getting a windows identity representing the account you want
/// to impersonate if successful.
/// </summary>
/// <param name="userName">The user to login as.</param>
/// <param name="domainName">The domain of the user.</param>
/// <param name="password">The user's password.</param>
/// <returns>True, if login was successful.</returns>
public bool Login(string userName, string domainName, string password)
{
if (CurrentIdentity != null)
{
CurrentIdentity.Dispose();
CurrentIdentity = null;
}
try
{
Logout();
bool loggedOn = AdvApi32.LogonUser(userName, domainName, password, LogonType, LogonProvider, ref _accessToken);
if (loggedOn)
{
CurrentIdentity = new WindowsIdentity(_accessToken);
return(true);
}
Logout();
return(false);
}
catch
{
// could handle exceptions more gracefully.
throw;
}
}
public int LogonServiceAccount(ISecurityPrincipal o, string password)
{
var domain = this.discoveryServices.GetDomainNameNetBios(o.Sid);
if (AdvApi32.LogonUser(o.SamAccountName, domain, password, AdvApi32.LogonUserType.LOGON32_LOGON_SERVICE, AdvApi32.LogonUserProvider.LOGON32_PROVIDER_DEFAULT, out AdvApi32.SafeHTOKEN token))
{
return(0);
}
int result = Marshal.GetLastWin32Error();
Exception ex = new Win32Exception(result);
this.logger.LogError(EventIDs.UIGenericError, ex, "Unable to validate credentials");
return(result);
}