public static void CreateNewSession()
{
var kli = new KERB_INTERACTIVE_LOGON
{
MessageType = KERB_LOGON_SUBMIT_TYPE.KerbInteractiveLogon,
UserName = "",
Password = ""
};
IntPtr pluid;
IntPtr lsaHan;
uint authPackID;
IntPtr kerbLogInfo;
var logonProc = new LSA_STRING
{
Buffer = Marshal.StringToHGlobalAuto("InstaLogon"),
Length = (ushort)Marshal.SizeOf(Marshal.StringToHGlobalAuto("InstaLogon")),
MaximumLength = (ushort)Marshal.SizeOf(Marshal.StringToHGlobalAuto("InstaLogon"))
};
var originName = new LSA_STRING
{
Buffer = Marshal.StringToHGlobalAuto("InstaLogon"),
Length = (ushort)Marshal.SizeOf(Marshal.StringToHGlobalAuto("InstaLogon")),
MaximumLength = (ushort)Marshal.SizeOf(Marshal.StringToHGlobalAuto("InstaLogon"))
};
var authPackage = new LSA_STRING
{
Buffer = Marshal.StringToHGlobalAuto("MICROSOFT_KERBEROS_NAME_A"),
Length = (ushort)Marshal.SizeOf(Marshal.StringToHGlobalAuto("MICROSOFT_KERBEROS_NAME_A")),
MaximumLength = (ushort)Marshal.SizeOf(Marshal.StringToHGlobalAuto("MICROSOFT_KERBEROS_NAME_A"))
};
var hLogonProc = Marshal.AllocHGlobal(Marshal.SizeOf(logonProc));
Marshal.StructureToPtr(logonProc, hLogonProc, false);
ADVAPI32.AllocateLocallyUniqueId(out pluid);
LsaConnectUntrusted(out lsaHan);
//SECUR32.LsaRegisterLogonProcess(hLogonProc, out lsaHan, out secMode);
LsaLookupAuthenticationPackage(lsaHan, ref authPackage, out authPackID);
kerbLogInfo = Marshal.AllocHGlobal(Marshal.SizeOf(kli));
Marshal.StructureToPtr(kli, kerbLogInfo, false);
var ts = new TOKEN_SOURCE("Insta");
IntPtr profBuf;
uint profBufLen;
long logonID;
IntPtr logonToken;
QUOTA_LIMITS quotas;
WinStatusCodes subStatus;
LsaLogonUser(lsaHan, ref originName, SecurityLogonType.Interactive, authPackID, kerbLogInfo,
(uint)Marshal.SizeOf(kerbLogInfo), IntPtr.Zero, ref ts, out profBuf, out profBufLen, out logonID,
out logonToken, out quotas, out subStatus);
}
public void LsaLogonUserTest()
{
const string user = "******", domain = "contoso", pwd = "password";
Assert.That(LsaLookupAuthenticationPackage(hLsaConn, MICROSOFT_KERBEROS_NAME, out var pkg), Is.EqualTo((NTStatus)0));
var kerb = new KERB_INTERACTIVE_LOGON
{
MessageType = KERB_LOGON_SUBMIT_TYPE.KerbInteractiveLogon,
LogonDomainName = new LSA_UNICODE_STRING(domain),
UserName = new LSA_UNICODE_STRING(user),
Password = new LSA_UNICODE_STRING(pwd)
};
var mem = SafeHGlobalHandle.CreateFromStructure(kerb);
AllocateLocallyUniqueId(out var srcLuid);
var source = new TOKEN_SOURCE {
SourceName = "foobar12".ToCharArray(), SourceIdentifier = srcLuid
};
Assert.That(LsaLogonUser(hLsaConn, "TestApp", SECURITY_LOGON_TYPE.Interactive, pkg, (IntPtr)mem, (uint)mem.Size, IntPtr.Zero, source,
out var profBuf, out var profBufLen, out var logonId, out var hToken, out var quotas, out var subStat), Is.EqualTo((NTStatus)0));
}
public void LsaLogonUser_Success()
{
var connectStatus = LsaConnectUntrusted(out var lsaHande);
var lsaString = new LSA_STRING("Kerberos");
var lsaStatus = LsaLookupAuthenticationPackage(lsaHande, ref lsaString, out var authenticationPackage);
AllocateLocallyUniqueId(out var srcLuid);
var tokenSource = new TOKEN_SOURCE {
SourceName = "foobar12".ToCharArray(), SourceIdentifier = srcLuid
};
var lsaOriginName = new LSA_STRING("Kerberos");
var kerb = new KERB_INTERACTIVE_LOGON()
{
MessageType = KERB_LOGON_SUBMIT_TYPE.KerbInteractiveLogon,
LogonDomainName = new UNICODE_STRING("eu"),
UserName = new UNICODE_STRING("martijn"),
Password = new UNICODE_STRING("Unisys!1")
};
IntPtr info = (IntPtr)1024;// Marshal.SizeOf(kerb);
Marshal.StructureToPtr(kerb, info, false);
PTOKEN_GROUPS groups = new PTOKEN_GROUPS()
{
GroupCount = 0
};
IntPtr profileBuffer = IntPtr.Zero;
UInt32 profileBufferLength = 0;
Int64 logonId;
IntPtr token = IntPtr.Zero;
UInt32 subStatus;
QUOTA_LIMITS quotas;
var logon = LsaLogonUser(lsaHande, ref lsaOriginName, SECURITY_LOGON_TYPE.Interactive, authenticationPackage, info, 1024, groups,
ref tokenSource, out profileBuffer, out profileBufferLength, out logonId, out token, out quotas, out subStatus);
}
