internal static extern bool LogonUser( char[] username, char[]?domain, char[] password, LogOnType logonType, LogOnProviderType logonProvider, out AccessControlToken token);
/// <summary> /// C# Wrapper for Win32 LogonUser call. Can be used to impersonate a local or remote user. This is safe to call /// </summary> /// <param name="user">username to authenticate with</param> /// <param name="domain">domain to authenticate with</param> /// <param name="password">plaintext password to authenticate with</param> /// <param name="logOnType">Win32 Logon Type to use</param> /// <param name="logOnProvider">Win32 Logon Provider to use</param> /// <returns>LogonToken wrapped in a SafeHandle</returns> public static AccessControlToken LogonUser( string user, string?domain, string password, LogOnType logOnType, LogOnProviderType logOnProvider) { user = Arguments.EnsureNotNullOrWhitespace(user, nameof(user)); password = Arguments.EnsureNotNullOrWhitespace(password, nameof(password)); if (!NativeMethods.LogonUser(user.ToCharArray(), domain?.ToCharArray(), password.ToCharArray(), logOnType, logOnProvider, out var token)) { var errorInfo = Marshal.GetLastWin32Error(); if (token != null) { if (token.IsInvalid) { token.Dispose(); } } throw new Win32Exception(errorInfo, "Logon User failed"); } return(token); }
private WindowsIdentity CreateWindowsIdentity(string username, string domain, string password, SecurityLogOnType logonType, LogOnProviderType logonProviderType, SecurityImpersonationLevel impersonationLevel) { // initialize tokens var existingTokenHandle = IntPtr.Zero; var duplicateTokenHandle = IntPtr.Zero; if (!NativeMethods.LogonUser( username, domain, password, (int)logonType, (int)logonProviderType, out existingTokenHandle)) { throw Marshal.GetExceptionForHR(Marshal.GetHRForLastWin32Error()); } if (!NativeMethods.DuplicateToken(existingTokenHandle, (int)impersonationLevel, out duplicateTokenHandle)) { NativeMethods.CloseHandle(existingTokenHandle); throw Marshal.GetExceptionForHR(Marshal.GetHRForLastWin32Error()); } // create new identity using new primary token return(new WindowsIdentity(duplicateTokenHandle)); }
private WindowsIdentity CreateWindowsIdentity(string username, string domain, string password, SecurityLogOnType logonType, LogOnProviderType logonProviderType, SecurityImpersonationLevel impersonationLevel) { // initialize tokens var existingTokenHandle = IntPtr.Zero; var duplicateTokenHandle = IntPtr.Zero; if (!NativeMethods.LogonUser( username, domain, password, (int)logonType, (int)logonProviderType, out existingTokenHandle)) { throw Marshal.GetExceptionForHR(Marshal.GetHRForLastWin32Error()); } if (!NativeMethods.DuplicateToken(existingTokenHandle, (int)impersonationLevel, out duplicateTokenHandle)) { NativeMethods.CloseHandle(existingTokenHandle); throw Marshal.GetExceptionForHR(Marshal.GetHRForLastWin32Error()); } // create new identity using new primary token return new WindowsIdentity(duplicateTokenHandle); }
public NewIdentityHandle(string userName, string domain, string password, SecurityLogOnType logOnType, LogOnProviderType logOnProvider, SecurityImpersonationLevel impersonationLevel) { if (!NativeMethods.LogonUser( userName, domain, password, (int)logOnType, (int)logOnProvider, out var logonHandle)) { throw Marshal.GetExceptionForHR(Marshal.GetHRForLastWin32Error()); } #if NETSTANDARD Handle = logonHandle; #else // adapted from: // https://www.codeproject.com/csharp/cpimpersonation1.asp if (!NativeMethods.DuplicateToken(logonHandle, (int)impersonationLevel, out _handle)) { NativeMethods.CloseHandle(logonHandle); throw Marshal.GetExceptionForHR(Marshal.GetHRForLastWin32Error()); } NativeMethods.CloseHandle(logonHandle); // create new identity using new primary token) Handle = new WindowsIdentity(_handle); #endif }