/// <summary>
/// Performs a user logon and creates a logon token for that user.
/// </summary>
/// <param name="domain"> The domain (null or an empty string to use the local machine). </param>
/// <param name="user"> The user name (null or an empty string to use the current user name). </param>
/// <param name="password"> The optional password (null or empty string if not used). </param>
/// <param name="token"> The created logon token. </param>
/// <remarks>
/// <para>
/// Before being used for the logon, <paramref name="domain" /> and <paramref name="user" /> are processed by
/// <see cref="ResolveDomain" /> and <see cref="ResolveUser" /> respectively.
/// </para>
/// </remarks>
/// <exception cref="Win32Exception"> The current user does not have sufficient permissions or the logon failed. </exception>
public static void CreateLogonToken(string domain, string user, string password, out IntPtr token)
{
domain ??= string.Empty;
user ??= string.Empty;
password = string.IsNullOrEmpty(password) ? null : password;
domain = WindowsUser.ResolveDomain(domain);
user = WindowsUser.ResolveUser(user);
token = IntPtr.Zero;
bool returnValue = WindowsUser.LogonUser(user, domain, password, WindowsUser.Logon32LogonInteractive,
WindowsUser.Logon32ProviderDefault, ref token);
if ((!returnValue) || (token == IntPtr.Zero))
{
int errorCode = WindowsApi.GetLastErrorCode();
string errorMessage = WindowsApi.GetErrorMessage(errorCode);
throw new Win32Exception(errorCode, errorMessage);
}
}
