/// <summary> /// Performs a user logon and creates a logon token for that user. /// </summary> /// <param name="domain"> The domain (null or an empty string to use the local machine). </param> /// <param name="user"> The user name (null or an empty string to use the current user name). </param> /// <param name="password"> The optional password (null or empty string if not used). </param> /// <param name="token"> The created logon token. </param> /// <remarks> /// <para> /// Before being used for the logon, <paramref name="domain" /> and <paramref name="user" /> are processed by /// <see cref="ResolveDomain" /> and <see cref="ResolveUser" /> respectively. /// </para> /// </remarks> /// <exception cref="Win32Exception"> The current user does not have sufficient permissions or the logon failed. </exception> public static void CreateLogonToken(string domain, string user, string password, out IntPtr token) { domain ??= string.Empty; user ??= string.Empty; password = string.IsNullOrEmpty(password) ? null : password; domain = WindowsUser.ResolveDomain(domain); user = WindowsUser.ResolveUser(user); token = IntPtr.Zero; bool returnValue = WindowsUser.LogonUser(user, domain, password, WindowsUser.Logon32LogonInteractive, WindowsUser.Logon32ProviderDefault, ref token); if ((!returnValue) || (token == IntPtr.Zero)) { int errorCode = WindowsApi.GetLastErrorCode(); string errorMessage = WindowsApi.GetErrorMessage(errorCode); throw new Win32Exception(errorCode, errorMessage); } }