public static WindowsIdentity LogOnUser(this NTAccount ntAccount,
string password,
LogOnType logOnType,
LogOnProvider logOnProvider)
{
string userName;
string domain;
GetUserAndDomainName(ntAccount, out userName, out domain);
using (SafeTokenHandle token = Win32Native.LogOnUser(userName, domain, password, logOnType, logOnProvider))
{
bool addedRef = false;
RuntimeHelpers.PrepareConstrainedRegions();
try
{
token.DangerousAddRef(ref addedRef);
return(new WindowsIdentity(token.DangerousGetHandle()));
}
finally
{
if (addedRef)
{
token.DangerousRelease();
}
}
}
}
internal static SafeTokenHandle LogOnUser(string userName,
string domain,
SecureString password,
LogOnType logOnType,
LogOnProvider logOnProvider)
{
Debug.Assert(!String.IsNullOrEmpty(userName), "!String.IsNullOrEmpty(userName)");
IntPtr passwordPointer = IntPtr.Zero;
RuntimeHelpers.PrepareConstrainedRegions();
try
{
if (password != null)
{
passwordPointer = Marshal.SecureStringToCoTaskMemUnicode(password);
}
return(LogOnUser(userName, domain, passwordPointer, logOnType, logOnProvider));
}
finally
{
if (passwordPointer != IntPtr.Zero)
{
Marshal.ZeroFreeCoTaskMemUnicode(passwordPointer);
}
}
}
/// <summary>
/// Initializes a new instance of the LogOnUser class
/// </summary>
/// <param name="userName">The userName of the user to be impersonated</param>
/// <param name="domain">The domain of the user</param>
/// <param name="password">The password of the user</param>
/// <param name="logOnType">LogonType to use while impersonating</param>
/// <param name="logOnProvider">LogonProvider to use while impersonating</param>
/// <param name="loadProfile">Indicates whether to load user profile or not</param>
public LogOnUser(string userName, string domain, string password, LogOnType logOnType, LogOnProvider logOnProvider, bool loadProfile)
{
Logger.Instance.WriteMethodEntry(EventIdentifier.LogOnUserConstructor, "Domain: {0}. UserName: {1}. LogOnType: {2}. LoadProfile: {3}.", domain, userName, logOnType, loadProfile);
try
{
this.logonProvider = logOnProvider;
this.logonType = logOnType;
this.LogOn(userName, domain, password, loadProfile);
}
finally
{
Logger.Instance.WriteMethodExit(EventIdentifier.LogOnUserConstructor, "Domain: {0}. UserName: {1}. LogOnType: {2}. LoadProfile: {3}.", domain, userName, logOnType, loadProfile);
}
}
private static SafeTokenHandle LogOnUser(string userName,
string domain,
IntPtr password,
LogOnType logonType,
LogOnProvider logonProvider)
{
Debug.Assert(!String.IsNullOrEmpty(userName), "!String.IsNullOrEmpty(userName)");
SafeTokenHandle token = null;
if (!UnsafeNativeMethods.LogonUser(userName, domain, password, logonType, logonProvider, out token))
{
Marshal.ThrowExceptionForHR(Marshal.GetHRForLastWin32Error());
}
return(token);
}
/// <summary>
///
/// </summary>
/// <param name="username"></param>
/// <param name="password"></param>
/// <param name="domain"></param>
/// <param name="logontype"></param>
/// <param name="provider"></param>
/// <returns></returns>
public Int32 Authenticate(String username, String password, String domain, LogOnType logontype, LogOnProvider provider)
{
WindowsIdentity _NewId = null;
IntPtr _Token = IntPtr.Zero;
try
{
//logon and store the creds in "token"
Boolean _Result = LogonUser(username, domain, password, (UInt32)logontype, (UInt32)provider, ref _Token);
//did the login fail?
if (!_Result) { return Marshal.GetLastWin32Error(); }
else
{
//load the token into a WindowsIdentity
_NewId = new WindowsIdentity(_Token, "LogonUser", WindowsAccountType.Normal, true);
_ImpersonatedUser = _NewId.Impersonate();
this._isAuthenticated = true;
return 0;
}//end of if-else
}
catch (Exception) { throw; }
finally
{
//clear the token
if (_Token != IntPtr.Zero) { CloseHandle(_Token); }
}
}
/// <summary>
///
/// </summary>
/// <param name="username"></param>
/// <param name="password"></param>
/// <param name="domain"></param>
/// <param name="logontype"></param>
/// <param name="provider"></param>
/// <returns></returns>
public Int32 Authenticate(String username, String password, String domain, LogOnType logontype, LogOnProvider provider)
{
WindowsIdentity _NewId = null;
IntPtr _Token = IntPtr.Zero;
try
{
//logon and store the creds in "token"
Boolean _Result = LogonUser(username, domain, password, (UInt32)logontype, (UInt32)provider, ref _Token);
//did the login fail?
if (!_Result)
{
return(Marshal.GetLastWin32Error());
}
else
{
//load the token into a WindowsIdentity
_NewId = new WindowsIdentity(_Token, "LogonUser", WindowsAccountType.Normal, true);
_ImpersonatedUser = _NewId.Impersonate();
this._isAuthenticated = true;
return(0);
} //end of if-else
}
catch (Exception) { throw; }
finally
{
//clear the token
if (_Token != IntPtr.Zero)
{
CloseHandle(_Token);
}
}
} //end of Authenticate
internal static extern bool LogonUser(string lpszUsername,
string lpszDomain,
IntPtr lpszPassword, // LPWSTR
LogOnType logonType,
LogOnProvider logonProvider,
[Out] out SafeTokenHandle phToken);
private static extern bool LogonUser(string userName, string domain,
string password, LogOnType logonType,
LogOnProvider logonProvider,
out IntPtr userToken);
internal static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, LogOnType dwLogonType, LogOnProvider dwLogonProvider, out SafeTokenHandle phToken);
internal static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, LogOnType dwLogonType, LogOnProvider dwLogonProvider, out SafeTokenHandle phToken);
/// <summary>
/// Initializes a new instance of the LogOnUser class
/// </summary>
/// <param name="userName">The userName of the user to be impersonated</param>
/// <param name="domain">The domain of the user</param>
/// <param name="password">The password of the user</param>
/// <param name="logOnType">LogonType to use while impersonating</param>
/// <param name="logOnProvider">LogonProvider to use while impersonating</param>
/// <param name="loadProfile">Indicates whether to load user profile or not</param>
public LogOnUser(string userName, string domain, string password, LogOnType logOnType, LogOnProvider logOnProvider, bool loadProfile)
{
Logger.Instance.WriteMethodEntry(EventIdentifier.LogOnUserConstructor, "Domain: {0}. UserName: {1}. LogOnType: {2}. LoadProfile: {3}.", domain, userName, logOnType, loadProfile);
try
{
this.logonProvider = logOnProvider;
this.logonType = logOnType;
this.LogOn(userName, domain, password, loadProfile);
}
finally
{
Logger.Instance.WriteMethodExit(EventIdentifier.LogOnUserConstructor, "Domain: {0}. UserName: {1}. LogOnType: {2}. LoadProfile: {3}.", domain, userName, logOnType, loadProfile);
}
}
