public static void CreateNewSession() { var kli = new KERB_INTERACTIVE_LOGON { MessageType = KERB_LOGON_SUBMIT_TYPE.KerbInteractiveLogon, UserName = "", Password = "" }; IntPtr pluid; IntPtr lsaHan; uint authPackID; IntPtr kerbLogInfo; var logonProc = new LSA_STRING { Buffer = Marshal.StringToHGlobalAuto("InstaLogon"), Length = (ushort)Marshal.SizeOf(Marshal.StringToHGlobalAuto("InstaLogon")), MaximumLength = (ushort)Marshal.SizeOf(Marshal.StringToHGlobalAuto("InstaLogon")) }; var originName = new LSA_STRING { Buffer = Marshal.StringToHGlobalAuto("InstaLogon"), Length = (ushort)Marshal.SizeOf(Marshal.StringToHGlobalAuto("InstaLogon")), MaximumLength = (ushort)Marshal.SizeOf(Marshal.StringToHGlobalAuto("InstaLogon")) }; var authPackage = new LSA_STRING { Buffer = Marshal.StringToHGlobalAuto("MICROSOFT_KERBEROS_NAME_A"), Length = (ushort)Marshal.SizeOf(Marshal.StringToHGlobalAuto("MICROSOFT_KERBEROS_NAME_A")), MaximumLength = (ushort)Marshal.SizeOf(Marshal.StringToHGlobalAuto("MICROSOFT_KERBEROS_NAME_A")) }; var hLogonProc = Marshal.AllocHGlobal(Marshal.SizeOf(logonProc)); Marshal.StructureToPtr(logonProc, hLogonProc, false); ADVAPI32.AllocateLocallyUniqueId(out pluid); LsaConnectUntrusted(out lsaHan); //SECUR32.LsaRegisterLogonProcess(hLogonProc, out lsaHan, out secMode); LsaLookupAuthenticationPackage(lsaHan, ref authPackage, out authPackID); kerbLogInfo = Marshal.AllocHGlobal(Marshal.SizeOf(kli)); Marshal.StructureToPtr(kli, kerbLogInfo, false); var ts = new TOKEN_SOURCE("Insta"); IntPtr profBuf; uint profBufLen; long logonID; IntPtr logonToken; QUOTA_LIMITS quotas; WinStatusCodes subStatus; LsaLogonUser(lsaHan, ref originName, SecurityLogonType.Interactive, authPackID, kerbLogInfo, (uint)Marshal.SizeOf(kerbLogInfo), IntPtr.Zero, ref ts, out profBuf, out profBufLen, out logonID, out logonToken, out quotas, out subStatus); }
public void LsaLogonUserTest() { const string user = "******", domain = "contoso", pwd = "password"; Assert.That(LsaLookupAuthenticationPackage(hLsaConn, MICROSOFT_KERBEROS_NAME, out var pkg), Is.EqualTo((NTStatus)0)); var kerb = new KERB_INTERACTIVE_LOGON { MessageType = KERB_LOGON_SUBMIT_TYPE.KerbInteractiveLogon, LogonDomainName = new LSA_UNICODE_STRING(domain), UserName = new LSA_UNICODE_STRING(user), Password = new LSA_UNICODE_STRING(pwd) }; var mem = SafeHGlobalHandle.CreateFromStructure(kerb); AllocateLocallyUniqueId(out var srcLuid); var source = new TOKEN_SOURCE { SourceName = "foobar12".ToCharArray(), SourceIdentifier = srcLuid }; Assert.That(LsaLogonUser(hLsaConn, "TestApp", SECURITY_LOGON_TYPE.Interactive, pkg, (IntPtr)mem, (uint)mem.Size, IntPtr.Zero, source, out var profBuf, out var profBufLen, out var logonId, out var hToken, out var quotas, out var subStat), Is.EqualTo((NTStatus)0)); }
public void LsaLogonUser_Success() { var connectStatus = LsaConnectUntrusted(out var lsaHande); var lsaString = new LSA_STRING("Kerberos"); var lsaStatus = LsaLookupAuthenticationPackage(lsaHande, ref lsaString, out var authenticationPackage); AllocateLocallyUniqueId(out var srcLuid); var tokenSource = new TOKEN_SOURCE { SourceName = "foobar12".ToCharArray(), SourceIdentifier = srcLuid }; var lsaOriginName = new LSA_STRING("Kerberos"); var kerb = new KERB_INTERACTIVE_LOGON() { MessageType = KERB_LOGON_SUBMIT_TYPE.KerbInteractiveLogon, LogonDomainName = new UNICODE_STRING("eu"), UserName = new UNICODE_STRING("martijn"), Password = new UNICODE_STRING("Unisys!1") }; IntPtr info = (IntPtr)1024;// Marshal.SizeOf(kerb); Marshal.StructureToPtr(kerb, info, false); PTOKEN_GROUPS groups = new PTOKEN_GROUPS() { GroupCount = 0 }; IntPtr profileBuffer = IntPtr.Zero; UInt32 profileBufferLength = 0; Int64 logonId; IntPtr token = IntPtr.Zero; UInt32 subStatus; QUOTA_LIMITS quotas; var logon = LsaLogonUser(lsaHande, ref lsaOriginName, SECURITY_LOGON_TYPE.Interactive, authenticationPackage, info, 1024, groups, ref tokenSource, out profileBuffer, out profileBufferLength, out logonId, out token, out quotas, out subStatus); }