/// <summary> /// Logon a user with a username and password. /// </summary> /// <param name="user">The username.</param> /// <param name="domain">The user's domain.</param> /// <param name="password">The user's password.</param> /// <param name="type">The type of logon token.</param> /// <param name="groups">Additional groups to add. Needs SeTcbPrivilege.</param> /// <returns>The logged on token.</returns> public static NtToken Logon(string user, string domain, string password, SecurityLogonType type, IEnumerable <UserGroup> groups) { TokenGroupsBuilder builder = new TokenGroupsBuilder(); foreach (var group in groups) { builder.AddGroup(group.Sid, group.Attributes); } using (var group_buffer = builder.ToBuffer()) { if (!Win32NativeMethods.LogonUserExExW(user, domain, password, type, 0, group_buffer, out SafeKernelObjectHandle token, null, null, null, null)) { throw new SafeWin32Exception(); } return(new NtToken(token)); } }