LogonUser仅适用于我的域
[英]LogonUser works only for my domain
问题描述
I need to impersonate a user using C#. 
我需要使用C#模拟用户。 I use the LogonUser Win32 API. 我使用LogonUser Win32 API。 This works fine when impersonating users from the same domain as the currently logged-in user. 当模拟与当前登录用户相同的域中的用户时,此方法可以正常工作。 However I get "false" as response when I try to impersonate users from other domains. 但是,当我尝试冒充其他域中的用户时,我会收到“false”作为响应。
What can cause this? 是什么导致这个?
2 个解决方案
解决方案1
5 2009-06-15 01:33:27
As Joel says you need trust between the domains. 正如乔尔所说,你需要在域名之间建立信任。
You also need to be carefull with respect to the security context of the process doing the delegation, and which domain the machine you are running on is in. 您还需要注意执行委派的进程的安全上下文,以及您运行的计算机所在的域。
Both the machine and the user account of the process must be trusted for delegation, by the domain that you are trying to access. 必须通过您尝试访问的域来委托进程的计算机和用户帐户进行委派。
This means that your code should be running on the domain that you are trying to access. 这意味着您的代码应该在您尝试访问的域上运行。
Hope this helps 希望这可以帮助
Shiraz 西拉
解决方案2
4 已采纳 2009-06-14 19:31:35
You should try calling GetLastError right after LogonUser fail to see if any error information is given. 您应该在LogonUser无法查看是否给出任何错误信息后立即尝试调用GetLastError。
http://msdn.microsoft.com/en-us/library/ms679360(VS.85).aspx http://msdn.microsoft.com/en-us/library/ms679360(VS.85).aspx
There may be some issue with calling GetLastError from c#. 从c#调用GetLastError可能存在一些问题。
Look here for more information on this : http://blogs.msdn.com/adam_nathan/archive/2003/04/25/56643.aspx 在这里查看更多相关信息: http : //blogs.msdn.com/adam_nathan/archive/2003/04/25/56643.aspx
Is there a trust between your two domains? 您的两个域名之间是否存在信任? If not, LogonUser will fail. 如果没有,LogonUser将失败。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.