[英]LogonUser Lib “advapi32.dll” strange on non domain cpu when local account exists?
在为 VB.NET WinForms 应用程序尝试登录表单时,它只需要允许特定组中的域用户。 在将 API LogonUser 用于 advapi32.dll 时,要么我没有得到正确的标志,要么发生了其他未知的事情。
对于兴趣,我多年来一直知道在多台计算机上使用具有相同用户名和密码的本地用户允许简单的用户管理,而无需在(即:在家)之间共享文件的完整域计算机关闭此功能-请注意您是否知道??
在域计算机上使用时,登录类型(INTERACTIVE、NETWORK、BATCH、NEW_CREDENTIALS)的参数似乎都能正常工作。
当在工作组计算机上使用时,例如:在与域位于同一网络但不在域中的工作组“WORKGROUP”中,它在我尝试的任何组合中都不起作用。 如果您使用的帐户例如:MyDomain\\User1 作为 MyComputer\\User1 存在,则无论在调用中将域指定为“MyDomain”,它都会返回 MyComputer\\User1。 这台计算机可以与域共享通信(通过登录) - 因此我希望能够登录到域,只是为了登录屏幕(如果可用)。 这根本不是出于冒充的原因,只是为了证明您是谁,无论是使用 Work Domain PC 还是 BYOD。
继承人一些代码:
Public Class WinSecurity
Private Declare Auto Function LogonUser Lib "advapi32.dll" (
ByVal lpszUsername As String,
ByVal lpszDomain As String,
ByVal lpszPassword As String,
ByVal dwLogonType As Integer,
ByVal dwLogonProvider As Integer,
ByRef phToken As IntPtr) As Boolean
Private Declare Auto Function CloseHandle Lib "kernel32.dll" (ByVal handle As IntPtr) As Boolean
Public Const LOGON32_LOGON_INTERACTIVE As Long = 2
Public Const LOGON32_LOGON_NETWORK As Long = 3
Public Const LOGON32_LOGON_BATCH As Long = 4
Public Const LOGON32_LOGON_SERVICE As Long = 5
Public Const LOGON32_LOGON_CLEARTEXT As Long = 8
Public Const LOGON32_LOGON_NEW_CREDENTIALS As Long = 9
Public Const LOGON32_PROVIDER_DEFAULT As Long = 0
Public Const LOGON32_PROVIDER_WINNT50 As Long = 3
Public Const LOGON32_PROVIDER_WINNT40 As Long = 2
Public Const LOGON32_PROVIDER_WINNT35 As Long = 1
Public Shared Function checkUserLogin(ByVal LoginCode As String, ByVal Password As String, ByVal Domain As String, Login As integer, Provider As integer) As WindowsIdentity
Dim token As IntPtr
LogonUser(LoginCode, Domain, Password, Login, Provider, token)
If (token.ToInt32 > 0) Then
Dim newId As New WindowsIdentity(token)
Track.LogDEBUG(String.Format("Attempto PASS: {0}, Auth: {1}, method: {2}, Provider: {3}", newId.Name, newId.Token, Login, Provider))
CloseHandle(token)
Else
Track.LogDEBUG(String.Format("Attempto FAIL: {0}, Auth: {1}, method: {2}, Provider: {3}", LoginCode, Domain, Login, Provider))
End If
End Function
End Class
''Calling Code
dim sDomain as string = "MyDomain"
WinSecurity.checkUserLogin(txtUserName.Text, txtPassword.Text, sDomain, WinSecurity.LOGON32_LOGON_INTERACTIVE, WinSecurity.LOGON32_PROVIDER_DEFAULT)
WinSecurity.checkUserLogin(txtUserName.Text, txtPassword.Text, sDomain, WinSecurity.LOGON32_LOGON_NETWORK, WinSecurity.LOGON32_PROVIDER_DEFAULT)
WinSecurity.checkUserLogin(txtUserName.Text, txtPassword.Text, sDomain, WinSecurity.LOGON32_LOGON_BATCH, WinSecurity.LOGON32_PROVIDER_DEFAULT)
WinSecurity.checkUserLogin(txtUserName.Text, txtPassword.Text, sDomain, WinSecurity.LOGON32_LOGON_NEW_CREDENTIALS, WinSecurity.LOGON32_PROVIDER_DEFAULT)
WinSecurity.checkUserLogin(txtUserName.Text, txtPassword.Text, sDomain, WinSecurity.LOGON32_LOGON_INTERACTIVE, WinSecurity.LOGON32_PROVIDER_DEFAULT)
注意:测试工作组计算机正在运行“Windows Server 2012 RC2”,但假设 Win10 等不在域上的结果相同。
我在工作组计算机上的结果 - 本地用户活动:
Attempto PASS: MyComputer\User1, Auth: 1088, method: 2, Provider: 0
Attempto PASS: MyComputer\User1, Auth: 1100, method: 3, Provider: 0
Attempto PASS: MyComputer\User1, Auth: 1060, method: 4, Provider: 0
Attempto PASS: MyComputer\LoggedOnUser, Auth: 1108, method: 9, Provider: 0
Attempto PASS: MyComputer\User1, Auth: 1076, method: 2, Provider: 0
工作组计算机上的结果 - 本地用户已禁用/不退出:
Attempto FAIL: User1, Auth: MyDomain, method: 2, Provider: 0
Attempto FAIL: User1, Auth: MyDomain, method: 3, Provider: 0
Attempto FAIL: User1, Auth: MyDomain, method: 4, Provider: 0
Attempto FAIL: User1, Auth: MyDomain, method: 9, Provider: 0
Attempto FAIL: User1, Auth: MyDomain, method: 2, Provider: 0
域计算机上的结果:
Attempto PASS: MyDomain\User1, Auth: 1340, method: 2, Provider: 0
Attempto PASS: MyDomain\User1, Auth: 1724, method: 3, Provider: 0
Attempto PASS: MyDomain\User1, Auth: 1736, method: 4, Provider: 0
Attempto PASS: MyDomain\User1, Auth: 1648, method: 9, Provider: 0
Attempto PASS: MyDomain\User1, Auth: 1744, method: 2, Provider: 0
显然我没有对这台计算机的信任设置,但我假设如果我可以浏览到网络共享,这样的事情应该仍然有效?
将Lib advapi32.dll中的OpenEventLog()声明为Integer还是Long?
[英]Declare OpenEventLog() in Lib advapi32.dll as Integer or Long?
WinNT://提供程序何时查询Active Directory? 或者如果是域帐户,如何获取本地组成员的SID
[英]When does WinNT:// provider query Active Directory? Or how to get SID of local group member if it is domain account
使用Pinvoke调用advapi.dll:CryptDecrypt和CryptEncrypt意外行为
[英]Calling advapi.dll using Pinvoke: CryptDecrypt and CryptEncrypt unexpected behaviour
DLL 对 NON-Local-Admin windows 用户使用模拟时,参考失败并显示“拒绝访问”
[英]DLL References fail with “Access Denied” when using Impersonation for a NON-Local-Admin windows user
如何正确使用 LogonUser 从工作组客户端模拟域用户
[英]How to use LogonUser properly to impersonate domain user from workgroup client
如何根据CPU架构使用正确的非托管DLL文件? (32/64位)
[英]How to use the correct unmanaged DLL file according CPU architecture? (32 / 64 bits)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.