[英]LogonUser Lib “advapi32.dll” strange on non domain cpu when local account exists?
在為 VB.NET WinForms 應用程序嘗試登錄表單時,它只需要允許特定組中的域用戶。 在將 API LogonUser 用於 advapi32.dll 時,要么我沒有得到正確的標志,要么發生了其他未知的事情。
對於興趣,我多年來一直知道在多台計算機上使用具有相同用戶名和密碼的本地用戶允許簡單的用戶管理,而無需在(即:在家)之間共享文件的完整域計算機關閉此功能-請注意您是否知道??
在域計算機上使用時,登錄類型(INTERACTIVE、NETWORK、BATCH、NEW_CREDENTIALS)的參數似乎都能正常工作。
當在工作組計算機上使用時,例如:在與域位於同一網絡但不在域中的工作組“WORKGROUP”中,它在我嘗試的任何組合中都不起作用。 如果您使用的帳戶例如:MyDomain\\User1 作為 MyComputer\\User1 存在,則無論在調用中將域指定為“MyDomain”,它都會返回 MyComputer\\User1。 這台計算機可以與域共享通信(通過登錄) - 因此我希望能夠登錄到域,只是為了登錄屏幕(如果可用)。 這根本不是出於冒充的原因,只是為了證明您是誰,無論是使用 Work Domain PC 還是 BYOD。
繼承人一些代碼:
Public Class WinSecurity
Private Declare Auto Function LogonUser Lib "advapi32.dll" (
ByVal lpszUsername As String,
ByVal lpszDomain As String,
ByVal lpszPassword As String,
ByVal dwLogonType As Integer,
ByVal dwLogonProvider As Integer,
ByRef phToken As IntPtr) As Boolean
Private Declare Auto Function CloseHandle Lib "kernel32.dll" (ByVal handle As IntPtr) As Boolean
Public Const LOGON32_LOGON_INTERACTIVE As Long = 2
Public Const LOGON32_LOGON_NETWORK As Long = 3
Public Const LOGON32_LOGON_BATCH As Long = 4
Public Const LOGON32_LOGON_SERVICE As Long = 5
Public Const LOGON32_LOGON_CLEARTEXT As Long = 8
Public Const LOGON32_LOGON_NEW_CREDENTIALS As Long = 9
Public Const LOGON32_PROVIDER_DEFAULT As Long = 0
Public Const LOGON32_PROVIDER_WINNT50 As Long = 3
Public Const LOGON32_PROVIDER_WINNT40 As Long = 2
Public Const LOGON32_PROVIDER_WINNT35 As Long = 1
Public Shared Function checkUserLogin(ByVal LoginCode As String, ByVal Password As String, ByVal Domain As String, Login As integer, Provider As integer) As WindowsIdentity
Dim token As IntPtr
LogonUser(LoginCode, Domain, Password, Login, Provider, token)
If (token.ToInt32 > 0) Then
Dim newId As New WindowsIdentity(token)
Track.LogDEBUG(String.Format("Attempto PASS: {0}, Auth: {1}, method: {2}, Provider: {3}", newId.Name, newId.Token, Login, Provider))
CloseHandle(token)
Else
Track.LogDEBUG(String.Format("Attempto FAIL: {0}, Auth: {1}, method: {2}, Provider: {3}", LoginCode, Domain, Login, Provider))
End If
End Function
End Class
''Calling Code
dim sDomain as string = "MyDomain"
WinSecurity.checkUserLogin(txtUserName.Text, txtPassword.Text, sDomain, WinSecurity.LOGON32_LOGON_INTERACTIVE, WinSecurity.LOGON32_PROVIDER_DEFAULT)
WinSecurity.checkUserLogin(txtUserName.Text, txtPassword.Text, sDomain, WinSecurity.LOGON32_LOGON_NETWORK, WinSecurity.LOGON32_PROVIDER_DEFAULT)
WinSecurity.checkUserLogin(txtUserName.Text, txtPassword.Text, sDomain, WinSecurity.LOGON32_LOGON_BATCH, WinSecurity.LOGON32_PROVIDER_DEFAULT)
WinSecurity.checkUserLogin(txtUserName.Text, txtPassword.Text, sDomain, WinSecurity.LOGON32_LOGON_NEW_CREDENTIALS, WinSecurity.LOGON32_PROVIDER_DEFAULT)
WinSecurity.checkUserLogin(txtUserName.Text, txtPassword.Text, sDomain, WinSecurity.LOGON32_LOGON_INTERACTIVE, WinSecurity.LOGON32_PROVIDER_DEFAULT)
注意:測試工作組計算機正在運行“Windows Server 2012 RC2”,但假設 Win10 等不在域上的結果相同。
我在工作組計算機上的結果 - 本地用戶活動:
Attempto PASS: MyComputer\User1, Auth: 1088, method: 2, Provider: 0
Attempto PASS: MyComputer\User1, Auth: 1100, method: 3, Provider: 0
Attempto PASS: MyComputer\User1, Auth: 1060, method: 4, Provider: 0
Attempto PASS: MyComputer\LoggedOnUser, Auth: 1108, method: 9, Provider: 0
Attempto PASS: MyComputer\User1, Auth: 1076, method: 2, Provider: 0
工作組計算機上的結果 - 本地用戶已禁用/不退出:
Attempto FAIL: User1, Auth: MyDomain, method: 2, Provider: 0
Attempto FAIL: User1, Auth: MyDomain, method: 3, Provider: 0
Attempto FAIL: User1, Auth: MyDomain, method: 4, Provider: 0
Attempto FAIL: User1, Auth: MyDomain, method: 9, Provider: 0
Attempto FAIL: User1, Auth: MyDomain, method: 2, Provider: 0
域計算機上的結果:
Attempto PASS: MyDomain\User1, Auth: 1340, method: 2, Provider: 0
Attempto PASS: MyDomain\User1, Auth: 1724, method: 3, Provider: 0
Attempto PASS: MyDomain\User1, Auth: 1736, method: 4, Provider: 0
Attempto PASS: MyDomain\User1, Auth: 1648, method: 9, Provider: 0
Attempto PASS: MyDomain\User1, Auth: 1744, method: 2, Provider: 0
顯然我沒有對這台計算機的信任設置,但我假設如果我可以瀏覽到網絡共享,這樣的事情應該仍然有效?
將Lib advapi32.dll中的OpenEventLog()聲明為Integer還是Long?
[英]Declare OpenEventLog() in Lib advapi32.dll as Integer or Long?
WinNT://提供程序何時查詢Active Directory? 或者如果是域帳戶,如何獲取本地組成員的SID
[英]When does WinNT:// provider query Active Directory? Or how to get SID of local group member if it is domain account
使用Pinvoke調用advapi.dll:CryptDecrypt和CryptEncrypt意外行為
[英]Calling advapi.dll using Pinvoke: CryptDecrypt and CryptEncrypt unexpected behaviour
DLL 對 NON-Local-Admin windows 用戶使用模擬時,參考失敗並顯示“拒絕訪問”
[英]DLL References fail with “Access Denied” when using Impersonation for a NON-Local-Admin windows user
如何正確使用 LogonUser 從工作組客戶端模擬域用戶
[英]How to use LogonUser properly to impersonate domain user from workgroup client
如何根據CPU架構使用正確的非托管DLL文件? (32/64位)
[英]How to use the correct unmanaged DLL file according CPU architecture? (32 / 64 bits)
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.