Using LsaLogonUser

Hi,

I am trying to use LsaLogonUser, but I am getting and
Invalid Parameter error back from it. I’m pretty
well stumped, and haven’t been able to find any
example code any place.

If anybody has successfully used this API before,
and can see what is wrong with the following code,
please let me know.

In the code below, LsaRegisterLogonProcess() has been
called, and succeeded, returning the value in m_hLsa,
and LsaLookupAuthenticationPackage() has been called
for MSV1_0_PACKAGE_NAME, and returned the value in
m_uMSV10.

I’ve tried with the authInfo.LogonDomainName set to the machine
name, ., and the empty (0 length).

The code is running in a service, which runs under
the System account.

–
LSA_STRING sOrigon;
sOrigon.Buffer = “Something”;
sOrigon.Length = ::strlen(sOrigon.Buffer);
sOrigon.MaximumLength = sOrigon.Length;

MSV1_0_INTERACTIVE_LOGON authInfo;
authInfo.MessageType = MsV1_0InteractiveLogon;

authInfo.LogonDomainName.Buffer = L"";
authInfo.LogonDomainName.Length = ::wcslen(authInfo.LogonDomainName.Buffer);
authInfo.LogonDomainName.MaximumLength = authInfo.LogonDomainName.Length;

authInfo.UserName.Buffer = L"MyUsername";
authInfo.UserName.Length = ::wcslen(authInfo.UserName.Buffer);
authInfo.UserName.MaximumLength = authInfo.UserName.Length;

authInfo.Password.Buffer = L"MyPassword";
authInfo.Password.Length = ::wcslen(authInfo.Password.Buffer);
authInfo.Password.MaximumLength = authInfo.Password.Length;

TOKEN_SOURCE tSource;
::strncpy(tSource.SourceName, “Source”, sizeof(tSource.SourceName));
if ( ! ::AllocateLocallyUniqueId(&tSource.SourceIdentifier) )
{
// Report Error
}

MSV1_0_INTERACTIVE_PROFILE* pProfile = 0;
ULONG profileLength = 0;

LUID logonId;
QUOTA_LIMITS quota;
NTSTATUS subStatus;

NTSTATUS status = ::LsaLogonUser(m_hLsa,
&sOrigon,
Interactive,
m_uMSV10,
&authInfo,
sizeof(authInfo),
0,
&tSource,
(PVOID*) &pProfile,
&profileLength,
&logonId,
&m_hToken,
&quota,
&subStatus);
if ( ! LSA_SUCCESS(status) )
{
DWORD dwStatus = ::LsaNtStatusToWinError(status);
// Report error – always invalid params
}

Thanks in advance for any help.

Also, when I tried to run this code under NT 4.0, it
couldn’t find Secur32.dll; does anyone have a clue as
to where this is and how I can get a hold of it?

Thanks muchly,

• Joseph Galbraith

> I am trying to use LsaLogonUser, but I am getting and

Why not use LogonUser instead of LsaLogonUser?

Max

LsaLogonUser returns a bunch of Profile information
that I need; LogonUser is how the code currently
works.

Is there a way to get at the MSV1_0_INTERACTIVE_PROFILE
structure using LogonUser ?

• Joseph

----- Original Message -----
From: “Maxim S. Shatskih”
To: “NT Developers Interest List”
Sent: Monday, October 09, 2000 5:31
Subject: [ntdev] Re: Using LsaLogonUser

> > I am trying to use LsaLogonUser, but I am getting and
>
> Why not use LogonUser instead of LsaLogonUser?
>
> Max
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@vandyke.com
> To unsubscribe send a blank email to $subst(‘Email.Unsub’)
>
>