Unable to LogonUser with Active Directory domain account

Friday, December 01, 2006 12:45 PM

0

I'm using a workstation in an Active Directory domain, trying to impersonate another user. The user AULAS\Aula11 (or aula11@aulas.es) has administrative privileges in the domain, as it also has AULAS\Aula8, and both have blank passwords, but the following VB .NET code fails

Private Declare Function LogonUser Lib "advapi32.dll" Alias _

"LogonUserA" (ByVal lpszUsername As String, _

ByVal lpszDomain As String, ByVal lpszPassword As String, ByVal dwLogonType As Integer, _

ByVal dwLogonProvider As Integer, ByRef phToken As IntPtr) As Integer

If LogonUser("Aula11", "AULAS", vbNullString, 3, 0, elToken) <> 0 Then

Console.WriteLine("El usuario pepe ha sido identificado")

Else

Console.WriteLine(Err.LastDllError.ToString())

Console.WriteLine("El usuario pepe NO ha sido identificado")

End If

Console.ReadLine()

with error 1326, unknown user name or bad password.

Finally, note I have also try LogonUser with domain "aulas.es", with the same errror 1326.

Please help.

All Replies

Friday, December 01, 2006 2:07 PM

0

I am not a hundred percent sure but seems to me that you have to supply a password... I dont believe that you can have a null value for a password.
Friday, December 01, 2006 3:50 PM

0

I'm using my computer with domain user AULAS\Aula11, and I log in without a password!
Friday, December 01, 2006 8:41 PM

0

Is vbNULLstring the same as ""?
If not , try using "" instead of vbNULLstring.
This because I think it's like that an empty textbox doesn't return a vbNULLstring, but "".

Don't know if I'm right eh

Grtz, Tom.
Monday, December 04, 2006 10:09 AM

0

Neither works the program using "" as password instead of vbNULLstring. I think there is some problem accessing Active Directory's users, maybe DNS or DHCP misconfiguration; or maybe there is some misconfiguration of premissions to do a network login using an account with blank passwords???
Monday, March 23, 2009 7:41 AM

0

Ociretsih Yahoo said:
Neither works the program using "" as password instead of vbNULLstring. I think there is some problem accessing Active Directory's users, maybe DNS or DHCP misconfiguration; or maybe there is some misconfiguration of premissions to do a network login using an account with blank passwords???

Hi all,

I'm now using this funcions on my servers(win2008) and suffered from similar circumstance.

Here's my situation:
Domain: Karsen.com
Domain Account: Karsen.com\AA password:123aA (Domain Admin privilege)
Machine: A, which joined the domain Karsen.com
Machine Account: Administrator password:xx56ZZ (Local Admin)

Code Snippet:

        if (!LogonUser(argv[1], NULL, argv[2], LOGON32_LOGON_INTERACTIVE,
            LOGON32_PROVIDER_DEFAULT, &hToken))
        DisplayError(L"LogonUser");

And I login A with account AA@karsen.com, then I perform some test:
I can successfully LogonUser by "\Administrator" + "xx56ZZ".
but when I try to LogonUser by "Karsen.com\AA" or AA@karsen.com + "123aA".
I always got the following error:

ERROR: API = LogonUser.
error code = 1326.
message = Logon failure: unknown user name or bad password.

Could anyone give me some advice?