Using advapi32.dll:LogonUserA() to impersonate a remote machine's local user

Question

I need to be able to run RegLoadKey() on a remote machine, and it may be that my machine and the remote machine are not in the same domain. If they are, the below code works OK and I can impersonate a user that has admin privileges on the machine. Otherwise, if we're talking about local users, according to this discussion I found...

http://www.eggheadcafe.com/conversation.aspx?messageid=34224301&threadid=34224226

...There has to be a local user on my machine with the same username and password. Ugh. Is there a way around that?

using System.Runtime.InteropServices;
using System.Security.Principal;

[DllImport("advapi32.dll")]
public static extern int LogonUserA(String lpszUserName, string lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);

[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public static extern int DuplicateToken(IntPtr hToken, int impersonationLevel, ref IntPtr hNewToken);

[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public static extern bool RevertToSelf();

[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
public static extern bool CloseHandle(IntPtr handle);

public const int LOGON32_LOGON_INTERACTIVE = 2;
public const int LOGON32_PROVIDER_DEFAULT = 0;

public WindowsImpersonationContext WearDrag(string Username, string Password, string DomainOrMachine)
{
    WindowsImpersonationContext impersonationContext;
    WindowsIdentity tempWindowsIdentity;
    IntPtr token = IntPtr.Zero;
    IntPtr tokenDuplicate = IntPtr.Zero;

    if (RevertToSelf())
    {
     if (LogonUserA(Username, DomainOrMachine, Password,
      LOGON32_LOGON_INTERACTIVE,
      LOGON32_PROVIDER_DEFAULT, ref token) != 0)
     {
      if (DuplicateToken(token, 2, ref tokenDuplicate) != 0)
      {
       tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);
       impersonationContext = tempWindowsIdentity.Impersonate();
       if (impersonationContext != null)
       {
        CloseHandle(token);
        CloseHandle(tokenDuplicate);
        return impersonationContext;
       }
      }
     }
    }
    if (token != IntPtr.Zero)
     CloseHandle(token);
    if (tokenDuplicate != IntPtr.Zero)
     CloseHandle(tokenDuplicate);
    return null;
}

Answer 1

Here's what I have been using without having to define a local user:

const int LOGON32_LOGON_NEW_CREDENTIALS = 9;
const int LOGON32_PROVIDER_DEFAULT = 0;

bool isSuccess = LogonUser(username, domain, password,
            LOGON32_LOGON_NEW_CREDENTIALS,
            LOGON32_PROVIDER_DEFAULT, ref token);

After that:

WindowsIdentity newIdentity = new WindowsIdentity(token);
WindowsImpersonationContext impersonatedUser = newIdentity.Impersonate();

I don't duplicate the handle though.

Another observation - I don't use LogonUserA, I simply use LogonUser.

Answer 2

How to work LogonUserA in Visual Basic 6.0