I've been trying to use the Windows Authentication low level credential API functions to backup/restore credentials.
However, I've found that while I can use CredEnumerate to obtain every credential on the system, all the passwords are missing for domain type credentials (which is documented). Is there any way to backup/restore these credentials in the same way as the windows GUI tool can?
Hmm, it looks like I've found the answer although I don't like it. The only way to do this seems to be to CreateRemoteThread() to create a thread in lsass.exe (The windows security subsystem) and then to enumerate the credentials from within that thread using undocumented function LsaICryptUnprotectData exported from Lsasrv.dll to decrypt the credentials buffer.
It works but I'm not sure I have the stomache to put this into my software...