如何正确使用LogonUser从工作组客户端模拟域用户

ASP.NET:针对VMWare上的域进行模拟

这个问题是我问的,但答案并没有提供关于_token如何派生的细节。 它似乎只使用WindowsIdentity.GetCurrent().Token所以没有模仿发生。

我可以在.NET中模拟不同的Active Directory域上的用户吗?

接下来的问题有相互矛盾的答案,接受的答案有一个评论:“我开始怀疑我的问题在别处。” 没有帮助。

LogonUser只适用于我的域名

接下来的问题似乎暗示这是不可能的,但它涉及2个域名,所以我不确定它是否相关。

我真正的问题是:

  • 可能吗? 如果是这样,
  • 怎么样? 或者我哪里错了?
  • 我到目前为止所尝试的是,使用http://msdn.microsoft.com/en-us/library/chf6fbt4%28v=VS.80%29.aspx中的代码

    bool returnValue = LogonUser(user, domain, password,
                LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT,
                ref tokenHandle);
    // after this point, returnValue = false
    

    Win32错误是

    登录失败:未知的用户名或密码错误


    很少有帖子建议使用LOGON_TYPE_NEW_CREDENTIALS而不是LOGON_TYPE_NETWORKLOGON_TYPE_INTERACTIVE 。 我有一台机器连接到一个域的模拟问题,一个没有,并且这固定了它。 这篇文章中的最后一段代码片段表明,跨森林模仿确实有效,但它没有具体说明有关建立信任的任何信息。 所以这可能值得尝试:

    const int LOGON_TYPE_NEW_CREDENTIALS = 9;
    const int LOGON32_PROVIDER_WINNT50 = 3;
    bool returnValue = LogonUser(user, domain, password,
                LOGON_TYPE_NEW_CREDENTIALS, LOGON32_PROVIDER_WINNT50,
                ref tokenHandle);
    

    MSDN表示LOGON_TYPE_NEW_CREDENTIALS只有在使用LOGON32_PROVIDER_WINNT50时才有效。


    这对我有用,完整的工作例子(我希望更多的人会这样做):

    //logon impersonation
    using System.Runtime.InteropServices; // DllImport
    using System.Security.Principal; // WindowsImpersonationContext
    using System.Security.Permissions; // PermissionSetAttribute
    
    ...
    
    class Program {
    
        // obtains user token
        [DllImport("advapi32.dll", SetLastError = true)]
        public static extern bool LogonUser(string pszUsername, string pszDomain, string pszPassword,
            int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
    
        // closes open handes returned by LogonUser
        [DllImport("kernel32.dll", CharSet = CharSet.Auto)]
        public extern static bool CloseHandle(IntPtr handle);
    
        public void DoWorkUnderImpersonation() {
            //elevate privileges before doing file copy to handle domain security
            WindowsImpersonationContext impersonationContext = null;
            IntPtr userHandle = IntPtr.Zero;
            const int LOGON32_PROVIDER_DEFAULT = 0;
            const int LOGON32_LOGON_INTERACTIVE = 2;
            string domain = ConfigurationManager.AppSettings["ImpersonationDomain"];
            string user = ConfigurationManager.AppSettings["ImpersonationUser"];
            string password = ConfigurationManager.AppSettings["ImpersonationPassword"];
    
            try {
                Console.WriteLine("windows identify before impersonation: " + WindowsIdentity.GetCurrent().Name);
    
                // if domain name was blank, assume local machine
                if (domain == "")
                    domain = System.Environment.MachineName;
    
                // Call LogonUser to get a token for the user
                bool loggedOn = LogonUser(user,
                                            domain,
                                            password,
                                            LOGON32_LOGON_INTERACTIVE,
                                            LOGON32_PROVIDER_DEFAULT,
                                            ref userHandle);
    
                if (!loggedOn) {
                    Console.WriteLine("Exception impersonating user, error code: " + Marshal.GetLastWin32Error());
                    return;
                }
    
                // Begin impersonating the user
                impersonationContext = WindowsIdentity.Impersonate(userHandle);
    
                Console.WriteLine("Main() windows identify after impersonation: " + WindowsIdentity.GetCurrent().Name);
    
                //run the program with elevated privileges (like file copying from a domain server)
                DoWork();
    
            } catch (Exception ex) {
                Console.WriteLine("Exception impersonating user: " + ex.Message);
            } finally {
                // Clean up
                if (impersonationContext != null) {
                    impersonationContext.Undo();
                }
    
                if (userHandle != IntPtr.Zero) {
                    CloseHandle(userHandle);
                }
            }
        }
    
    
        private void DoWork() {
            //everything in here has elevated privileges
    
            //example access files on a network share through e$ 
            string[] files = System.IO.Directory.GetFiles(@"domainservere$images", "*.jpg");
        }
    }
    

    我在冒充另一个域中的用户方面取得了成功,但只有在这两个域之间建立了信任关系。

    var token = IntPtr.Zero;
    var result = LogonUser(userID, domain, password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref token);
    if (result)
    {
        return WindowsIdentity.Impersonate(token);
    }
    
    链接地址: http://www.djcxy.com/p/36083.html

    上一篇: How to use LogonUser properly to impersonate domain user from workgroup client

    下一篇: How to provide user name and password when connecting to a network share