0

hello all,
i need some help regarding windows login.i have created an application in C# which replaces the windows-login and which gets username and password from the user to enter the windows.
But my problem is that i have done the user authentication through win32 API function "LogonUser()" and it works fine.but i am not able to enter the windows.it always shows me a black screen.
Please help me what should i do for that is there any library or function or any related material so that i can go ahead.

thanks
DevGeek

3
Contributors
7
Replies
14
Views
8 Years
Discussion Span
Last Post by DevGeek
0

I you don't show us your relevant code I am affraid we can do much to help you out.

Here is my code but i am not able to enter to my windows desktop.

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Text;

using System.Runtime.InteropServices; // DllImport
using System.Security.Principal; // WindowsImpersonationContext
using System.Security.Permissions; // PermissionSetAttribute

namespace loginwin
{

    class Program
    {

         enum SECURITY_IMPERSONATION_LEVEL
        {
            SecurityAnonymous,
            SecurityIdentification,
            SecurityImpersonation,
            SecurityDelegation
        }
        [DllImport("ADVAPI32.DLL")]
        public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword,
                                            int dwLogonType, int dwLogonProvider, out IntPtr phToken);
        [DllImport("ADVAPI32.DLL")]
        public extern static bool DuplicateToken(IntPtr ExistingTokenHandle, int
                                                SECURITY_IMPERSONATION_LEVEL, out IntPtr DuplicateTokenHandle);
        [DllImport("kernel32.DLL")]
        static extern bool CloseHandle(IntPtr hObject);
        
        
        public static WindowsImpersonationContext  ImpersonateUser(string sUsername, string sDomain, string sPassword)
        {
            // initialize tokens
            IntPtr pExistingTokenHandle = new IntPtr(0);
            IntPtr pDuplicateTokenHandle = new IntPtr(0);
            pExistingTokenHandle = IntPtr.Zero;
            pDuplicateTokenHandle = IntPtr.Zero;

            // if domain name was blank, assume local machine
            if (sDomain == "")
                sDomain = System.Environment.MachineName;

            try
            {
                string sResult = null;

                const int LOGON32_PROVIDER_DEFAULT = 0;
                // create token
                const int LOGON32_LOGON_INTERACTIVE = 2;
                //const int SecurityImpersonation = 2;
                // get handle to token
                bool bImpersonated = LogonUser(sUsername, sDomain, sPassword,LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,out pExistingTokenHandle);

                // did impersonation fail?
                if (false == bImpersonated)
                {
                    int nErrorCode = Marshal.GetLastWin32Error();
                    sResult = "LogonUser() failed with error code: " +
                        nErrorCode + "\r\n";

                    // show the reason why LogonUser failed
                    Console.WriteLine(sResult + "Error");
                        
                }

                // Get identity before impersonation
                sResult += "Before impersonation: " +
                    WindowsIdentity.GetCurrent().Name + "\r\n";

                bool bRetVal = DuplicateToken(pExistingTokenHandle,
                    (int)SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation,
                        out pDuplicateTokenHandle);

                // did DuplicateToken fail?
                if (false == bRetVal)
                {
                    int nErrorCode = Marshal.GetLastWin32Error();
                    // close existing handle
                    CloseHandle(pExistingTokenHandle);
                    sResult += "DuplicateToken() failed with error code: "
                        + nErrorCode + "\r\n";

                    // show the reason why DuplicateToken failed
                    Console.WriteLine(sResult+ "Error");
                        
                    return null;
                }
                else
                {
                    // create new identity using new primary token
                    WindowsIdentity newId = new WindowsIdentity
                                                (pDuplicateTokenHandle);
                    WindowsImpersonationContext impersonatedUser =
                                                newId.Impersonate();

                    // check the identity after impersonation
                    sResult += "After impersonation: " +
                        WindowsIdentity.GetCurrent().Name + "\r\n";

                    Console.WriteLine(sResult+"Success");
                    return impersonatedUser;
                }
            }
            catch (Exception ex)
            {
                throw ex;
            }
            finally
            {
                // close handle(s)
                if (pExistingTokenHandle != IntPtr.Zero)
                    CloseHandle(pExistingTokenHandle);
                if (pDuplicateTokenHandle != IntPtr.Zero)
                    CloseHandle(pDuplicateTokenHandle);

                
            }
        }
        static void Main(string[] args)
        {
            ImpersonateUser("Username", System.Environment.MachineName.ToString(), "Password");
            Console.Read();
        }
}
0

Replacing MSGina is not as simple as I tihnk you're looking at there. I would guess a number of those elements fail as you're not logged in at that point. I dont believe its just a case of "impersonating" a specific user, you need windows to go through the real login process - Id imagine your window goes black as you're not calling any method for it to know it needs to launch the shell, and so on.

I wise man said:

You are looking at replacing MS Gina OS level code

This is a VERY NOT TRIVIAL thing, its basically something that custom vendors do. So, best advice? Don't even consider it.
(Taken from
http://www.eggheadcafe.com/community/aspnet/14/10015768/you-are-looking-at-replac.aspx)

Hes right.

0

Replacing MSGina is not as simple as I tihnk you're looking at there. I would guess a number of those elements fail as you're not logged in at that point. I dont believe its just a case of "impersonating" a specific user, you need windows to go through the real login process - Id imagine your window goes black as you're not calling any method for it to know it needs to launch the shell, and so on.

I wise man said:

Hes right.

its too much necessary for me to replace windows login its my final year project.And i have to do it at any cost.So please do suggest some material or any other option(if possible) except Msgina.

0

And one more thing that i have seen many winlogon theme that just replace the logontheme.exe with logonui.exe in c:\windows\system32\ and they don't change any msgina so please do suggest.what you people say about this.

0

If its been told to you that you have to do this specific application for your final year, what reading material were you told to look at?

0

it is my research project no material has been provided therefore i ask here.

This article has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.