hello all,
i need some help regarding windows login.i have created an application in C# which replaces the windows-login and which gets username and password from the user to enter the windows.
But my problem is that i have done the user authentication through win32 API function "LogonUser()" and it works fine.but i am not able to enter the windows.it always shows me a black screen.
Please help me what should i do for that is there any library or function or any related material so that i can go ahead.

thanks
DevGeek

I you don't show us your relevant code I am affraid we can do much to help you out.

Here is my code but i am not able to enter to my windows desktop.

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Text;

using System.Runtime.InteropServices; // DllImport
using System.Security.Principal; // WindowsImpersonationContext
using System.Security.Permissions; // PermissionSetAttribute

namespace loginwin
{

    class Program
    {

         enum SECURITY_IMPERSONATION_LEVEL
        {
            SecurityAnonymous,
            SecurityIdentification,
            SecurityImpersonation,
            SecurityDelegation
        }
        [DllImport("ADVAPI32.DLL")]
        public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword,
                                            int dwLogonType, int dwLogonProvider, out IntPtr phToken);
        [DllImport("ADVAPI32.DLL")]
        public extern static bool DuplicateToken(IntPtr ExistingTokenHandle, int
                                                SECURITY_IMPERSONATION_LEVEL, out IntPtr DuplicateTokenHandle);
        [DllImport("kernel32.DLL")]
        static extern bool CloseHandle(IntPtr hObject);
        
        
        public static WindowsImpersonationContext  ImpersonateUser(string sUsername, string sDomain, string sPassword)
        {
            // initialize tokens
            IntPtr pExistingTokenHandle = new IntPtr(0);
            IntPtr pDuplicateTokenHandle = new IntPtr(0);
            pExistingTokenHandle = IntPtr.Zero;
            pDuplicateTokenHandle = IntPtr.Zero;

            // if domain name was blank, assume local machine
            if (sDomain == "")
                sDomain = System.Environment.MachineName;

            try
            {
                string sResult = null;

                const int LOGON32_PROVIDER_DEFAULT = 0;
                // create token
                const int LOGON32_LOGON_INTERACTIVE = 2;
                //const int SecurityImpersonation = 2;
                // get handle to token
                bool bImpersonated = LogonUser(sUsername, sDomain, sPassword,LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,out pExistingTokenHandle);

                // did impersonation fail?
                if (false == bImpersonated)
                {
                    int nErrorCode = Marshal.GetLastWin32Error();
                    sResult = "LogonUser() failed with error code: " +
                        nErrorCode + "\r\n";

                    // show the reason why LogonUser failed
                    Console.WriteLine(sResult + "Error");
                        
                }

                // Get identity before impersonation
                sResult += "Before impersonation: " +
                    WindowsIdentity.GetCurrent().Name + "\r\n";

                bool bRetVal = DuplicateToken(pExistingTokenHandle,
                    (int)SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation,
                        out pDuplicateTokenHandle);

                // did DuplicateToken fail?
                if (false == bRetVal)
                {
                    int nErrorCode = Marshal.GetLastWin32Error();
                    // close existing handle
                    CloseHandle(pExistingTokenHandle);
                    sResult += "DuplicateToken() failed with error code: "
                        + nErrorCode + "\r\n";

                    // show the reason why DuplicateToken failed
                    Console.WriteLine(sResult+ "Error");
                        
                    return null;
                }
                else
                {
                    // create new identity using new primary token
                    WindowsIdentity newId = new WindowsIdentity
                                                (pDuplicateTokenHandle);
                    WindowsImpersonationContext impersonatedUser =
                                                newId.Impersonate();

                    // check the identity after impersonation
                    sResult += "After impersonation: " +
                        WindowsIdentity.GetCurrent().Name + "\r\n";

                    Console.WriteLine(sResult+"Success");
                    return impersonatedUser;
                }
            }
            catch (Exception ex)
            {
                throw ex;
            }
            finally
            {
                // close handle(s)
                if (pExistingTokenHandle != IntPtr.Zero)
                    CloseHandle(pExistingTokenHandle);
                if (pDuplicateTokenHandle != IntPtr.Zero)
                    CloseHandle(pDuplicateTokenHandle);

                
            }
        }
        static void Main(string[] args)
        {
            ImpersonateUser("Username", System.Environment.MachineName.ToString(), "Password");
            Console.Read();
        }
}

Replacing MSGina is not as simple as I tihnk you're looking at there. I would guess a number of those elements fail as you're not logged in at that point. I dont believe its just a case of "impersonating" a specific user, you need windows to go through the real login process - Id imagine your window goes black as you're not calling any method for it to know it needs to launch the shell, and so on.

I wise man said:

You are looking at replacing MS Gina OS level code

This is a VERY NOT TRIVIAL thing, its basically something that custom vendors do. So, best advice? Don't even consider it.
(Taken from
http://www.eggheadcafe.com/community/aspnet/14/10015768/you-are-looking-at-replac.aspx)

Hes right.

Replacing MSGina is not as simple as I tihnk you're looking at there. I would guess a number of those elements fail as you're not logged in at that point. I dont believe its just a case of "impersonating" a specific user, you need windows to go through the real login process - Id imagine your window goes black as you're not calling any method for it to know it needs to launch the shell, and so on.

I wise man said:

Hes right.

its too much necessary for me to replace windows login its my final year project.And i have to do it at any cost.So please do suggest some material or any other option(if possible) except Msgina.

And one more thing that i have seen many winlogon theme that just replace the logontheme.exe with logonui.exe in c:\windows\system32\ and they don't change any msgina so please do suggest.what you people say about this.

If its been told to you that you have to do this specific application for your final year, what reading material were you told to look at?

it is my research project no material has been provided therefore i ask here.

This article has been dead for over six months. Start a new discussion instead.