C# LogonUser 失败,错误代码:1326
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/17332977/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
LogonUser failed with error code: 1326
提问by mak
Please can any one help me with this? I was trying to login to portal.microsoftonline.com with the credentials needed but it gets me that error. Is my URL is wrong or what? Because i am trying to impersonate and give a role to a user. Thank you and btw i am new here, please forgive me the way i post my problem. Please see the comment where the error is.
请问有人能帮我解决这个问题吗?我试图使用所需的凭据登录到 portal.microsoftonline.com,但它让我出现了那个错误。是我的网址错误还是什么?因为我正在尝试模拟并为用户提供角色。谢谢,顺便说一句,我是新来的,请原谅我发布问题的方式。请查看错误所在的评论。
class SecurityHelpers
{
private SecurityHelpers() { }
[DllImport("advapi32.dll", SetLastError = true)]
private static extern bool LogonUser(string lpszUsername,
string lpszDomain, string lpszPassword,
int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
private extern static bool CloseHandle(IntPtr handle);
public static WindowsIdentity CreateIdentity(
string userName, string domain, string password)
{
IntPtr tokenHandle = new IntPtr(0);
const int LOGON32_PROVIDER_DEFAULT = 0;
const int LOGON32_LOGON_NETWORK_CLEARTEXT = 3;
tokenHandle = IntPtr.Zero;
bool returnValue = LogonUser(userName, domain, password,
LOGON32_LOGON_NETWORK_CLEARTEXT,
LOGON32_PROVIDER_DEFAULT,
ref tokenHandle);
if (false == returnValue)
{
int ret = Marshal.GetLastWin32Error();
// THIS WHERE THE ERROR IS - "LogonUser failed with error code: 1326"
throw new Exception("LogonUser failed with error code: " + ret);
}
WindowsIdentity id = new WindowsIdentity(tokenHandle);
CloseHandle(tokenHandle);
return id;
}
}
回答by user2601995
It's possible xp_cmdshellis executed through the proxy account. Check if the proxy account has the correct credentials.
可以 xp_cmdshell通过代理帐户执行。检查代理帐户是否具有正确的凭据。
In Object Explorer go to:
在对象资源管理器中转到:
Security > Credentials > ##xp_cmdshell_proxy_account##
Also, check if the user has execute rights to sys.xp_cmdshell
另外,检查用户是否具有执行权限 sys.xp_cmdshell
In Object Explorer go to:
在对象资源管理器中转到:
Databases > System Databases > master > Security > Users > [user] > Securables
SQL to grant permission:
授予权限的 SQL:
use [master]
grant execute on xp_cmdshell to [domain\user];
回答by Nimisha
userName, domainan passwordneed to be passed as Windows Wide Characteror Windows Unicode. Please ensure that you are passing them in the correct format.
userName,domain一个password需要作为传递Windows Wide Character或Windows Unicode。请确保您以正确的格式传递它们。
回答by mike
What Ken White said in the comments is correct. If you don't pass the appropriate string type for your username & password, you'll get a 1326. Modify your API declaration to use UnmanagedType.LPStrfor your strings. pinvoke.nethas good API call instructions.
肯·怀特在评论中说的是正确的。如果您没有为您的用户名和密码传递适当的字符串类型,您将得到 1326。修改您的 API 声明以UnmanagedType.LPStr用于您的字符串。 pinvoke.net有很好的 API 调用说明。
[DllImport("advapi32.dll", SetLastError = true, BestFitMapping = false, ThrowOnUnmappableChar = true)]
[return: MarshalAs(UnmanagedType.Bool)]
internal static extern bool LogonUser(
[MarshalAs(UnmanagedType.LPStr)] string pszUserName,
[MarshalAs(UnmanagedType.LPStr)] string pszDomain,
[MarshalAs(UnmanagedType.LPStr)] string pszPassword,
int dwLogonType,
int dwLogonProvider,
ref IntPtr phToken);
Further, you might try LOGON32_LOGON_BATCH = 4for LogonType, that worked best for me.
此外,你可以尝试LOGON32_LOGON_BATCH = 4的LogonType,这对我来说效果最好。
//i cut out the rest of the enum for brevity.
enum LogonType
{
LOGON32_LOGON_BATCH = 4
}
string sUser="";
string sDomain="";
string sPWD="";
IntPtr token = new IntPtr();
bool bLoginSuccess = LogonUser(sUser, sDomain, sPWD, (int)LogonType.LOGON32_LOGON_BATCH, 0, ref token);
