iie:How to do?
山泉:里面没有这个,只有添加用户的.
我估计好象可以使用LogonUser看能否成功来判断
var
sAID,sAPassWord,sDomainName:String;
MyToken:THandle;
begin
sAID:='Administrators';//用户名
sAPassWord:='123456789';//用户密码
sDomainName:='sex-man';//主机名称
if LogonUser(pchar(sAID),
pchar(sDomainName),
pchar(sAPassWord),
LOGON32_LOGON_NETWORK,LOGON32_PROVIDER_DEFAULT,MyToken)
then ShowMessage('验证用户成功!') else ShowMessage('验证用户失败!');
end;
但是总是失败
新写了一个函数用来找出出错原因的.
//------------------------------------
function GetErrorMessage(Code:Integer):String;
var
hErrLib:THandle;
msg
Char;
flags:Integer;
function MAKELANGID(p,s:word):Integer;
begin
result:=(s shl 10) or p
end;
begin
hErrLib:=LoadLibraryEx ('netmsg.dll', 0, LOAD_LIBRARY_AS_DATAFILE);
try
flags:=FORMAT_MESSAGE_ALLOCATE_BUFFER or FORMAT_MESSAGE_IGNORE_INSERTS or FORMAT_MESSAGE_FROM_SYSTEM;
if hErrLib<>0 then flags := flags or FORMAT_MESSAGE_FROM_HMODULE;
if FormatMessage(flags,pointer(hErrLib),code,MAKELANGID(LANG_NEUTRAL,SUBLANG_DEFAULT),PChar(@msg),0,Nil)<>0 Then
try
result:=msg;
finally
LocalFree(Integer(msg));
end
finally
if hErrLib <> 0 then FreeLibrary (hErrLib)
end
end;
//--------------------------------------------------------------------------
我调用的时候过程如下
var
FUserName,FPassword:String;
FLogonType,FLogonProvider,FError
WORD;
FToKenHandle:THandle;
begin
FUserName:=Edit_User.Text;// 用户名
FPassword:=Edit_Pass.Text;// 用户密码
FLogonProvider:=LOGON32_PROVIDER_DEFAULT; FLogonType:=LOGON32_LOGON_NETWORK;
If not LogonUser(PChar(FUserName),nil,PChar(FPassword),FLogonType,FLogonProvider,FToKenHandle) Then
begin
FError:=GetLastError;
Application.MessageBox(PChar(GetErrorMessage(FError)),'',mb_OK + mb_ICONINFORMATION);//显示出错原因
Exit;
end
else
Application.MessageBox('验证成功!','',0);
end;
结果总是显示"客户没有所需的特权". 所以我估计原因应该就在这里.以前调用一个在NT下关机的函数 ExitWindowsEx(EWX_SHUTDOWN + EWX_FORCE, 0);总是失败,后来提升了关机特权就可以了.
procedure AdjustToken(); //提升强行关机特权
var
hdlProcessHandle: Cardinal;
hdlTokenHandle: Cardinal;
tmpLuid: Int64;
tkpPrivilegeCount: Int64;
tkp: TOKEN_PRIVILEGES;
tkpNewButIgnored: TOKEN_PRIVILEGES;
lBufferNeeded: Cardinal;
Privilege: array[0..0] of _LUID_AND_ATTRIBUTES;
begin
hdlProcessHandle := GetCurrentProcess;
OpenProcessToken(hdlProcessHandle,
(TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY),
hdlTokenHandle);
// Get the LUID for shutdown privilege.
LookupPrivilegeValue('', 'SeShutdownPrivilege', tmpLuid);
Privilege[0].Luid := tmpLuid;
Privilege[0].Attributes := SE_PRIVILEGE_ENABLED;
tkp.PrivilegeCount := 1; // One privilege to set
tkp.Privileges[0] := Privilege[0];
// Enable the shutdown privilege in the access token of this
// process.
AdjustTokenPrivileges(hdlTokenHandle,
False,
tkp,
Sizeof(tkpNewButIgnored),
tkpNewButIgnored,
lBufferNeeded);
end;
昨天在资料上面看到"进程调用LogonUser好像需要有SE_TCB_NAME特权,在特定情况下也需要
SE_CHANGE_NOTIFY_NAME特权 ",是这个原因?