G
ghostxiaolinj
Unregistered / Unconfirmed
GUEST, unregistred user!
有域名服务器
用户机上如何通过程序来验证用户的合法性
在之前的帖子都有查过据说可以使用LogonUser
综合写下如下代码可以在域名服务器上调试通过
但是到用户机上就出现1314错误代码
之前的帖子也有提到是SE-TCB-NAME权限未获得的原因但没有提如何解决
在次收集一下还有别的思路方法可以解决么
无敌分割线--代码
------------------------------------------------------------------
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls;
type
TForm1 = class(TForm)
Button1: TButton;
edtUserName: TEdit;
edtPassword: TEdit;
Button2: TButton;
procedure Button1Click(Sender: TObject);
private
function AdjustToken:Boolean;
function PerformLogon(const User,Domain, Password: String;var ErrorCode:integer): Cardinal;
function Logonwindows(const User, Password: String;Var ErrCode:Integer):Boolean;
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
{ TForm1 }
function TForm1.AdjustToken: Boolean;
var
hdlProcessHandle : Cardinal;
hdlTokenHandle : Cardinal;
tmpLuid : Int64;
tkpPrivilegeCount : Int64;
tkp : TOKEN_PRIVILEGES;
tkpNewButIgnored : TOKEN_PRIVILEGES;
lBufferNeeded : Cardinal;
Privilege : array[0..0] of _LUID_AND_ATTRIBUTES;
hToken:THandle;
begin
hdlProcessHandle := GetCurrentProcess;
OpenProcessToken(hdlProcessHandle,
(TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY),
hdlTokenHandle);
LookupPrivilegeValue(nil, 'SeSecurityPrivilege', tmpLuid);
Privilege[0].Luid := tmpLuid;
Privilege[0].Attributes := SE_PRIVILEGE_ENABLED;
tkp.PrivilegeCount := 1; // One privilege to set
tkp.Privileges[0] := Privilege[0];
if AdjustTokenPrivileges(hdlTokenHandle, False, tkp, Sizeof(tkpNewButIgnored),
tkpNewButIgnored, lBufferNeeded) then
Result:=True
else
Result:=False;
end;
function TForm1.Logonwindows(const User, Password: String; var ErrCode: Integer): Boolean;
var
hToken: Cardinal;
begin
if not AdjustToken then Exit;
hToken := PerformLogon(User,'.',PassWord,ErrCode);
try
ImpersonateLoggedOnUser(hToken);
try
finally
RevertToSelf;
end;
Result:=(ErrCode=0);
finally
CloseHandle(hToken);
end;
end;
function TForm1.PerformLogon(const User, Domain, Password: String;
var ErrorCode: integer): Cardinal;
begin
Result:=0;
if NOT LogonUser(pChar(User), pChar(Domain), pChar(Password),
LOGON32_LOGON_INTERACTIVE,//LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT, Result) then
ErrorCode:=getLastError
else
ErrorCode:=0;
end;
procedure TForm1.Button1Click(Sender: TObject);
var
nErrorCode:integer;
begin
nErrorCode:=0;
if not Logonwindows(edtUserName.Text,edtPassword.Text,nErrorCode) then
showmessage('ErrorCode='+IntToStr(nErrorCode));
//ADSIDNamespace1.
end;
end.
用户机上如何通过程序来验证用户的合法性
在之前的帖子都有查过据说可以使用LogonUser
综合写下如下代码可以在域名服务器上调试通过
但是到用户机上就出现1314错误代码
之前的帖子也有提到是SE-TCB-NAME权限未获得的原因但没有提如何解决
在次收集一下还有别的思路方法可以解决么
无敌分割线--代码
------------------------------------------------------------------
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls;
type
TForm1 = class(TForm)
Button1: TButton;
edtUserName: TEdit;
edtPassword: TEdit;
Button2: TButton;
procedure Button1Click(Sender: TObject);
private
function AdjustToken:Boolean;
function PerformLogon(const User,Domain, Password: String;var ErrorCode:integer): Cardinal;
function Logonwindows(const User, Password: String;Var ErrCode:Integer):Boolean;
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
{ TForm1 }
function TForm1.AdjustToken: Boolean;
var
hdlProcessHandle : Cardinal;
hdlTokenHandle : Cardinal;
tmpLuid : Int64;
tkpPrivilegeCount : Int64;
tkp : TOKEN_PRIVILEGES;
tkpNewButIgnored : TOKEN_PRIVILEGES;
lBufferNeeded : Cardinal;
Privilege : array[0..0] of _LUID_AND_ATTRIBUTES;
hToken:THandle;
begin
hdlProcessHandle := GetCurrentProcess;
OpenProcessToken(hdlProcessHandle,
(TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY),
hdlTokenHandle);
LookupPrivilegeValue(nil, 'SeSecurityPrivilege', tmpLuid);
Privilege[0].Luid := tmpLuid;
Privilege[0].Attributes := SE_PRIVILEGE_ENABLED;
tkp.PrivilegeCount := 1; // One privilege to set
tkp.Privileges[0] := Privilege[0];
if AdjustTokenPrivileges(hdlTokenHandle, False, tkp, Sizeof(tkpNewButIgnored),
tkpNewButIgnored, lBufferNeeded) then
Result:=True
else
Result:=False;
end;
function TForm1.Logonwindows(const User, Password: String; var ErrCode: Integer): Boolean;
var
hToken: Cardinal;
begin
if not AdjustToken then Exit;
hToken := PerformLogon(User,'.',PassWord,ErrCode);
try
ImpersonateLoggedOnUser(hToken);
try
finally
RevertToSelf;
end;
Result:=(ErrCode=0);
finally
CloseHandle(hToken);
end;
end;
function TForm1.PerformLogon(const User, Domain, Password: String;
var ErrorCode: integer): Cardinal;
begin
Result:=0;
if NOT LogonUser(pChar(User), pChar(Domain), pChar(Password),
LOGON32_LOGON_INTERACTIVE,//LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT, Result) then
ErrorCode:=getLastError
else
ErrorCode:=0;
end;
procedure TForm1.Button1Click(Sender: TObject);
var
nErrorCode:integer;
begin
nErrorCode:=0;
if not Logonwindows(edtUserName.Text,edtPassword.Text,nErrorCode) then
showmessage('ErrorCode='+IntToStr(nErrorCode));
//ADSIDNamespace1.
end;
end.