LogonUser strange behaviour

  • Thread starter Thread starter Guest
  • Start date Start date
Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.platformsdk.security,microsoft.public.win2000.security (More info?)

Hi.
Suppose I have 2 accounts "domain\user1" and "machine\user2".
If I pass empty string "" as domain parameter to LogonUser, it succeeds for
both user1 and user2 accounts (domain and machine names are not included in
username parameter).
It is strange to me, because this behavior is not documented. SDK says I
must pass domain name or "." for local account or NULL for UPN names. There
is nothing about empty domain name.
May I use this feature to authenticate users when they haven't specified
domain name in their logon information? Or I need to obtain domain name that
local server belongs to, and pass it to LogonUser?
Maybe there are some domain policy setting that allow this?
I have this behavior on both Windows 2000 Advanced Server and Windows Server
2003.

Regards,
Jesse
 
Archived from groups: microsoft.public.platformsdk.security,microsoft.public.win2000.security (More info?)

If your computer is standalone then the domain parameter is ignored.

"jesse" wrote:

> Hi.
> Suppose I have 2 accounts "domain\user1" and "machine\user2".
> If I pass empty string "" as domain parameter to LogonUser, it succeeds for
> both user1 and user2 accounts (domain and machine names are not included in
> username parameter).
> It is strange to me, because this behavior is not documented. SDK says I
> must pass domain name or "." for local account or NULL for UPN names. There
> is nothing about empty domain name.
> May I use this feature to authenticate users when they haven't specified
> domain name in their logon information? Or I need to obtain domain name that
> local server belongs to, and pass it to LogonUser?
> Maybe there are some domain policy setting that allow this?
> I have this behavior on both Windows 2000 Advanced Server and Windows Server
> 2003.
>
> Regards,
> Jesse
>
>
>
 
Archived from groups: microsoft.public.platformsdk.security,microsoft.public.win2000.security (More info?)

Nope. It is a member of domain.

Regards,
Jesse

"Raghu Malpani" <Raghu Malpani@discussions.microsoft.com> wrote in message
news:AF1DE297-CAFE-4702-ACA3-30FC04C9F0EF@microsoft.com...
> If your computer is standalone then the domain parameter is ignored.
>
> "jesse" wrote:
>
> > Hi.
> > Suppose I have 2 accounts "domain\user1" and "machine\user2".
> > If I pass empty string "" as domain parameter to LogonUser, it succeeds
for
> > both user1 and user2 accounts (domain and machine names are not included
in
> > username parameter).
> > It is strange to me, because this behavior is not documented. SDK says I
> > must pass domain name or "." for local account or NULL for UPN names.
There
> > is nothing about empty domain name.
> > May I use this feature to authenticate users when they haven't specified
> > domain name in their logon information? Or I need to obtain domain name
that
> > local server belongs to, and pass it to LogonUser?
> > Maybe there are some domain policy setting that allow this?
> > I have this behavior on both Windows 2000 Advanced Server and Windows
Server
> > 2003.
> >
> > Regards,
> > Jesse
> >
> >
> >
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom