Reputation: 347526
How to get a user token from Logonuser for a user account with no password?
How can you get a user token from Logonuser for a user account with no password?
In particular Logonuser will fail for accounts that do not have passwords.
You can validate an account by checking for a blank password + checking for GetLastError() == ERROR_ACCOUNT_RESTRICTION.
But I need to actually get a token returned, so I need this function to succeed.
Upvotes: 3
Views: 4124
Answers (1)
Reputation: 9645
This will fail if the registry setting LimitBlankPasswordUse is enabled, which it is by default. In order to disable this change the LimitBlankPasswordUse value under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa to zero. Or change the group policy setting under Security Options.
Be aware that this creates a security hole since it allows remote logons for accounts with null passwords.
Upvotes: 4
Related Questions
- How to get token of logged-in user from within windows service with C++?
- Windows authentication token C++
- LogonUser returns true for a wrong password
- is it possible to use LogonUser API without password?
- Using LogonUser() only to Validate Credentials
- Get UserToken from Logon ID (LUID) (C++)
- How to get my program to log the user into Windows?
- Is it possible to get Logged in user Non Restricted token from a service on Vista?
- Failure with LogonUser in MC++
- ValidateUser instead of LogonUser?