LogonUser function

[WhiZa]

Why do I get an error code 1314: A required privilege is not held by the client. Whenever I call the LogonUser function? Here's how I call it:

success = LogonUser(UserName, RemoteName, password, LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, &hToken);

I'm using Windows 2000, any ideas?

 

[TGM]

Hi

The privilege SE_TCB_NAME is required to call the LogonUser function.

Here is an excerpt from the Microsoft Doc:

There are some restrictions on using LogonUser that are not always convenient to satisfy. The first and biggest of these restrictions is that the process calling LogonUser must have the SE_TCB_NAME privilege (in User Manager, this is the "Act as part of the Operating System" right). The SE_TCB_NAME privilege is very powerful and should not be granted to any arbitrary user just so that they can run an application that needs to validate credentials. The recommended method is to call LogonUser from a service running in the local system account since the local system account already has the SE_TCB_NAME privilege.

HTH

Thierry
EMail: Thierry.Marneffe@swing.be

 

[WhiZa]

It says to run the program on the local system account. Well, I'm running it on my computer, for my computer under the administrator user. This is the confusing part.