Windows Logon API for .NET

When you are developing windows or web applications and there is need for validating user credentials (either local or domain), the 'LogonUser' API helps alot and it makes developers life much easier.

This API function accepts five parameters and one of them is 'out' parameter.

Public Declare Auto Function LogonUser Lib "advapi32.dll" (ByVal lpszUsername As [String], _
ByVal lpszDomain As [String], ByVal lpszPassword As [String], _
ByVal dwLogonType As Integer, ByVal dwLogonProvider As Integer, _
ByRef phToken As IntPtr) As Boolean

This function returns 'true' if the authentication was success and 'false' if failed. The good part about it is that, it returns a valid exception with relevant error message when it fails to authenticate provided credentials.

After successful authentication, the phToken parameter(ByRef phToken As IntPtr)would give handle to the token and it can be used to create any process from that context. If you just want to use this API for authentication, you can ignore it.

Here is the usage.

Public Declare Auto Function LogonUser Lib "advapi32.dll" (ByVal lpszUsername As [String], _
ByVal lpszDomain As [String], ByVal lpszPassword As [String], _
ByVal dwLogonType As Integer, ByVal dwLogonProvider As Integer, _
ByRef phToken As IntPtr) As Boolean

Private Function LoginUser(ByVal UserName As String, ByVal Password As String, ByVal Domain As String) As Boolean
Try
Dim tokenHandle As New IntPtr(0)
' Call LogonUser to obtain a handle to an access token.
Dim returnValue As Boolean = Authorization.LogonUser(UserName, Password, Domain, 2, 0, tokenHandle)

'check if logon successful
If returnValue = False Then
Dim ret As Integer = Marshal.GetLastWin32Error()
Throw New System.ComponentModel.Win32Exception(ret)
Exit Function
End If

Return True

Catch ex As Exception
'Here is where it returns relevant error message when the API fails to authenticate user.
'ex.Message
End Try
Return False
End Function