Articles from July 2008

Programmatic User Login (aka Win32 LogonUser)

By Michael Flanakin @ 6:04 AM :: 5812 Views :: .NET, Development :: Digg it!

Programmatic user login

Nothing new here. I just wanted to save this code snippet because it's popped up a few times in the past year and I have to go find it over and over. At least this will make it a little easier for me. This is by no means an authoritative reference -- it's simply what I have used. If you know of something I'm missing, please let me know.

First, you'll need to import the Win32 LogonUser() function:

using System.Runtime.InteropServices;

[DllImport("advapi32.dll", SetLastError=true)]
public static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider, out IntPtr phToken);

The only question you probably have is about the logon type and provider parameters. The only provider I know of is the default, 0, which uses "negotiate" (Kerberos, then NTLM) for Windows XP/Server 2003 and later machines. Windows 2000 defaults to NTLM. If you don't know the difference, let me know and I'll explain that in more detail. Here are a list of logon types:

  • Interactive (2) -- Intended for interactive use (duh) with something like terminal server or executing a remote shell. This type caches credentials for disconnected operations.
  • Network (3) -- Intended for high performance servers to authenticate plain-text passwords.
  • Batch (4) -- Intended for batch servers, which act on behalf of the user without his/her direct intervention. Typically used to process many plain-text auth attempts at a time.
  • Service (5) -- Intended for service accounts, which have the "service" privilege enabled -- don't ask me what that is because I don't know.
  • Unlock (7) -- Intended for GINA DLLs (whatever that is) that will interactively use the machine. This type includes some auditing.
  • Clear Text (8) -- Intended for double-hop impersonation scenarios where credentials will be sent to the target server to allow it to also impersonate the user. As I understand it, this is what IIS "Basic" authentication uses. To perform a double-hop, you'll actually have to do a few other things. I won't get into that here, but let me know if that'd be of interest.
  • New Credentials (9) -- Clones current credentials and uses new credentials for outbound connections. Supposedly, this doesn't work with the default provider -- it requires the WINNT50 provider, whatever that is.

The following is a list of the supported providers. I don't know anything about the non-default ones, but figured I'd list them for completeness..

  • Default (0) -- "Negotiate" (Kerberos, then NTLM) for Windows XP/Server 2003 and later; NTLM for Windows
  • NT 3.5 (1)
  • NT 4.0 (2)
  • NT 5.0 (3) -- Required for the "new credentials" logon type.

Next, well... just use it. As you can see, the last parameter in the LogonUser() function is an out parameter for a token which represents the user. This is key. All you need to do is initialize a WindowsIdentity instance with this token and you're well on your way.

using System.Security.Principal;

/// <summary>
/// Creates a new <see cref="WindowsIdentity"/> using the specified credentials.
/// </summary>
/// <remarks>
/// This method assumes an interactive logon for simplicity.
/// </remarks>

public static WindowsIdentity GetIdentity(string domain, string userName, string password)
{
    IntPtr token;
    bool success = LogonUser(userName, domain, password, 2, 0, out token);
    return (success) ? new WindowsIdentity(token) : null;
}

Pretty simple. Of course, we still aren't there, yet. Now that you have the identity, you most likely want to impersonate it. Luckily, this is a simple 2-liner... well, technically two 1-liners. I should also say that, if you want to do impersonation with an already-obtained WindowsIdentity (and you don't have a password), you'll start here.

ImpersonationContext context = GetIdentity("mydomain", "me", "mypassword").Impersonate();
// do work as impersonated user
context.Undo();

That's it. Enjoy!


MSTest Helper: Create Private Accessor

By Michael Flanakin @ 2:03 PM :: 7229 Views :: .NET, Development :: Digg it!

I just found something very useful in Visual Studio 2008 a few days ago. I've been using MSTest for about 2 years, now, and one thing I liked initially was the wizard that would generate test stubs for you. I liked that it gave you somewhere to start. After using it more and more, I began to hate it, tho. I guess the problem is I'm anal about how my code looks and I end up changing everything. So, I started generating the classes myself. The only problem with this approach is the private member accessor the wizard generates is no longer there. Not desirable, but there's an easy fix: run thru the wizard quickly and delete the methods. At least, that was until a few days ago. In VS08, all you need to do is open the file of the desired class, right click the background, select the Create Private Accessor menu item, and then pick the test project to add it to. VS has so many menu items, it's easy to overlook the really useful ones, so I figured this one was worth sharing. Hopefully, Sara Ford Syndicated feed is listening.

Creating a private accessor with MSTest in VS 2008


Lenovo Keyboard Layout Survey

By Michael Flanakin @ 10:22 AM :: 3425 Views :: Technology, User Experience :: Digg it!

I've talked about my desire for a keyboard layout standard, especially with respect to laptops. Heck, I've even tossed the idea of buying a MacBook out the window because of their horrible keyboard. For me, this is the first thing I look at when considering a new laptop. Since last year, when I bought my first Lenovo, I've been griping about the ridiculous Fn key, which is on the wrong side of the Ctrl key. That's not my only complaint, but it's the biggest one. The next is the Esc key that's above F1, which causes me to press F1 occasionally. There's a few more, but I'll spare you. Luckily, Lenovo fans have a small glimmer of hope: Lenovo keyboard layout survey. This was recently mentioned on the Lenovo Design Matters blog Syndicated feed. Go, go, GO!!! Unfortunately, this doesn't explicitly ask about the Fn key, but I definitely left a comment about it. Please take the survey, but if you contribute to them screwing up the 3x2 Insert/Delete, Home/End, Page Up/Down keys, I'm coming after you.

Lenovo keyboard layout survey


Feed Update

By Michael Flanakin @ 8:06 AM :: 1459 Views :: Technology, Other :: Digg it!

Feed Update, thanks to FeedBurner

I hate self-promotional posts, which is why I never announced my move from Geeks w/ Blogs to my personal server and why I never moved to MSDN blogs, but I feel like this one at least serves a purpose for other bloggers...

I'm doing something I've been meaning to do for a while: update the URL of my feeds. I use FeedBurner, which has been nice, but I've always hated using a FeedBurner URL. I thought about creating a reverse proxy to do it, but never felt the sheer need to spend the time to do that. Luckily, FeedBurner has done the work for me. I'm not sure if this is a new service or not, but I have to thank Scott Watermasysk Syndicated feed for pointing me to FeedBurner MyBrand. This feature allows you to specify a custom domain for your feeds. While not the complete flexibility I'd like, it at least gives me the ability to maintain a controlled domain name in case I ever decide to self-host my feed.

With this, the following are my new feed URLs:

I'm probably going to be scrapping my feedback and ratings blogs. Feedback is too tedious because I have too many ideas and ratings gets annoying because I put everything in Netflix and sometimes IMDB. I'm looking for a good platform to support this type of blog, but haven't found one, yet. I'll probably just create some mashup using Netflix's feed.


Lower Xbox Prices = New Xbox Platform?

By Michael Flanakin @ 2:22 PM :: 1327 Views :: Technology, Predictions :: Digg it!

Here's some "Yellow Submarine" talk about the Xbox... by the way, if you didn't catch that reference, then you're missing out on Mac Break Weekly Syndicated feed, which is entertaining to all. But, I digress... The Xbox 360 has been dropping its price over the past few months, it seems like. I look at this and think about how long it's been since there's been a serious upgrade and I have to wonder if we might be seeing the very typical price drop before a new release. I have absolutely 0 knowledge about anything related to the Xbox and don't even own one, but I do admit that I'd be very intrigued by a new platform... probably enough to actually go out and buy one, which means a lot to me since I'm not a gamer. We'll see. Supposedly there will be something coming out at E3.


MSDN Subscription: July 2008

By Michael Flanakin @ 10:41 AM :: 1219 Views :: MSDN Subscriptions :: Digg it!

MSDN

The following consists of the English DVD updates released under the MSDN Premium (Team Suite) subscription level for July 2008.

Operating Systems

  • Disc 4455.01 / Part X14-95954
    • Windows Vista® with Service Pack 1 (x64 and x86) (English)
    • Windows Vista® Service Pack 1 Update (DVD-5 ISO) (Multilanguage)

Developer Tools

  • Disc 4583 / Part X14-95855
    • Expression® Studio 2 (English)

For more information, see the MSDN Subscriptions Index.