I am using the LogonUser function (http://msdn.microsoft.com/en-us/library/aa378184(VS.85).aspx) to authenticate users. However i have found that if a user changes their password (ie from Password1 to Password2) both passwords will then work. However i would like it so that only the current password can be used. Is there something i need to set to get this to work like that?
I am using the following code snippet:
LogonUser(nt_id, NULL, nt_password, LOGON32_LOGON_NETWORK, 3, &hToken );
nt_id is going in in the format of USER@USERDOMAIN.SOMETHING.COM
and i have 3 there in place of LOGON32_PROVIDER_WINNT50, because i would get a compile error saying undeclaired identifier for LOGON32_PROVIDER_WINNT50 (could this be a symptom?) but i know it is defined as 3.
Thanks, -Pete
The compile-time error is probably there because you haven't
#define _WIN32_WINNT 0x0500
before including windows.h or added it as a compile-time setting (-D_WIN32_WINNT=0x0500).
Why LogonUser would work with both the new and the old password is beyond me though. But since what you want is to authenticate users (as opposed to impersonating them) according to MSDN it's more appropriate to use the SSPI API (here's the recommended way).