I have an application which needs to check the Windows session password of the user.
For this, I am using the LogonUser function from Windows API. The user can be connected to a domain.
result = LogonUserW(wUsername, wDomain, wPassword, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, pH);
When the user is connected to the domain, the function works well, however, when the user turns off the wifi, or unplug the lan-cable so that he is offline, the function always returns with the error code 1311, which has the meaning "There are currrently no logon servers available to service the logon request".
The LogonUser function has as fourth parameter the type of logon operation to perform. The documentation says that if the value of this parameter is "LOGON32_LOGON_INTERACTIVE", the logon type has the additional expense of caching logon information for disconnected operations, so shouldn't this work in the case the user is in the field?
Thanks in advance for your help.
I ended up using the Security Support Provider Interface (SSPI) as described as an alternative to the LogonUser API in this page : How to validate user credentials on Microsoft operating systems
Using the SSPLogonUser function as provided in the code snippet allowed me to check for the user credentials while connected to the domain, but also when the domain controller wasn't reachable (where in that case, it failed with the LogonUser API).