Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
How can you get a user token from Logonuser for a user account with no password?
In particular Logonuser will fail for accounts that do not have passwords.
You can validate an account by checking for a blank password + checking for GetLastError() == ERROR_ACCOUNT_RESTRICTION.
But I need to actually get a token returned, so I need this function to succeed.
This will fail if the registry setting LimitBlankPasswordUse is enabled, which it is by default. In order to disable this change the LimitBlankPasswordUse value under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa to zero. Or change the group policy setting under Security Options.
Be aware that this creates a security hole since it allows remote logons for accounts with null passwords.