Home/ Questions/Q 3496938
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-18T12:18:36+00:00

I have a .Net client WPF application using System.DirectoryServices and LDAP for authentication. On

  • 0

I have a .Net client WPF application using System.DirectoryServices and LDAP for authentication. On start of the app, I want to force users to re-authenticate using their domain account (which is how they logged into windows). I understand I can use the following to perform the authentication when a connection is available.

DirectoryEntry entry = new DirectoryEntry("LDAP://" + domain,
            userName, password);

The wrinkle is that the application is at times used by remote users who may not have a connection. Windows itself still allows domain users to sign on even when disconnected. Is there a similar means of authenticating users in a disconnected environment using the .Net Framework?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Believe I found a way to do this using the LogonUser function of advapi32.dll.

     Dim tokenHandle As New IntPtr(0)
 Const LOGON32_PROVIDER_DEFAULT As Integer = 0
 Const LOGON32_LOGON_INTERACTIVE As Integer = 2
 tokenHandle = IntPtr.Zero
 Dim returnValue As Boolean = LogonUser("<username>", "<domain>", "<password>", LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, tokenHandle)

 Private Declare Auto Function LogonUser Lib "advapi32.dll" (ByVal lpszUsername As [String], _
                        ByVal lpszDomain As [String], ByVal lpszPassword As [String], _
                        ByVal dwLogonType As Integer, ByVal dwLogonProvider As Integer, _
                        ByRef phToken As IntPtr) As Boolean

    When disconnected this appears to validate against the local cached version of the last log on.

    • 0