Export (0) Print
Expand All
Expand Minimize

CredPackAuthenticationBuffer function

The CredPackAuthenticationBuffer function converts a string user name and password into an authentication buffer.

Beginning with Windows 8 and Windows Server 2012, the CredPackAuthenticationBuffer function converts an identity credential into an authentication buffer, which is a SEC_WINNT_AUTH_IDENTITY_EX2 structure. This buffer can be passed to LsaLogonUser, AcquireCredentialsHandle, or other identity provider interfaces.

Syntax


BOOL WINAPI CredPackAuthenticationBuffer(
  _In_     DWORD dwFlags,
  _In_     LPTSTR pszUserName,
  _In_     LPTSTR pszPassword,
  _Out_    PBYTE pPackedCredentials,
  _Inout_  DWORD *pcbPackedCredentials
);

Parameters

dwFlags [in]

Specifies how the credential should be packed. This can be a combination of the following flags.

ValueMeaning
CRED_PACK_PROTECTED_CREDENTIALS

Encrypts the credential so that it can only be decrypted by processes in the caller's logon session.

CRED_PACK_WOW_BUFFER

Encrypts the credential in a WOW buffer.

CRED_PACK_GENERIC_CREDENTIALS

Encrypts the credential in a CRED_GENERIC buffer.

CRED_PACK_ID_PROVIDER_CREDENTIALS

Encrypts the credential of an online identity into a SEC_WINNT_AUTH_IDENTITY_EX2 structure. If CRED_PACK_GENERIC_CREDENTIALS and CRED_PACK_ID_PROVIDER_CREDENTIALS are not set, encrypts the credentials in a KERB_INTERACTIVE_LOGON buffer.

Windows 7, Windows Server 2008 R2, Windows Vista, Windows Server 2008:  This value is not supported.

 

pszUserName [in]

A pointer to a null-terminated string that specifies the user name to be converted. For domain users, the string must be in the following format:

DomainName\UserName

For online identities, if the credential is a plaintext password, the user name format is ProviderName\UserName. If the credential is a SEC_WINNT_AUTH_IDENTITY_EX2 structure, the user name is an encoded string that is the UserName parameter output of a function call to SspiEncodeAuthIdentityAsStrings.

For smart card or certificate credentials, the user name is an encoded string that is the output of a function call to CredMarshalCredential with the CertCredential option.

Windows Server 2008 R2, Windows 7, Windows Server 2008, and Windows Vista:  Online identities are not supported.

pszPassword [in]

A pointer to a null-terminated string that specifies the password to be converted.

For SEC_WINNT_AUTH_IDENTITY_EX2 credentials, the password is an encoded string that is in the ppszPackedCredentialsString output of a function call to SspiEncodeAuthIdentityAsStrings.

For smart card credentials, this is the smart card PIN.

Windows Server 2008 R2, Windows 7, Windows Server 2008, and Windows Vista:  Online identities are not supported.

pPackedCredentials [out]

A pointer to an array of bytes that, on output, receives the packed authentication buffer. This parameter can be NULL to receive the required buffer size in the pcbPackedCredentials parameter.

pcbPackedCredentials [in, out]

A pointer to a DWORD value that specifies the size, in bytes, of the pPackedCredentials buffer. On output, if the buffer is not of sufficient size, specifies the required size, in bytes, of the pPackedCredentials buffer.

Return value

TRUE if the function succeeds; otherwise, FALSE.

For extended error information, call the GetLastError function, which may return the following error codes.

Return codeDescription
ERROR_INSUFFICIENT_BUFFER

The buffer provided by pPackedCredentials is too small.

 

Requirements

Minimum supported client

Windows Vista [desktop apps only]

Minimum supported server

Windows Server 2008 [desktop apps only]

Header

WinCred.h

Library

Credui.lib

DLL

Credui.dll

Unicode and ANSI names

CredPackAuthenticationBufferW (Unicode) and CredPackAuthenticationBufferA (ANSI)

 

 

Community Additions

ADD
Show:
© 2014 Microsoft