Export (0) Print
Expand All
Expand Minimize

GetCredentialKey function

Gets the credential key of the user logon credential.

Syntax


SEC_ENTRY GetCredentialKey(
  _In_      PVOID ProviderHandle,
  _In_opt_  PLUID LogonId,
  _In_opt_  PVOID AuthBuffer,
  _In_      ULONG AuthBufferSize,
  _In_      ULONG Reserved,
  _Out_     PUNICODE_STRING CredentialKey
);

Parameters

ProviderHandle [in]

Identity provider handle.

LogonId [in, optional]

If AuthBuffer is NULL, the LogonId parameter contains the logon ID of the logon session whose logon authority is the identity provider pointed to by the ProviderHandle parameter. The function uses the LogonId parameter to locate the user logon credential.

AuthBuffer [in, optional]

If LogonId is NULL, AuthBuffer provides the credential needed to authenticate the user to the online service and to compute the credential key. The credential key should be the same as one that would be returned given a logon ID of the logon session of the same user. This parameter is passed to the function when LSA disconnects a user. The AuthBuffer parameter is a SEC_WINNT_AUTH_IDENTITY_EX2 buffer. The buffer will not be encrypted because LSA will decrypt the buffer before passing it to the provider. If LogonId is not NULL, AuthBuffer must be NULL.

AuthBufferSize [in]

The size, in bytes, of the AuthBuffer buffer.

Reserved [in]

This parameter is reserved and must be set to zero.

CredentialKey [out]

A string buffer that represents the credential key. The string buffer must be allocated by the function by using the AllocateLsaHeap function.

Return value

If the function succeeds, the function returns SEC_E_OK.

If the function fails, the function may return one of the following error codes.

Return valueDescription
STATUS_INVALID_PARAMETER

A parameter is not valid. LogonId and AuthBuffer are both NULL or both non-NULL, or AuthBuffer contains a SEC_WINNT_AUTH_IDENTITY_EX2 structure that is not valid.

STATUS_BAD_VALIDATION_CLASS

The credential type in AuthBuffer is not recognized.

Others

Other provider-specific errors.

 

Remarks

Either the LogonId or the AuthBuffer parameter must be non-NULL, but both cannot be NULL or both cannot be provided on the same call to this function.

Requirements

Minimum supported client

Windows 8 [desktop apps only]

Minimum supported server

Windows Server 2012 [desktop apps only]

 

 

Community Additions

ADD
Show:
© 2014 Microsoft