SECPKG_PRIMARY_CRED structure (ntsecpkg.h)

The SECPKG_PRIMARY_CRED structure contains the primary credentials. This structure is used by the LsaApLogonUserEx2 and SpAcceptCredentials functions.

Syntax

typedef struct _SECPKG_PRIMARY_CRED {
  LUID           LogonId;
  UNICODE_STRING DownlevelName;
  UNICODE_STRING DomainName;
  UNICODE_STRING Password;
  UNICODE_STRING OldPassword;
  PSID           UserSid;
  ULONG          Flags;
  UNICODE_STRING DnsDomainName;
  UNICODE_STRING Upn;
  UNICODE_STRING LogonServer;
  UNICODE_STRING Spare1;
  UNICODE_STRING Spare2;
  UNICODE_STRING Spare3;
  UNICODE_STRING Spare4;
} SECPKG_PRIMARY_CRED, *PSECPKG_PRIMARY_CRED;

Members

LogonId

The logon identifier.

DownlevelName

A UNICODE_STRING structure that contains the Security Accounts Manager account name.

DomainName

A UNICODE_STRING structure that contains the NetBIOS domain name where the account is located.

Password

A UNICODE_STRING structure that contains the logon password. When you have finished using the password, remove the sensitive information from memory by calling SecureZeroMemory. For more information on protecting the password, see Handling Passwords.

OldPassword

A UNICODE_STRING structure that contains the old password. When you have finished using the old password, remove the sensitive information from memory by calling SecureZeroMemory.

UserSid

Pointer to the security identifier.

Flags

The set of primary credentials flags. The following table lists the valid values for the Flags member.

Value Meaning
PRIMARY_CRED_CLEAR_PASSWORD
The passwords are in plaintext.
PRIMARY_CRED_OWF_PASSWORD
The passwords are encrypted using a one-way function.
PRIMARY_CRED_UPDATE
This is a change of existing credentials.
PRIMARY_CRED_CACHED_LOGON
The credentials were obtained from a cached logon. For more information, see Remarks.

DnsDomainName

A UNICODE_STRING structure that contains the DNS domain name where the user account is located, if known.

Upn

A UNICODE_STRING structure that contains the user principal name (UPN), if known.

LogonServer

A UNICODE_STRING structure that contains the name of the server that processed the logon.

Spare1

A UNICODE_STRING structure. Reserved.

Spare2

A UNICODE_STRING structure. Reserved.

Spare3

A UNICODE_STRING structure. Reserved.

Spare4

A UNICODE_STRING structure. Reserved.

Remarks

For cached logons, the RPC identifier of the package that performs the logon is identified by shifting the Flags member to the right by using the PRIMARY_CRED_LOGON_PACKAGE_SHIFT constant defined below.

#define PRIMARY_CRED_LOGON_PACKAGE_SHIFT 24

Requirements

Requirement Value
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Header ntsecpkg.h