IConnectedIdentityProvider::ConnectIdentity method

Connects an identity to a domain user.

Syntax


HRESULT ConnectIdentity(
  [in, size_is(AuthBufferSize)]  BYTE *AuthBuffer,
  [in]                           ULONG AuthBufferSize
);

Parameters

AuthBuffer [in]

A marshaled authentication buffer SEC_WINNT_AUTH_IDENTITY_EX2 structure that contains the credential of the online identity. The buffer can be constructed by the caller by using the CredPackAuthenticationBuffer function with the CRED_PACK_ID_PROVIDER_CREDENTIALS option or returned by an online identity credential provider from the CredUIPromptForWindowsCredentials function. The buffer can be optionally encrypted by calling the SspiEncryptAuthIdentityEx function with the SEC_WINNT_AUTH_IDENTITY_ENCRYPT_SAME_LOGON option.

AuthBufferSize [in]

Size, in bytes, of the AuthBuffer parameter.

Return value

If the method succeeds, returns S_OK.

If the method fails, returns a Win32 error code.

Return codeDescription
S_OK

The method succeeded.

ERROR_LOGON_FAILURE

The user name or password is not correct.

ERROR_USER_EXISTS

The domain user is already connected or associated with an online identity from this provider.

ERROR_INVALID_ACCOUNT_NAME

The format of the online user name is not valid.

 

Remarks

The AuthBuffer parameter can be encrypted in the system context if the credential is collected on the secure desktop. In that case, the identity provider cannot decrypt the credential in the current process. To decrypt the buffer, the identity provider will need to send the credential to a process that is running in the system context.

Requirements

Minimum supported client

Windows 8 [desktop apps only]

Minimum supported server

Windows Server 2012 [desktop apps only]

Header

Identityprovider.h

IDL

Identityprovider.idl

See also

IConnectedIdentityProvider

 

 

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.