2.2.1.4.15 NETLOGON_LOGON_IDENTITY_INFO

  • Article

The NETLOGON_LOGON_IDENTITY_INFO structure defines a logon identity within a domain.

 typedef struct _NETLOGON_LOGON_IDENTITY_INFO {
   RPC_UNICODE_STRING LogonDomainName;
   ULONG ParameterControl;
   OLD_LARGE_INTEGER Reserved;
   RPC_UNICODE_STRING UserName;
   RPC_UNICODE_STRING Workstation;
 } NETLOGON_LOGON_IDENTITY_INFO,
  *PNETLOGON_LOGON_IDENTITY_INFO;

LogonDomainName: Contains the NetBIOS name of the domain of the account. The case of the domain name MUST be preserved across all messages.

ParameterControl: A set of bit flags that contain information pertaining to the logon validation processing. A flag is TRUE (or set) if its value is equal to 1. The value is constructed from zero or more bit flags from the following table.


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

X

W

V

U

T

S

R

Q

0

0

0

P

0

0

0

O

0

N

M

L

K

J

I

H

G

F

E

D

C

B

A

0

Where the bits are defined as:

Value

Description

A

Clear text passwords can be transmitted for this logon identity.

B

Update the logon statistics for this account upon successful logon.

C

Return the user parameter list for this account upon successful logon.

D

Do not attempt to log this account on as a guest upon logon failure.

E

Allow this account to log on with the domain controller account.

F

Return the password expiration date and time upon successful logon.

G

Send a client challenge upon logon request.

H

Attempt logon as a guest for this account only.

I

Return the profile path upon successful logon.

J

Attempt logon to the specified domain only.

K

Allow this account to log on with the computer account.

L

Disable allowing fallback to guest account for this account.

M

Force the logon of this account as a guest if the password is incorrect.

N

This account has supplied a clear text password.

O

Allow NTLMv1 authentication ([MS-NLMP]) when only NTLMv2 ([NTLM]) is allowed.

P

Use sub-authentication ([MS-APDS] section 3.1.5.2.1).

Q - X

Encode the sub-authentication package identifier. Bits Q–X are used to encode the integer value of the sub-authentication package identifier (this is in little-endian order).

Reserved: MUST be set to zero when sent and MUST be ignored on receipt.

UserName: Contains the name of the user.

Workstation: Contains the NetBIOS name of the workstation from which the user is logging on.