Click here to Skip to main content
13,043,491 members (51,349 online)
Click here to Skip to main content
Add your own
alternative version


10 bookmarked
Posted 30 Mar 2005

User authentication using SSPI and AutoLogOn

, 30 Mar 2005
Rate this:
Please Sign up or sign in to vote.
An AutoLogOn program with user authentication check.

Sample Image


Sometimes you may want an application to verify a user's user name and password on the network or on the local machine. This is a more elegant approach to handle the authentication rather than using some application defined credentials.


On Windows XP, the existing LogonUser Windows API might do just fine, but on WinNT and Win2K, your process must have the SE_TCB_NAME privilege set. To a large extent, the CCredentials class will only dress up some C code provided at KB 180548 in a more OOP approach.

As a quick application for this class, I've created an AutoLogon program that would set the proper Registry entries that will suppress the logon prompt after a reboot. The trick is to set the proper credentials, and the authentication process makes sure that any typos won't get in your way to achieve the desired result. The code uses COM conventions and styles, but CCredentials is still a regular class.

Using the code

You need to create a class, set the domain name, username and password, and then check the authentication result by calling CCredentials::get_IsNTAuthenticatedUser.

CCredentials NTCrd;

//NT Authentication
if(FAILED( NTCrd.get_IsNTAuthenticatedUser(&vbAuthenticated)) ||
           vbAuthenticated == VARIANT_FALSE)
    if(MessageBox( hDlg, 
       "This user cannot be authenticated!\nDo you want to continue anyway?",
       "User Authentication Failed", MB_ICONERROR|MB_YESNO ) == IDNO)

get_IsNTAuthenticatedUser uses APIs found in security.dll/secur32.dll that acquire, initialize, and complete the authentication for the server and the client. For more information on this topic, you will need to consult the MSDN.

Points of Interest

On a WinXP machine, make sure that the ForceGuest Registry value is set to 1 in the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa Registry key.


This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


About the Author

Software Developer (Senior)
United States United States
Decebal Mihailescu is a software engineer with interest in .Net, C# and C++.

You may also be interested in...


Comments and Discussions

QuestionTimer Pin
Member 1077978727-Apr-14 22:26
memberMember 1077978727-Apr-14 22:26 
QuestionCould you fix the horizontal scrolling problem? Pin
WREY30-Mar-05 8:19
memberWREY30-Mar-05 8:19 
AnswerRe: Could you fix the horizontal scrolling problem? Pin
dmihailescu30-Mar-05 9:29
memberdmihailescu30-Mar-05 9:29 
GeneralRe: Could you fix the horizontal scrolling problem? Pin
WREY30-Mar-05 9:49
memberWREY30-Mar-05 9:49 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

Permalink | Advertise | Privacy | Terms of Use | Mobile
Web02 | 2.8.170713.1 | Last Updated 30 Mar 2005
Article Copyright 2005 by dmihailescu
Everything else Copyright © CodeProject, 1999-2017
Layout: fixed | fluid