83 lines
2.7 KiB
Python
83 lines
2.7 KiB
Python
"""
|
|
Demonstrates prompting for credentials, saving, and loggging on with marshalled credential.
|
|
Also shows how to load user's profile
|
|
"""
|
|
|
|
import win32api
|
|
import win32con
|
|
import win32cred
|
|
import win32net
|
|
import win32profile
|
|
import win32security
|
|
|
|
## Prompt for a username/pwd for local computer
|
|
uiinfo = {
|
|
"MessageText": "Enter credentials for local machine",
|
|
"CaptionText": "win32cred_demo.py",
|
|
}
|
|
target, pwd, save = win32cred.CredUIPromptForCredentials(
|
|
TargetName=win32api.GetComputerName(),
|
|
AuthError=0,
|
|
Flags=win32cred.CREDUI_FLAGS_DO_NOT_PERSIST
|
|
| win32cred.CREDUI_FLAGS_SHOW_SAVE_CHECK_BOX,
|
|
Save=False,
|
|
UiInfo=uiinfo,
|
|
)
|
|
|
|
attrs = [
|
|
{"Keyword": "attr1", "Flags": 0, "Value": "unicode data"},
|
|
{"Keyword": "attr2", "Flags": 0, "Value": b"character data"},
|
|
]
|
|
cred = {
|
|
"Comment": "Created by win32cred_demo.py",
|
|
"UserName": target,
|
|
"TargetAlias": None,
|
|
"TargetName": target,
|
|
"CredentialBlob": pwd,
|
|
"Flags": win32cred.CRED_FLAGS_USERNAME_TARGET,
|
|
"Persist": win32cred.CRED_PERSIST_ENTERPRISE,
|
|
"Type": win32cred.CRED_TYPE_DOMAIN_PASSWORD,
|
|
"Attributes": attrs,
|
|
}
|
|
win32cred.CredWrite(cred)
|
|
pwd = None
|
|
print(win32cred.CredRead(target, win32cred.CRED_TYPE_DOMAIN_PASSWORD))
|
|
|
|
## Marshal saved credential and use it to log on
|
|
mc = win32cred.CredMarshalCredential(win32cred.UsernameTargetCredential, target)
|
|
|
|
# As of pywin32 301 this no longer works for markh and unclear when it stopped, or
|
|
# even if it ever did! # Fails in Python 2.7 too, so not a 3.x regression.
|
|
try:
|
|
th = win32security.LogonUser(
|
|
mc,
|
|
None,
|
|
"",
|
|
win32con.LOGON32_LOGON_INTERACTIVE,
|
|
win32con.LOGON32_PROVIDER_DEFAULT,
|
|
)
|
|
win32security.ImpersonateLoggedOnUser(th)
|
|
print("GetUserName:", win32api.GetUserName())
|
|
win32security.RevertToSelf()
|
|
|
|
## Load user's profile. (first check if user has a roaming profile)
|
|
username, domain = win32cred.CredUIParseUserName(target)
|
|
user_info_4 = win32net.NetUserGetInfo(None, username, 4)
|
|
profilepath = user_info_4["profile"]
|
|
## LoadUserProfile apparently doesn't like an empty string
|
|
if not profilepath:
|
|
profilepath = None
|
|
|
|
## leave Flags in since 2.3 still chokes on some types of optional keyword args
|
|
hk = win32profile.LoadUserProfile(
|
|
th, {"UserName": username, "Flags": 0, "ProfilePath": profilepath}
|
|
)
|
|
## Get user's environment variables in a form that can be passed to win32process.CreateProcessAsUser
|
|
env = win32profile.CreateEnvironmentBlock(th, False)
|
|
|
|
## Cleanup should probably be in a finally block
|
|
win32profile.UnloadUserProfile(th, hk)
|
|
th.Close()
|
|
except win32security.error as exc:
|
|
print("Failed to login for some reason", exc)
|