question

RituVarkey-3476 avatar image
0 Votes"
RituVarkey-3476 asked SongZhu-MSFT answered

LogonUser() is not working for Azure AD user when username is in UPN format

This is my code to check if the password entered by user is correct.
My user is an AzureAD user logged in to a windows 10 Azure AD joined machine.

if (LogonUser(upn., NULL, pwd, LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT, &token) != 0)

LogonUser fails with error 1326 . Invalid username or password.
But the same in Domain\username format works correctly.

What do I do to get it working when username is in UPN format

c++azure-ad-domain-services
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Sorry I did not reproduce the error, maybe the error was caused by the string. You may also need to include the AzureAD domain.

1 Vote 1 ·

Including AzureAD in the domain field solved the isssue. The documentation for LogonUser API mentions setting domain parameter to null in case of username in upn format. That works for on-prem AD users. But Azure AD users require domain field to be set with "AzureAD".
The microsoft document seems to be old. It would be good to update the document.

0 Votes 0 ·

1 Answer

SongZhu-MSFT avatar image
0 Votes"
SongZhu-MSFT answered

Maybe you need to include AzureAD in the domain.

Regarding the content of the document, I will contact the internal engineer and check how to update the content of the document.



If the answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.