This small powershell module provides a way to impersonate a user on Windows by calling a powershell method with its credentials.
Originally, this was made to solve an issue:
When remotely connected to a Windows machine using WinRM (Windows Remote Management), WMI (Windows Management Infrastructure) commands would fail to retrieve information and we would receive a WMI Generic Failure error message or blank values/result (ex: serial number of a disk drive etc.).
Connected locally with the same user, the commands work fine, so the discriminant factor would be the session (local vs remote) that queried the information.
We remotely connect via WinRM then we impersonate ourself upon Windows (with same credentials used for WinRM). We end up in a sub-session to the remote one. In this one, WMI commands do not fail anymore.
winlogonExample.ps1: provides an example of how to use / call the script.- It imports the powershell module, call its
WinLoginmethod, retrieve some device information viawmithen logout the sub-session viaWinLogout
- It imports the powershell module, call its
winlogonModule.psm1is the powershell module that exposes two methods:WinLoginandWinLogout- This module uses powershell's
AddType -TypeDefinitioncommand to inject C# code into the current PowerShell session. The injected code is then used within exposed methods.
- This module uses powershell's
winlogonSignature.csis the C# code that is responsible for exposingLogonUserWin32 API method to the Powershell via .NET objects.
Information in this README may be incomplete as code written 6-7 years before README redaction. Please check code and logic prior using.
To solve WMI errors, WinLogin must be called when already connected remotely via WinRM.
May not be used in multiple threads as we use global variables.