信息系统中用户的域AD认证功能

{

The LogonUser function attempts to log a user on to the local computer. The local computer is the computer from which LogonUser was called. You cannot use LogonUser to log on to a remote computer. You specify the user with a user name and domain and authenticate the user with a plaintext password. If the function succeeds, you receive a handle to a token that represents the logged-on user. You can then use this token handle to impersonate the specified user or, in most cases, to create a process that runs in the context of the specified user.

BOOL LogonUser(
  __in      LPTSTR lpszUsername,//UserName
  __in_opt  LPTSTR lpszDomain,//Domain
  __in_opt  LPTSTR lpszPassword,//password
  __in      DWORD dwLogonType,//Logon Type
  __in      DWORD dwLogonProvider,//LogonProvider
  __out     PHANDLE phToken//A pointer to a handle variable that receives a handle to a token that represents the specified user

);

}

function   ValidateUserLogonAPI(const   UserName:   string; const   PassWord:   string):   boolean;

var

    Retvar:   boolean;

    LHandle:   THandle;

begin

    Retvar   :=   LogonUser(PChar(UserName),

        PChar(string(OP_ADDomain)),   PChar(PassWord),

        LOGON32_LOGON_NETWORK,//This logon type is intended for high performance servers to authenticate plaintext passwords. The LogonUser function does not                                              //cache credentials for this logon type.

        LOGON32_PROVIDER_DEFAULT,//Use the standard logon provider for the system.

        LHandle);

    if   Retvar   then

        CloseHandle(LHandle);//close the handle

    Result   :=   Retvar;

end;