Compartilhar via


CECREDENTIAL (Compact 2013)

3/28/2014

This structure is used by the Credential Manager API to read credentials from, and write credentials to, the registry. This structure is deprecated, use the CRED structure instead.

Syntax

typedef struct _CECREDENTIAL {
  DWORD Flags;
  DWORD Type;
  FILETIME LastWritten;
  DWORD CredentialBlobSize;
  LPBYTE CredentialBlob;
  DWORD Persist;
  LPTSTR UserName;
} CECREDENTIAL, *PCECREDENTIAL;

Members

  • Flags
    Bit field that specifies the credential's characteristics. Undefined bits must be set to zero. The following table shows the possible flag.

    Flag

    Description

    CRED_FLAGS_PROMPT_NOW

    If set, only the user name is saved; the credential BLOB (password) has not been written into the structure.

    NetUI writes the credential with this flag set, assuming the domain password will not be written until the user is prompted for it.

    Ee497996.note(en-us,WinEmbedded.80).gifNote:
    This structure and this flag are both deprecated. Instead of using this flag, you should set the credential blob to NULL instead.

    See Remarks section for the other deprecated flags for this field.

  • Type
    Credential type, which cannot be changed after the credential is created.

    Applications should allow for credential types they do not recognize. The following table shows the credential types.

    Type

    Description

    CRED_TYPE_GENERIC

    Stored as an opaque BLOB, but it has no identifying characteristics.

    CRED_TYPE_DOMAIN_PASSWORD

    Network user name and password.

    CRED_TYPE_DOMAIN_CERTIFICATE

    A certificate credential specific to Microsoft authentication packages. It is a hash of the contents of a certificate in the local certificate store.

    CRED_TYPE_DOMAIN_VISIBLE_PASSWORD

    A plaintext password, such as those used by Passport and RAS.

    CRED_TYPE_DOMAIN_NTLM_PASSWORD

    For internal use.

    CRED_TYPE_DOMAIN_KERBEROS_PASSWORD

    For internal use.

  • LastWritten
    Specifies the last time the stored credential was modified in UTC format.
  • CredentialBlobSize
    Size of the CredentialBlob data pointed to, in bytes. It cannot be longer than CRED_MAX_CREDENTIAL_BLOB_SIZE.
  • CredentialBlob
    Pointer to the credential data.

    Credentials are expected to be portable. It is the application's responsibility to define the alignment and byte orientation of the data CredentialBlob points to. The following table shows the credential types.

    Type

    Description

    CRED_TYPE_GENERIC

    Defined by the application.

    CRED_TYPE_DOMAIN_PASSWORD

    Unused. Should be NULL.

    CRED_TYPE_DOMAIN_CERTIFICATE

    Points to an MD5 hash of the certificate. The hash indexes the certificate in the MY store.

    CRED_TYPE_DOMAIN_VISIBLE_PASSWORD

    Points to the cleartext Unicode password for UserName. The string pointed to is not a C string and does not include a trailing zero.

    CRED_TYPE_NTLM_PASSWORD

    Points to a credential with NTLM format.

    CRED_TYPE_KERBEROS_PASSWORD

    Points to a credential with Kerberos format.

  • Persist
    Defines the persistence of the credential. The following table shows the possible flags.

    Flag

    Description

    CRED_PERSIST_NONE

    Same as CRED_PERSIST_SESSION.

    CRED_PERSIST_SESSION

    This credential persists only for the current logon session. It is not visible to other logon sessions of the same user. It is discarded when the user logs off.

    CRED_PERSIST_LOCAL_MACHINE

    This credential is now the same as CRED_FLAG_PERSIST.

    Credential will be persisted in the registry. If this flag is not set, then the credential is stored in memory and cannot be retrieved subsequent to a soft reset.

    CRED_PERSIST_ENTERPRISE

    This credential is now the same as CRED_FLAG_PERSIST.

    Credential will be persisted in the registry. If this flag is not set, then the credential is stored in memory and cannot be retrieved subsequent to a soft reset.

  • UserName
    Points to a C string with the user name of the account. It cannot be longer than CRED_MAX_USERNAME_LEN characters, including the trailing NULL.

    If the type is CRED_TYPE_GENERIC, the Credential Manager ignores this field, even if it is non-NULL.

    If the type is CRED_TYPE_DOMAIN_VISIBLE_PASSWORD or CRED_TYPE_DOMAIN_PASSWORD, the string is a DomainName\UserName, such as YourDomainName\KimAkers.

Remarks

Other deprecated flags include CRED_FLAGS_USERNAME_TARGET, CRED_FLAGS_PERSIST_CRED_BLOB, and CRED_FLAGS_VALID_FLAGS. Use CRED instead.

Requirements

Header

credmgr.h

See Also

Reference

Credential Manager Structures