> I'm trying to setup an automatic logon process.  I've gotten this to
> work in VB.Net and setting the necessary registry entries.  However I
> don't want the password to appear in the registry and was told in
> another post that I should use LsaStorePrivateData
> (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seca
> uthn/security/protecting_the_automatic_logon_password.asp)
>
> Now I'm trying to access this from VB.Net and not having any success.
> When I try to set a reference to C:\Windows\System32\Advapi32.dll I
> get the following error message:
>
> A reference to c:\windows\system32\advapi32.dll could not be added.
> This
> is not a valid assemble or COM component.  ....
> Do I need to use C# to use this function?  I haven't written any C
> yet.
>

>
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
> > I'm trying to setup an automatic logon process.  I've gotten this to
> > work in VB.Net and setting the necessary registry entries.  However I
> > don't want the password to appear in the registry and was told in
> > another post that I should use LsaStorePrivateData
> > (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seca
> > uthn/security/protecting_the_automatic_logon_password.asp)
> >
> > Now I'm trying to access this from VB.Net and not having any success.
> > When I try to set a reference to C:\Windows\System32\Advapi32.dll I
> > get the following error message:
> >
> > A reference to c:\windows\system32\advapi32.dll could not be added.
> > This
> > is not a valid assemble or COM component.  ....
> > Do I need to use C# to use this function?  I haven't written any C
> > yet.
> >
>
>
>
>

> "Dominick Baier [DevelopMentor]" wrote:
>
>> Hello Larry,
>>
>> don't use the LSA secrets - even Microsoft tries to kill all code
>> that uses that.
>>
> I noticed this but they don't specify where to store the logon
> password if you uses CryptProtectData.
>
>> Encrypt the password with DPAPI and store it somewhere.
>>
> I would need to know where to store it so the autologon continues to
> work.
>
> I assume that storing it to the registry under "DefaultPassword"
> wounldn't work because the system would have no way of knowing its
> been encrypted.
>
>> btw - accessing LSA secrets requires local system privileges - do you
>> really want to run with that elevated privileges??
>>
> I assume an administrator would have this privilege?
>
>> DPAPI wrapper for .NET 1.1 (in 2.0 this is available managed using
>> the ProtectedData
>> class)
>> http://www.leastprivilege.com/DPAPITools.aspx
> I'll check out the code to see If it helps me.  Thanks for the reply.
>
>> ---------------------------------------
>> Dominick Baier - DevelopMentor
>> http://www.leastprivilege.com
>>> I'm trying to setup an automatic logon process.  I've gotten this to
>>> work in VB.Net and setting the necessary registry entries.  However
>>> I don't want the password to appear in the registry and was told in
>>> another post that I should use LsaStorePrivateData
>>> (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/se
>>> ca uthn/security/protecting_the_automatic_logon_password.asp)
>>>
>>> Now I'm trying to access this from VB.Net and not having any
>>> success. When I try to set a reference to
>>> C:\Windows\System32\Advapi32.dll I get the following error message:
>>>
>>> A reference to c:\windows\system32\advapi32.dll could not be added.
>>> This
>>> is not a valid assemble or COM component.  ....
>>> Do I need to use C# to use this function?  I haven't written any C
>>> yet.