After interactively logging into Windows, mapped network drives with stored credentials are automatically connected. In case of a different user for the remote network, these credentials are retrieved from the Windows credential manager as "Windows Credential".
I'm trying to achieve the same in a process created by the CreateProcessWithLogon command. In this case it is possible to identify the remembered connections by WNetOpenEnum with scope RESOURCE_REMEMBERED. By WNetGetConnection it can be figured out which of these resources are not connected.
The command WNetAddConnection2W allows to do this connection. It is possible to use default user and password, so the mapped network drives for these can be connected. It is also possible to provide them as strings, but it looks like there is no way to make this command reading the credentials from the Windows credential manager, even though there are flags to store them.
Therefor I've tried to do this by CredEnumerate or CredRead which is able to retrieve the credential, but the retrieved CREDENTIALW.CredentialBlobSize is 0 and CredentialBlob is NULL.
Since WNetAddConnection2W contains flags to store entered credentials to the credential manager, it seems logical that you can also use them. But I failed to figure out how.
I hope somebody can give me a tip how to resolve this problem.
In the meanwhile I have figured out that domain credentials could not be retrieved by design, they can only be written: https://learn.microsoft.com/en-us/windows/win32/secauthn/kinds-of-credentials
Therefor it is not possible to achieve what I was trying.