I have a custom credential provider that I use to perform logon operations. I looked to see if it is possible to obtain logon status within credential provider, and I do not see any API's that provide logon status in credential provider.
I see we have couple of API's like WM_WTSSESSION_CHANGE and also reading through the Security event logs in windows. But is there a way to identify the logon status from credential provider.
Specifically, can I use ReportResult to get the valid logon status.
HRESULT DCVWindowsCredential::ReportResult(NTSTATUS ntsStatus,
NTSTATUS ntsSubstatus,
_Outptr_result_maybenull_ PWSTR *ppwszOptionalStatusText,
_Out_ CREDENTIAL_PROVIDER_STATUS_ICON *pcpsiOptionalStatusIcon)
There is a ReportResult API which provides the status of the logon - ERROR_SUCCESS or the error code with substatus that can be used to determine if logon succeeded or not.