Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Validating logins
Message
 
To
29/03/2016 15:26:39
Tuvia Vinitsky
Vci
Chicago, Illinois, United States
General information
Forum:
Visual FoxPro
Category:
Windows API functions
Title:
Re: Validating logins
Miscellaneous
Thread ID:
01633943
Message ID:
01633946
Views:
76
>I have a mandated scenario where there is one master login to the RDP server. The VFP app requests the user's windows/AD login name and password and validates that the two are correct.
>
>I have a problem with the way I usually would do this, and I do not know another way.
>
>(I can get other info from LDAP object as needed.) For login verification I input the user domain name and password, then use
>
>	loUser = GETOBJECT("WinNT://" + tDomain + "/" + ALLTRIM(tuser) + ",user")
>       try
>	      loUser.ChangePassword (tpassword,tpassword)   
>     catch
>           llPasswordVerified = .F.
>     endtry
>
>	RetURN llPasswordVerified
>
>
>Trying to change the password lets me know if I have the correct password, and since I am changing it to what it is now, I am doing no harm.
>
>BUT - this network enforces not using passwords used in the past, so the ChangePassword function as I am using it always fails.
>
>Any suggestions?


We use LogonUser, if the session is created successfully then the password was OK, otherwise it was an invalid password, something like this:
#define LOGON32_PROVIDER_DEFAULT	0
#define LOGON32_LOGON_NETWORK		3

lparameters tcDomain, tcUser, tcPassword
local lnToken, llResult, lcUser, lcDomain, lcPassword

lcDomain		= Iif(Vartype(tcDomain) # 'C' or Empty(tcDomain), Getenv('UserDomain'), Alltrim(tcDomain))
lcUser		= Iif(Vartype(tcUser) # 'C' or Empty(tcUser), Getenv('UserName'), Alltrim(tcUser))
lcPassword	= Iif(Vartype(tcPassword) # 'C', '', tcPassword)

declare LogonUser in AdvAPI32 ;
	String	Username, ;
	String	Domain, ;
	String	Password, ;
	Integer	LogonType, ;
	Integer	LogonProvider, ;
	Long		@ Token ;
	
declare CloseHandle in Kernel32 ;
	integer	hObject

declare SetLastError in win32api ;
	integer	ErrCode
	
declare integer GetLastError in WIN32API

SetLastError(0)

lnToken			= 0
llResult			= LogonUser(lcUser, lcDomain, lcPassword, LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, @lnToken)

if llResult and lnToken # 0
	CloseHandle(lnToken)
	llResult		= .T.
else
	llResult		= .F.
	* Do something with GetLastError()
endif

return llResult
"The five senses obstruct or deform the apprehension of reality."
Jorge L. Borges?

"Premature optimization is the root of all evil in programming."
Donald Knuth, repeating C. A. R. Hoare

"To die for a religion is easier than to live it absolutely"
Jorge L. Borges
Previous
Next
Reply
Map
View

Click here to load this message in the networking platform