Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
How to use NT authentification for login
Message
From
01/03/2000 00:42:34
Ed Rauh
Trumbull, Connecticut, United States
 
General information
Forum:
Visual FoxPro
Category:
Client/server
Title:
Re: How to use NT authentification for login
Miscellaneous
Thread ID:
00337300
Message ID:
00339630
Views:
40
>>This is all either detailed API or ADSI; both can handle this, as long as authentication as opposed to actually changing the current session's user context is the goal. ADSI can manipulate passwords through the IADsUser object's ChangePassword method; there's detailed C++ code in the MSDN library.
>>
>>Also check the topics IADsUser, IADsUser Property Methods, ADSI Error Codes in the library. It's on the Web somewhere on the MSDN site, but there's several hundred pages of docs. A good book on the topic is "ADSI ASP Programmer's Reference" from WROX Press - see the link in my .sig
>
>Does ISAPI have anything to do with authorization? I've often wondered, " How would a local VFP client engage a particular server's ISAPI? Does the connect automatically start an ISAPI (if he's the guy?) session?". I'm still wondering <g>.

No need to wonder - check the MSDN Library under ISAPI; security context. The following is cut from the MSDN ref:

Passing Security Context
Windows establishes a security context for each logged on user. When IIS receives a request from a client, it authenticates the request and then impersonates the client. While IIS is impersonating the client, IIS operates within the confines of the authenticated client's security context. This security context may change during the various stages of request processing, depending on the nature of the client request. The following diagram illustrates the various security contexts that may play a part in request processing.

< diagram explaining things visually here >

The security context of the IIS process (inetinfo) is known as LocalSystem. However, when IIS is processing a client request, it will impersonate the context of the client that generated the request. If the client is authenticated with the Anonymous authentication scheme, the security context will be IUSR_machinename for in process applications and IWAM_machinename for applications running in an isolated process. If the client is authenticated with any other authentication scheme, the security context will map to the individual account of the client.
EMail: EdR@edrauh.com
"See, the sun is going down..."
"No, the horizon is moving up!"
- Firesign Theater

NT and Win2K FAQ .. cWashington WSH/ADSI/WMI site
MS WSH site ........... WSH FAQ Site
Wrox Press .............. Win32 Scripting Journal
eSolutions Services, LLC

The Surgeon General has determined that prolonged exposure to the Windows Script Host may be addictive to laboratory mice and codemonkeys
Previous
Next
Reply
Map
View

Click here to load this message in the networking platform