How to use NT authentification for login

Plateforme Level Extreme

Abonnement

Profil corporatif

Produits & Services

Support

Légal

English

How to use NT authentification for login

Message

26/04/2000 18:03:14

Rick Strahl
West Wind Technologies
Maui, Hawaii, États-Unis

26/04/2000 10:19:06

Bill Caton
MAXIMUS
Lawrenceville, Georgie, États-Unis

Information générale

Forum:

Visual FoxPro

Catégorie:

Client/serveur

Titre:

Re: How to use NT authentification for login

Divers

Thread ID:

00337300

Message ID:

00363826

Vues:

Try one of the other logon types. Your account may not have network access rights.

+++ Rick ---

>Hi Rick,
>
>I have been trying to use the code you posted below to validate an NT login. I have successfully gotten it to work on my NT Workstaion, but on my NT Server functioning as my web server, I consistently get the GetLastError() return of 1314 ( ERROR_PRIVILEGE_NOT_HELD ). The account I log onto the NT Server with is in the administrator group and I made sure that it has the "Act as part of the operating system" privilege.
>
>Is there something different regarding NT Server security and trying to call LogonUser()?
>
>Thanks,
>Bill
>
>>
>>Yeah, you can use an API call to verify the user. But realize this won't actually log the user in under this account - you can't do that in a standalone application. Only services and the SYSTEM account can actually impersonate other accounts. Still the only way to really log on is to log off and back on.
>>
>>The code below performs the username/password check against NT's security manager. You can read up in MSDN on how this function relates to security contexts etc. - but let me warn you: You won't want to mess with this stuff beyond the basics, because NT Security is sick and twisted if you need to get beyond the highlevel stuff and switching user context is among the most heinous code that you can write (I remember spending 3 days to write an File ACL setting utility and I had sample code <s>)...
>>
>>
>>

>>FUNCTION LogonUser
>>************************************************************************
>>* wwAPI :: LogonUser
>>*********************************
>>***  Function: Check whether a username and password is valid
>>***    Assume: Account checking must have admin rights
>>***      Pass: Username, Password and optionally a server
>>***    Return: .T. or .F.
>>************************************************************************
>>LPARAMETERS lcUsername, lcPassword, lcServer
>>
>>IF EMPTY(lcUsername)
>>   RETURN .F.
>>ENDIF
>>IF EMPTY(lcPassword)
>>   lcPassword = ""
>>ENDIF
>>IF EMPTY(lcServer)
>>   lcServer = "."
>>ENDIF
>>
>>#define LOGON32_LOGON_INTERACTIVE   2
>>#define LOGON32_LOGON_NETWORK       3
>>#define LOGON32_LOGON_BATCH         4
>>#define LOGON32_LOGON_SERVICE       5
>>
>>#define LOGON32_PROVIDER_DEFAULT    0
>>
>>DECLARE INTEGER LogonUser in WIN32API ;
>>       String lcUser,;
>>       String lcServer,;
>>       String lcPassword,;
>>       INTEGER dwLogonType,;
>>       Integer dwProvider,;
>>       Integer @dwToken
>>
>>lnToken = 0
>>lnResult = LogonUser(lcUsername,lcServer,lcPassword,;
>>                     LOGON32_LOGON_NETWORK,LOGON32_PROVIDER_DEFAULT,@lnToken)
>>
>>DECLARE INTEGER CloseHandle IN WIN32API INTEGER
>>CloseHandle(lnToken)
>>
>>RETURN IIF(lnResult=1,.T.,.F.)
>>ENDFUNC
>>* wwAPI :: LogonUser
>>
>>

>>
>>
>>>
>>>Kevin

+++ Rick ---

West Wind Technologies
Maui, Hawaii

west-wind.com/
West Wind Message Board
Rick's Web Log
Markdown Monster
---
Making waves on the Web

Where do you want to surf today?

Répondre

Fil

Voir

Click here to load this message in the networking platform