>Our in-house enterprise application has user-based security. We currently use a third-party routine to pull the user's login name from our Novell file server. In other words, how they've logged into the server (not their local machine) is what determines their permissions within the app.
>
>Our networking guys are trying to rid us of the Novell server and the p2p networking and move to a MS domain model. We will no longer be able to use the third-party routine to pull the login name.
>
>I've seen a number of threads showing how to pull a user's loginid using sys(0) or to check that their username and password are correct in the domain but I've not seen a way to actually grab the userid that they used to log into the domain.
>
>If a user were to set up a user account on their local machine and log into their local machine then turn around and manually log into the domain as themselves, I believe that sys(0) would return the username & id of their local login rather than their domain login. This would in essence give the user the ability to spoof their login and gain permissions in our app that they should not normally have.
>
>Is there any way to find out who they've logged in as on the domain?
Take a look at ADSI. A good starting point is
http://support.microsoft.com/default.aspx?scid=kb;EN-US;190741
Regards. Al
"Violence is the last refuge of the incompetent." -- Isaac Asimov
"Never let your sense of morals prevent you from doing what is right." -- Isaac Asimov
Neither a despot, nor a doormat, be
Every app wants to be a database app when it grows up