|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Authenticate domain and local usersHello
I have the following problem: I'd like to check whether entered user, domain, password are correct for domain user. Second need is to check local user credentials. What .NET functions should I use? You might have a look at a class I did a while ago for this.
http://spaces.msn.com/members/staceyw/Blog/cns!1pnsZpX0fPvDxLKC6rAAhLsQ!283.entry -- Show quoteHide quoteWilliam Stacey [MVP] "Jacek" <Ja***@discussions.microsoft.com> wrote in message news:B71AF1EB-7C61-4EFC-ACA3-F1D2CA3DD7B4@microsoft.com... > Hello > I have the following problem: > I'd like to check whether entered user, domain, password are correct for > domain user. Second need is to check local user credentials. What .NET > functions should I use? > William,
Thank You for the tip, this is what I wanted, unfortunately I cannot run LogonUser function from advapi32.dll. Maybe the following facts contain the reasons: - this application is an asp.net application - ASPNET and IUSR are Administrators - my computer was changed a computername - I am a domain user with administrator privilidges on this computer Jacek See this link under the Remarks for rights the calling account needs.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthn/security/logonuser.asp -- Show quoteHide quoteWilliam Stacey [MVP] "Jacek" <Ja***@discussions.microsoft.com> wrote in message news:84B78F47-B387-4120-A318-7E35FD11A1DB@microsoft.com... > William, > > Thank You for the tip, this is what I wanted, unfortunately I cannot run > LogonUser function from advapi32.dll. > Maybe the following facts contain the reasons: > - this application is an asp.net application > - ASPNET and IUSR are Administrators > - my computer was changed a computername > - I am a domain user with administrator privilidges on this computer > > Jacek So according to the following text from article that You advised to get
familiar with ("The user account must have Log On Locally permission on the local computer. This permission is granted to all users on workstations and servers but only to administrators on domain controllers.") means that if I work on computer LAP1 in domain DOMAIN1 as user USER1 who is in ADMINISTRATORS group and I want to authenticate USER2 from the same domain or LOCALUSER1(as local account), they need to have some special privilidges? How to set them? What about running asp.net application when nobody is logged on the computer? My goal in details: The only think I need to know is: whether DOMAIN1\USER1+his Password are valid, (or LOCALUSER1+his password) then I need to check if USER1 is added to local ADMINISTRATORS. Both these checkings should work when computer is not connected to the network, so we assume that in case of LOCALUSER1 there's no problem, but USER1 must be logged to this computer at leats once to leave his credentials locally. thanks 
Other interesting topics
EventLogPermission via caspol.exe
Creating User Accounts with or without Active Directory Code Source Security How to share a Principal within a ThreadPool ? Upgrading Encryption to .Net not Working!!!!!!! Very slow Principal.IsInRole call... CredUIConfirmCredentials behaves unexpectedly Strong-Name Assembly calling WebService RSA to PKCS#8 Walking Active Directory |
|||||||||||||||||||||||
