Solved

User/Domain Name & Password verification

Posted on 1997-07-22
13
192 Views
Last Modified: 2010-05-18
I would like to retrieve the UserID and Domain Name, of someone logged onto an NT domain, from an NT workstation, then prompt the user for there password and verify it.
Thanks in advance.
0
Comment
Question by:wu071697
  • 7
  • 3
  • 2
  • +1
13 Comments
 
LVL 3

Expert Comment

by:ESI
Comment Utility
You can retrieve the username and define if (s)he is logged thanks to the mpr dll. Have a look at the mprsvr.dll, for server-host facilities.
Define : Declare Function WNetGetUser Lib "mpr" Alias "WNetGetUserA" (ByVal lpName As String, ByVal lpUserName As String, lpnLength As Long) As Long

Then in code / a sub :
dim sUserName As String * 255
dummy = WNetGetUser("", sUserName, 255)
If dummy = 0 Then
    '-- Trim trailing Null char
    sGotName = Left$(sUserName, InStr(sUserName, Chr$(0)) - 1)
Else
    '-- User not logged
    sGotName = ""
End If

-
Hope it helps ! Bye
0
 
LVL 5

Expert Comment

by:y96andha
Comment Utility
Could you describe a little more about your application, what do you want to do? I know of a way to verify NT passwords, but it requires a special user right for the logged on user.
0
 

Author Comment

by:wu071697
Comment Utility
The user running the problem will be an account operator.

I want to ensure that someone can not just sit down at the workstation, if the account operator has stepped away, and run the program themselves.

The program will be used to maintain certain aspects of user accounts.  I want the userID and domain to be dynamic in case it changes.  (User manager for Domains not used to limited ability to reak havoc).
0
 
LVL 5

Expert Comment

by:y96andha
Comment Utility
This is how to do a user validation under Windows NT. In order for this to work, the user account which runs the program must either be the SYSTEM account or an account with the SeTcbPrivilege - "Act as part of the operating system" user right.

The user account which is validated must have the appropriate privilege too, depending on whether you will use
LOGON32_LOGON_BATCH, LOGON32_LOGON_INTERACTIVE or LOGON32_LOGON_SERVICE.

In hope this will work in your case, I haven't tried it with verifying the same user that is currently logged on. It might be that you have to use some other switch than LOGON32_LOGON_INTERACTIVE, as that user is already interactively logged on.

Declarations:


Private Declare Function LogonUser Lib "advapi32" Alias "LogonUserA" (ByVal lpszUsername As String, ByVal lpszDomain As String, ByVal lpszPassword As String, ByVal dwLogonType As Long, ByVal dwLogonProvider As Long, phToken As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function GetLastError Lib "kernel32" () As Long
Private Const LOGON32_PROVIDER_DEFAULT = 0
Private Const LOGON32_LOGON_BATCH = 4
Private Const LOGON32_LOGON_INTERACTIVE = 2
Private Const LOGON32_LOGON_SERVICE = 5



Validation function:

Replace username, domain and password with the values to be verified. Use either LOGON32_LOGON_BATCH, LOGON32_LOGON_INTERACTIVE or LOGON32_LOGON_SERVICE. In this example I use LOGON32_LOGON_BATCH, which means that the user account which is being verified must have the "Logon as a batch job" user right.


Private Sub Command1_Click()
 Dim token As Long, status As Long
 token = 0
 status = LogonUser("username", "domain", "password", _
LOGON32_LOGON_BATCH, _
LOGON32_PROVIDER_DEFAULT, token)
 If status = 0 Then
 MsgBox "Logon Failed"
 Else
 MsgBox "Logon successful"
 CloseHandle token
 End If
End Sub
0
 
LVL 5

Expert Comment

by:y96andha
Comment Utility
To get the current user:

Declare Function GetUserName Lib "advapi32" Alias "GetUserNameA" (ByVal name as String, namelen as Long) As Long

Dim a as String
Dim alen as Long
alen = 256
a = string(256,0)
if GetUserName( a, alen)  = 0 then
 Print "Could not get user name"
else
 print "User name is " & a
End if


0
 
LVL 5

Expert Comment

by:y96andha
Comment Utility
To get the domain of a user:

Declare Function LookupAccountName Lib "advapi32.dll" Alias "LookupAccountNameA" (ByVal lpSystemName As String, ByVal lpAccountName As String, ByVal Sid As String, cbSid As Long, ByVal ReferencedDomainName As String, cbReferencedDomainName As Long, peUse As Long) As Long

dim dname as string
dim sid as string
dim sidlen as long
dim dlen as long
dim use as long

dname=string(256,0)
sid=string(256,0)
sidlen=256
dlen=256

if lookupaccountname(vbnullstring, "Username", sid, sidlen, dname, dlen, use) = 0 then
 print "Error looking up account"
else
 print "Domain of account is " & left(dname,instr(dname,chr(0)) - 1)
end if

0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:wu071697
Comment Utility
Does anyone know how the Windows NT screensaver validates the password before releasing the screensaver?
0
 
LVL 5

Expert Comment

by:y96andha
Comment Utility
This is not done by the screen saver itself. A screen saver is not run on the current users desktop, but on a special desktop, and  the NT SYSTEM handles password verification automatically.

0
 
LVL 5

Expert Comment

by:y96andha
Comment Utility
So, have you found any better answer?  I am interested in knowing if there's another way myself.
0
 

Author Comment

by:wu071697
Comment Utility
I tried playing with the settings, but with no luck.  I am not comfortable giving the user SYSTEM priviledges.  Could you recommend somewhere that I can find out about how the screen saver works?  Thanks.
0
 
LVL 7

Accepted Solution

by:
tward earned 100 total points
Comment Utility
In MPR.DLL there are a few password functions:

Private Declare Function PwdChangePassword Lib "MPR.DLL" Alias "PwdChangePasswordA" (ByVal lpProvider As String,
ByVal hWnd As Long, ByVal dwFlags As Long) As Long

For Screen Savers the Provider = "SCRSAVE"

Look up PWDPROVIDER in the Registry for other providers!

I've also been playing with the following:
Private Declare Function VerifyScreenSavePwd Lib "PASSWORD.CPL" ()

0
 
LVL 5

Expert Comment

by:y96andha
Comment Utility
tward: I can't find neither PASSWORD.CPL nor PWDPROVIDER on my WinNT system. I can find them in Win95 though. Are you sure that it exists under WinNT?
0
 
LVL 7

Expert Comment

by:tward
Comment Utility
I am not sure...  There is very little information on them even under Windows 95...  I have been able to make a Screen Saver that uses the Windows 95 standard Change Password and Verify Password when the user tries to quit the Screen Saver using both PASSWORD.CPL and MPR.DLL under Windows 95..

PWPROVIDER is in the Windows 95 registry, I'll have to check on the NT System that I have here...
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

I’ve seen a number of people looking for examples of how to access web services from VB6.  I’ve been using a test harness I built in VB6 (using many resources I found online) that I use for small projects to work out how to communicate with web serv…
If you have ever used Microsoft Word then you know that it has a good spell checker and it may have occurred to you that the ability to check spelling might be a nice piece of functionality to add to certain applications of yours. Well the code that…
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
This lesson covers basic error handling code in Microsoft Excel using VBA. This is the first lesson in a 3-part series that uses code to loop through an Excel spreadsheet in VBA and then fix errors, taking advantage of error handling code. This l…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now