[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

User/Domain Name & Password verification

Posted on 1997-07-22
13
Medium Priority
?
204 Views
Last Modified: 2010-05-18
I would like to retrieve the UserID and Domain Name, of someone logged onto an NT domain, from an NT workstation, then prompt the user for there password and verify it.
Thanks in advance.
0
Comment
Question by:wu071697
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 3
  • 2
  • +1
13 Comments
 
LVL 3

Expert Comment

by:ESI
ID: 1428676
You can retrieve the username and define if (s)he is logged thanks to the mpr dll. Have a look at the mprsvr.dll, for server-host facilities.
Define : Declare Function WNetGetUser Lib "mpr" Alias "WNetGetUserA" (ByVal lpName As String, ByVal lpUserName As String, lpnLength As Long) As Long

Then in code / a sub :
dim sUserName As String * 255
dummy = WNetGetUser("", sUserName, 255)
If dummy = 0 Then
    '-- Trim trailing Null char
    sGotName = Left$(sUserName, InStr(sUserName, Chr$(0)) - 1)
Else
    '-- User not logged
    sGotName = ""
End If

-
Hope it helps ! Bye
0
 
LVL 5

Expert Comment

by:y96andha
ID: 1428677
Could you describe a little more about your application, what do you want to do? I know of a way to verify NT passwords, but it requires a special user right for the logged on user.
0
 

Author Comment

by:wu071697
ID: 1428678
The user running the problem will be an account operator.

I want to ensure that someone can not just sit down at the workstation, if the account operator has stepped away, and run the program themselves.

The program will be used to maintain certain aspects of user accounts.  I want the userID and domain to be dynamic in case it changes.  (User manager for Domains not used to limited ability to reak havoc).
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 5

Expert Comment

by:y96andha
ID: 1428679
This is how to do a user validation under Windows NT. In order for this to work, the user account which runs the program must either be the SYSTEM account or an account with the SeTcbPrivilege - "Act as part of the operating system" user right.

The user account which is validated must have the appropriate privilege too, depending on whether you will use
LOGON32_LOGON_BATCH, LOGON32_LOGON_INTERACTIVE or LOGON32_LOGON_SERVICE.

In hope this will work in your case, I haven't tried it with verifying the same user that is currently logged on. It might be that you have to use some other switch than LOGON32_LOGON_INTERACTIVE, as that user is already interactively logged on.

Declarations:


Private Declare Function LogonUser Lib "advapi32" Alias "LogonUserA" (ByVal lpszUsername As String, ByVal lpszDomain As String, ByVal lpszPassword As String, ByVal dwLogonType As Long, ByVal dwLogonProvider As Long, phToken As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function GetLastError Lib "kernel32" () As Long
Private Const LOGON32_PROVIDER_DEFAULT = 0
Private Const LOGON32_LOGON_BATCH = 4
Private Const LOGON32_LOGON_INTERACTIVE = 2
Private Const LOGON32_LOGON_SERVICE = 5



Validation function:

Replace username, domain and password with the values to be verified. Use either LOGON32_LOGON_BATCH, LOGON32_LOGON_INTERACTIVE or LOGON32_LOGON_SERVICE. In this example I use LOGON32_LOGON_BATCH, which means that the user account which is being verified must have the "Logon as a batch job" user right.


Private Sub Command1_Click()
 Dim token As Long, status As Long
 token = 0
 status = LogonUser("username", "domain", "password", _
LOGON32_LOGON_BATCH, _
LOGON32_PROVIDER_DEFAULT, token)
 If status = 0 Then
 MsgBox "Logon Failed"
 Else
 MsgBox "Logon successful"
 CloseHandle token
 End If
End Sub
0
 
LVL 5

Expert Comment

by:y96andha
ID: 1428680
To get the current user:

Declare Function GetUserName Lib "advapi32" Alias "GetUserNameA" (ByVal name as String, namelen as Long) As Long

Dim a as String
Dim alen as Long
alen = 256
a = string(256,0)
if GetUserName( a, alen)  = 0 then
 Print "Could not get user name"
else
 print "User name is " & a
End if


0
 
LVL 5

Expert Comment

by:y96andha
ID: 1428681
To get the domain of a user:

Declare Function LookupAccountName Lib "advapi32.dll" Alias "LookupAccountNameA" (ByVal lpSystemName As String, ByVal lpAccountName As String, ByVal Sid As String, cbSid As Long, ByVal ReferencedDomainName As String, cbReferencedDomainName As Long, peUse As Long) As Long

dim dname as string
dim sid as string
dim sidlen as long
dim dlen as long
dim use as long

dname=string(256,0)
sid=string(256,0)
sidlen=256
dlen=256

if lookupaccountname(vbnullstring, "Username", sid, sidlen, dname, dlen, use) = 0 then
 print "Error looking up account"
else
 print "Domain of account is " & left(dname,instr(dname,chr(0)) - 1)
end if

0
 

Author Comment

by:wu071697
ID: 1428682
Does anyone know how the Windows NT screensaver validates the password before releasing the screensaver?
0
 
LVL 5

Expert Comment

by:y96andha
ID: 1428683
This is not done by the screen saver itself. A screen saver is not run on the current users desktop, but on a special desktop, and  the NT SYSTEM handles password verification automatically.

0
 
LVL 5

Expert Comment

by:y96andha
ID: 1428684
So, have you found any better answer?  I am interested in knowing if there's another way myself.
0
 

Author Comment

by:wu071697
ID: 1428685
I tried playing with the settings, but with no luck.  I am not comfortable giving the user SYSTEM priviledges.  Could you recommend somewhere that I can find out about how the screen saver works?  Thanks.
0
 
LVL 7

Accepted Solution

by:
tward earned 200 total points
ID: 1428686
In MPR.DLL there are a few password functions:

Private Declare Function PwdChangePassword Lib "MPR.DLL" Alias "PwdChangePasswordA" (ByVal lpProvider As String,
ByVal hWnd As Long, ByVal dwFlags As Long) As Long

For Screen Savers the Provider = "SCRSAVE"

Look up PWDPROVIDER in the Registry for other providers!

I've also been playing with the following:
Private Declare Function VerifyScreenSavePwd Lib "PASSWORD.CPL" ()

0
 
LVL 5

Expert Comment

by:y96andha
ID: 1428687
tward: I can't find neither PASSWORD.CPL nor PWDPROVIDER on my WinNT system. I can find them in Win95 though. Are you sure that it exists under WinNT?
0
 
LVL 7

Expert Comment

by:tward
ID: 1428688
I am not sure...  There is very little information on them even under Windows 95...  I have been able to make a Screen Saver that uses the Windows 95 standard Change Password and Verify Password when the user tries to quit the Screen Saver using both PASSWORD.CPL and MPR.DLL under Windows 95..

PWPROVIDER is in the Windows 95 registry, I'll have to check on the NT System that I have here...
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When designing a form there are several BorderStyles to choose from, all of which can be classified as either 'Fixed' or 'Sizable' and I'd guess that 'Fixed Single' or one of the other fixed types is the most popular choice. I assume it's the most p…
Article by: Martin
Here are a few simple, working, games that you can use as-is or as the basis for your own games. Tic-Tac-Toe This is one of the simplest of all games.   The game allows for a choice of who goes first and keeps track of the number of wins for…
Get people started with the process of using Access VBA to control Outlook using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Microsoft Outlook. Using automation, an Access applic…
Get people started with the process of using Access VBA to control Excel using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Excel. Using automation, an Access application can laun…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question