Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

API and Windows NT

Posted on 1999-06-24
22
Medium Priority
?
227 Views
Last Modified: 2010-05-02
Need a program that a user can enter a user name and password.  The program then checks to see if it mathchs Windows Nt's user name and password, then it displays true or false.  I got the user name using a API function?  But I do not have to get anything just see if its vaild.

Do you know how to get the password or see if its vaild?

thanks
I'm not a hacker, I want it for security to my program
0
Comment
Question by:nephinj
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
22 Comments
 
LVL 4

Expert Comment

by:vindevogel
ID: 1519460
Hacking, are you ?
0
 

Author Comment

by:nephinj
ID: 1519461
Edited text of question.
0
 
LVL 10

Expert Comment

by:smegghead
ID: 1519462
mmm, that would be nice to have an API which returns the users password... not so nice for Bill Gates though as he'd probably only have sold a 2% of the amount he's actually sold if security had been that easy to crack.

The only way I can think that you might be able to verify the password is to try to read a file on your disk but via another PC, to which you supply the username / password - I wouldn't know what the syntax would be, but it might be worth investigating.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Expert Comment

by:Neal Hartman
ID: 1519463
Mabry has a NT users control.

0
 

Author Comment

by:nephinj
ID: 1519464
Edited text of question.
0
 
LVL 2

Accepted Solution

by:
DavidMartin earned 1040 total points
ID: 1519465
If you are using NT then you can use the LogonUser API to validate the credentials.  This call requires "Act as Part of the Operating System" right.  

Therfore it would be safer to run this as an out of process exe and use COM to assign a specific user to the object.

However, if you are also using Windows 9x then it is slightly more complex, there is a good article in MSDN describing how this can be done using the Security Support Provider Interface. - Article ID: Q180548


0
 

Author Comment

by:nephinj
ID: 1519466
I do not know much about COM objects could you give a little more detail....
0
 
LVL 2

Expert Comment

by:DavidMartin
ID: 1519467
In VB it's an ActiveX EXE, you create public functions that can be called from another application.

eg.
create a class with a public method that has calls the LogonUser API then create a new instance of the object in your calling application to call the method.

  dim objValidation as CPassValidation
  set objValidation = New CPassValidation
 
  bResult = objValidation.CheckPassword(user, pass)

Use the utility 'dcomcnfg' to configure the process to run in others security context and there you have it...



0
 

Author Comment

by:nephinj
ID: 1519468
I do not know much about COM objects could you give a little more detail....
0
 

Author Comment

by:nephinj
ID: 1519469
I dont know of any LOGONUSER API  where do I find information on this.
0
 
LVL 2

Expert Comment

by:DavidMartin
ID: 1519470
You're making me work for this one, here's an example how to do it if the user has the appropriate permissions, if your users don't then it must run in it's own process space... See above.

For the example you need two text boxes (txtUser, txtPassword) and a command button (command1)

then paste the following code in (remember, this is an example...)



Private Declare Function LogonUser Lib "advapi32" Alias "LogonUserA" (ByVal lpszUsername As String, ByVal lpszDomain As String, ByVal lpszPassword As String, ByVal dwLogonType As Long, ByVal dwLogonProvider As Long, phToken As Long) As Long
Private Const LOGON32_LOGON_INTERACTIVE = 2
Private Const LOGON32_PROVIDER_DEFAULT = 0
Private Sub Command1_Click()
   
    Call CheckPassword(txtUser, txtPassword)
   
End Sub

Public Function CheckPassword(UserName As String, Password As String) As Long

    Dim pToken As Long
    Dim lRet As Long
   
    lRet = LogonUser(UserName, vbNullString, Password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, pToken)
   
    If lRet Then
        MsgBox "OK"
    Else
        MsgBox "Not OK"
    End If
       
End Function
0
 
LVL 2

Expert Comment

by:DavidMartin
ID: 1519471
are you sure you're in the right job?
0
 

Author Comment

by:nephinj
ID: 1519472
Thanks but it always says not ok....any sujestions?  Does it work on your machine?
0
 

Author Comment

by:nephinj
ID: 1519473
Why do you ask if im in the right job is it because I did not know about the API you sujested,  I know how to use them its just not in the list of functions I have.
0
 
LVL 2

Expert Comment

by:DavidMartin
ID: 1519474
Yes it works....

What is your domain model, the secon parameter is null, this means it will check the local machine account then the domain.

By the way make sure the user you are logged in has the "Act as Part of the Operating System" right.
0
 
LVL 2

Expert Comment

by:DavidMartin
ID: 1519475
Add this function to the declares section then call it directly after you call LogonUser.... What is the result?

Private Declare Function GetLastError Lib "kernel32" () As Long


0
 

Author Comment

by:nephinj
ID: 1519476
Act as Part of the Operating System how do you turn this on!  No error it just says Not ok in a MsgBog
0
 
LVL 2

Expert Comment

by:DavidMartin
ID: 1519477
The GetLastError function returns a value, what is the value?

If you don't understand "Act as Part of The OPerating System" then you probably haven't set it...  Therefore it is almost certainly failing on permissions.  If you are checking local passwords (local machine) then make the change on your machine - User Manager, if it is on a domain then you must make the change using User Manager for domains.  

You will see a menu dropdown called Policies - User Rights.  Select show advanced rights and ensure your user is in the list.

While your at it change the code so you can get the error code....


Private Declare Function LogonUser Lib "advapi32" Alias "LogonUserA" (ByVal lpszUsername As String, ByVal lpszDomain As String, ByVal lpszPassword As String, ByVal dwLogonType As Long, ByVal dwLogonProvider As Long, phToken As Long) As Long

Private Declare Function GetLastError Lib "kernel32" () As Long

Private Const LOGON32_LOGON_INTERACTIVE = 2
Private Const LOGON32_PROVIDER_DEFAULT = 0
Private Sub Command1_Click()
     
    Call CheckPassword(txtUser, txtPassword)
     
End Sub

Public Function CheckPassword(UserName As String, Password As String) As Long

    Dim pToken As Long
    Dim lRet As Long
    Dim lErr As long
     
    lRet = LogonUser(UserName, vbNullString, Password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, pToken)
     
    lErr = GetLastError()

    If lRet Then
        MsgBox "OK"
    Else
        MsgBox "Not OK - Error " & lErr
    End If
         
End Function
0
 

Author Comment

by:nephinj
ID: 1519478
Changed the code Error is 0, there is no show advanced rights under the user manager
0
 
LVL 2

Expert Comment

by:DavidMartin
ID: 1519479
UserManager:

Menu Drop Down "Policies"  (Alt-P)
"User Rights" (Alt-U)
Click on show advanced user rights (Alt-S)

Then choose "Act as part of the operating system"


Zero implies the function is working what is your e-mail address I will mail you some code.... (up the points - i'm working too hard)



0
 

Author Comment

by:nephinj
ID: 1519480
nephinj@em.agr.ca - all the points I have
0
 

Author Comment

by:nephinj
ID: 1519481
thanks
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When trying to find the cause of a problem in VBA or VB6 it's often valuable to know what procedures were executed prior to the error. You can use the Call Stack for that but it is often inadequate because it may show procedures you aren't intereste…
This article describes some techniques which will make your VBA or Visual Basic Classic code easier to understand and maintain, whether by you, your replacement, or another Experts-Exchange expert.
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
Show developers how to use a criteria form to limit the data that appears on an Access report. It is a common requirement that users can specify the criteria for a report at runtime. The easiest way to accomplish this is using a criteria form that a…
Suggested Courses

664 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question