Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Determining (verifying) a users logon name and password from Windows NT

Posted on 1999-08-02
Medium Priority
Last Modified: 2012-05-04
I am doing our Intranet and I want to prompt users to enter their network name and password and verify them against their actual NT accounts (for an expense reporting app) and I don't know how to do it.  I am using VBScript in my ASP but I am not an advanced programmer at all.  Someone told me you have to make an API Call to get that information but I have no idea what that means.  Can someone help?  200 PTS available.

Question by:dgwest
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Author Comment

ID: 1529018
Oh and I'm using FrontPage 2000 and IE 4.

Expert Comment

ID: 1529019
Hi, to get the username you need to call this function:

Declare Function GetUserName& Lib "advapi32.dll" Alias "GetUserNameA" (ByVal _
lpBuffer As String, nSize As Long)

specify nsize as a higher number than the max length of the user name, somthing like this:

Dim s$, cnt&, dl&
cnt& = 199
s$ = String$(2ØØ, Ø)
dl& = GetUserName(s$, cnt)
msgbox s$

I don't think you'll be able to retrieve the password, I'll try to find you another means of verifying it though.


Expert Comment

ID: 1529020
If you are using IIS4 or IIS5 then yould simply change the "Directory Security"/"Anonymous Access Control" in web-site properties. Remove checkmarks in "Allow anonymous access", and set checkmark in Windows NT challenge.

Have fun!
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Expert Comment

ID: 1529021
I would recon that the users must be logged in to be working on the workstation anyway, so the user ought not to log in again. Use BeedleGuis suggestion to get the user's name and compare this to our own app's user list.


Expert Comment

ID: 1529022
On entering the network ask the user for the id and password and do the validation with the database you have.

Author Comment

ID: 1529023
Let me clarify a little bit because all the answers vary.  We run an NT network and IIS 4.0.  When someone logs on to the network and loads IE 4 to get on the Intranet I don't want them to log in AGAIN because login names change every 30 days and I can't possibly keep a stand alone Access database up to date with current passwords.  Let's say that on the Intranet there is a link to expense reports where users can fill in and view their history of reports.  This could be done a variety of ways but let's say I set up a database with fields for date, expense, logon name, etc... I need a way to verify the user when he/she clicks the link to expense reports.  Instead of verifying them with a username and password screen, I want to verify them against their logins because they will be on the Network and no other password should be required.  So I could have a database with a field for logon names and (here is the problem) grab the users login name from NT and display the appropriate records from the database.  So how do I get the NT login name from NT (and store it in a variable)?  Any help would be great.


Accepted Solution

mtoft earned 880 total points
ID: 1529024
What you should do (What Microsoft does in their sample site, "Fitch And Mather") is setup your IIS 4.0 webserver to require Windows NT authentication. Do this by removing "Allow Anonymous Access", and by setting "Windows NT Challenge/Response" (I think someone mentioned this before me).

In the site where you set the "Windows NT Challenge/Response" you have a page, ex.: "Default.asp" with the following content:

--------------- Default.asp:
<%@ Language=VBScript %>
<META NAME="GENERATOR" Content="Microsoft Visual Studio 6.0">
      ' Retrieve the Windows NT username
      sNTUsername = Trim(Request.ServerVariables("LOGON_USER"))
      If sNTUsername="" Then
            %>Access denied...<%
            %>Your expenses, <%=sNTUsername%>.<BR><%

            ' Open link to database using ADO
            Set cnData = Server.CreateObject("ADODB.Connection")
            cnData.ConnectionString = "DSN=Expense"
            ' Open recordset filled with records for this user
            Set rsData = cnData.Execute("SELECT * FROM Expense WHERE (UserName='" & sNTUsername & "');")
            Do While Not rsData.Eof
                  Response.Write rsData("ExpenseDate") & " - " & rsData("Expense") & "<BR>"
            ' Close recordset
            Set rsData=Nothing
            ' Close database connection
            Set cnData=Nothing
      End If



The idea is that you by querying the "Request" object for "LOGON_USER" will receive a validated Windows NT user, OR if the current user is not a validated Windows NT user it will return an empty string - In which case you deny the user access to the page.



Author Comment

ID: 1529025
Works like a charm, mtoft, but before I accept your answer I want to strip the domain name from the logon.  Right now it returns Domain\username and I just want username.  How do I strip the domain name. Also, I know I'm getting annoying, can I retrieve the actual name of the user for personalization.  For example, now I can return derekw but what about derek west.  That would be kinda neat...

Thanks to everyone for the help,

Author Comment

ID: 1529026
Figured out how to trim the domain name but still would like to grab the user full name.


Expert Comment

ID: 1529027
There is no easy way to get a users fullname using ASP. You will probably have to create an ActiveX control that does the job and that can be called from ASP.

Microsoft has an excellent article on how this is done, see: Q151774 in their Knowledge base.

Or I can send you an ActiveX component that lets you retrieve a users full name on some PDC. If you want it, just leave your email here...



Author Comment

ID: 1529028
I'd love something like that.

Author Comment

ID: 1529029
Adjusted points to 225

Expert Comment

ID: 1529030
Its in your mailbox...

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I’ve seen a number of people looking for examples of how to access web services from VB6.  I’ve been using a test harness I built in VB6 (using many resources I found online) that I use for small projects to work out how to communicate with web serv…
This article describes how to use a set of graphical playing cards to create a Draw Poker game in Excel or VB6.
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
Show developers how to use a criteria form to limit the data that appears on an Access report. It is a common requirement that users can specify the criteria for a report at runtime. The easiest way to accomplish this is using a criteria form that a…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question