Determining (verifying) a users logon name and password from Windows NT

Oh and I'm using FrontPage 2000 and IE 4.

Hi, to get the username you need to call this function:

Declare Function GetUserName& Lib "advapi32.dll" Alias "GetUserNameA" (ByVal _
lpBuffer As String, nSize As Long)

specify nsize as a higher number than the max length of the user name, somthing like this:

Dim s$, cnt&, dl&
cnt& = 199
s$ = String$(2ØØ, Ø)
dl& = GetUserName(s$, cnt)
msgbox s$

I don't think you'll be able to retrieve the password, I'll try to find you another means of verifying it though.

If you are using IIS4 or IIS5 then yould simply change the "Directory Security"/"Anonymous Access Control" in web-site properties. Remove checkmarks in "Allow anonymous access", and set checkmark in Windows NT challenge.

Have fun!

I would recon that the users must be logged in to be working on the workstation anyway, so the user ought not to log in again. Use BeedleGuis suggestion to get the user's name and compare this to our own app's user list.

On entering the network ask the user for the id and password and do the validation with the database you have.

Let me clarify a little bit because all the answers vary.  We run an NT network and IIS 4.0.  When someone logs on to the network and loads IE 4 to get on the Intranet I don't want them to log in AGAIN because login names change every 30 days and I can't possibly keep a stand alone Access database up to date with current passwords.  Let's say that on the Intranet there is a link to expense reports where users can fill in and view their history of reports.  This could be done a variety of ways but let's say I set up a database with fields for date, expense, logon name, etc... I need a way to verify the user when he/she clicks the link to expense reports.  Instead of verifying them with a username and password screen, I want to verify them against their logins because they will be on the Network and no other password should be required.  So I could have a database with a field for logon names and (here is the problem) grab the users login name from NT and display the appropriate records from the database.  So how do I get the NT login name from NT (and store it in a variable)?  Any help would be great.

Derek.

Works like a charm, mtoft, but before I accept your answer I want to strip the domain name from the logon.  Right now it returns Domain\username and I just want username.  How do I strip the domain name. Also, I know I'm getting annoying, can I retrieve the actual name of the user for personalization.  For example, now I can return derekw but what about derek west.  That would be kinda neat...

Thanks to everyone for the help,
Derek.

Figured out how to trim the domain name but still would like to grab the user full name.

Derek.

There is no easy way to get a users fullname using ASP. You will probably have to create an ActiveX control that does the job and that can be called from ASP.

Microsoft has an excellent article on how this is done, see: Q151774 in their Knowledge base.

Or I can send you an ActiveX component that lets you retrieve a users full name on some PDC. If you want it, just leave your email here...

/mtoft

I'd love something like that.  

derekw@chip.ca

Adjusted points to 225

Its in your mailbox...