capturing NT login

All,

Sometimes is necessary to capture the machine's IP address which is accessing some ASP page of my Intranet. I can easily accomplish this task using this line:

ip = Request.ServerVariables("REMOTE_ADDR")

Where "ip" is the variable which is receiving the IP address of the machine which is accessing the ASP page. It works Ok.

What I want to know is if it's possible, in a similar way or not, to capture the NT LOGIN of the user accessing an ASP page. Got it? I´ve got a NT network, and the users must login in this network to use their machines and consequently to access the Intranet (how obvious I was!). So... is it possible to get this NT LOGIN through ASP code?

thank you,

Correa

 
CorreaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jamestthomasCommented:
Yes:

<%
'This test will force the browser to send credentials for the User
If Request.ServerVariables("LOGON_USER") = "" Then
      Response.Status = "401 access denied"
      Response.End
End If

'Initialize some variables
Private Authed
Private msg
Private sUserID
Private sDomain
Private sPassword
Authed = False

'Separate the Domain Name from the User ID
sUserID = Request.ServerVariables("LOGON_USER")
sDomain = "            "
sPos = instr(sUserID,"\")
if sPos > 0 then
      sDomain = left(sUserID, sPos - 1)
      sUserID = right(sUserID, Len(sUserID) - sPos)
end if
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jamestthomasCommented:
Also you can write a smal downloadable ActiveX Control in VB:  If you want to see that code which uses a single API call, let me know.  I have deployed these solutions and have gone the ActiveX route myself.  Good luck

0
CorreaAuthor Commented:
As far as I could understand the server variable LOGON_USER is not estabilished unless a logon has ocorred, and this was why you "force the browser to send credentials for the user" in your code. It is my conclusion, because before I have tried to use your code I always received an empty string when I used the command "Request.ServerVariables("LOGON_USER"). Am I right?
I tried to user your code. I wrote a simple HTML page with a link to an ASP page with your code. The login window appeared just after I click on the link, but my login was not accepted (it was refused 3 times, then the login window disappeared)... perhaps some configuration detail needs to be changed in the NT network...

Thanks

Correa
0
Introduction to Web Design

Develop a strong foundation and understanding of web design by learning HTML, CSS, and additional tools to help you develop your own website.

jamestthomasCommented:
Yes , you are correct.  If the logon window appears, it is because you do have to set the site in IIS , Directory Security, Authentication methods th Windows NT Challenge and response.  Otherwise it simply says you were denied and prompts for login.  I can you with an entire working example if you would like.

0
jamestthomasCommented:
Sorry about the typo's I am at work...I meant I can supply you with a page configuration settings for the page.
0
CorreaAuthor Commented:
Ok James... I´d be pleased if you send me that "page configuration settings".

thank you,

Correa
0
JOKCommented:
Request.ServerVariable("AUTH_USER") would work too.
0
jamestthomasCommented:
The essential point is the security setting.
The main thing is to be sure the security setting has challenge and response checked for the site in question (IIS4.0).  I think I have given you msot of the example.  I could include the rest as I have it working on my machine if you still can't get it.

In the meantime, here is the code to an ActiveX dll I wrote that does the same thing.

Option Explicit

Private Declare Function GetUserName& Lib "advapi32.dll" Alias "GetUserNameA" (ByVal lpBuffer As String, nSize As Long)
                                   
Function ReturnUser$()
Dim s$, cnt&, dl&
cnt& = 199
s$ = String$(200, 0)
On Err GoTo ErrorHandle
dl& = GetUserName(s$, cnt)
ReturnUser$ = Left$(s$, cnt)
Exit Function
ErrorHandle:
ReturnUser$ = "error: " & Err.Description
Exit Function
End Function

Its usage I can explain to you if you are interested. It is compiled as an ActiveX dll.  However the script solution does work.  Let me know if you have gotten it working or need to see more.  good luck                  
0
CorreaAuthor Commented:
This is ok for me. However I think the major problem on changing IIS4.0 configuration from "Anonymous Access" to "Challenge" and "Response" is that a login window will always be shown everytime a user wants to navigate on my Intranet... (tell me if I'm wrong!) I think most users are not going to like this.

This is why I will also test your ActiveX dll and keep on studying other solutions.

thank you very much,

Correa
0
JOKCommented:
If you want to capture the user, I think that's your only solution, otherwise people are in there as "guests" and anonymous.

You could implement Session variables, if you are using ASP, or cookies so that they would only have to logon once.
0
jamestthomasCommented:
No, the logon window will not be displayed. Set Challenge and response on the site but also allow anonymous access.  Then users will nto be prompted.
0
jamestthomasCommented:
If you can"t get around prompting, let me know.  I'll be glad to help clear that up.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ASP

From novice to tech pro — start learning today.