Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 432
  • Last Modified:

Grab NT Username, Password AND NT Group

I making a web application for an Intranet.  I come from Inernet development and have never dealt with obtaining a users NT information before.  What I want ideally is to have my component grab the user's NT login AND the NT Group they reside in.  I will manage with just the NT Login Info is grabbing the NT Group is not possible.  Does anyone have an example of how to grab this info over an intranet?
0
scotiaceilidh
Asked:
scotiaceilidh
  • 6
  • 3
  • 3
  • +1
1 Solution
 
Anthony PerkinsCommented:
Declare Function GetUserNameA Lib "ADVAPI32" (ByVal lpBuffer As String, nSize As Long) As Long
Function GetLoginName() As String
Dim iBufSize As Long
Dim sUser As String

iBufSize = 255
sUser = Space$(iBufSize)
If GetUserNameA(sUser, iBufSize) = 1 Then
   GetLoginName = Left$(sUser, iBufSize - 1)
Else
   GetLoginName = "??????"
End If

End Function

Anthony
0
 
rkot2000Commented:
you can use server variables to get user id and domain:


http://www.asp101.com/samples/servvars.asp

i am using the following 2 functions in my asp pages to get userid and domain.

     Public Function LogonUserNTID()
     
          dim lvsLogonUser
          dim lasLogonUser
          lvsLogonUser= Request.ServerVariables("LOGON_USER")
          lasLogonUser= Split(lvsLogonUser,"\")
          LogonUserNTID = lasLogonUser(1)
         
     End Function

     Public Function LogonUserNTDomain()
          dim lvsLogonUser
          dim lasLogonUser
          lvsLogonUser= Request.ServerVariables("LOGON_USER")
          lasLogonUser= Split(lvsLogonUser,"\")
          LogonUserNTDomain = lasLogonUser(0)
     
     End Function
0
 
TimCotteeCommented:
There is a sample app on http://www.geocities.com/TimCottee goto downloads. It will determine the NT groups that a user belongs to given the user name from above examples. Getting the password is basically not feasible as it is never stored in plain-text anywhere to be retrieved.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
scotiaceilidhAuthor Commented:
Wow, Thank you.  I get back from lunch and...   I have a couple hours of meetings and will be right back to get on all this.
0
 
scotiaceilidhAuthor Commented:
rkot2000, I am getting this error on your code and have not been able to use it as of yet.

Microsoft VBScript runtime (0x800A0009)
Subscript out of range: '[number: 1]'

acperkins,
I did get your code to work.  Any idea how to the Domain?  That's what I need now, as the Userid's may not be unique.


0
 
Anthony PerkinsCommented:
Take a look at TimCottee code it shows you all the NT Groups the user belongs to.

Anthony
0
 
rkot2000Commented:
you need to remove Allow Anonymous Access
and to check Windows NT Challenge/Response  

The user?s Web browser does not send actual Windows NT account password information across the network.
0
 
Anthony PerkinsCommented:
rkot2000,

Comment posted to the wrong question, perhaps?

Anthony
0
 
rkot2000Commented:
nop by default a web site has Allow Anonymous Access in the security tab so logon_user is empty.





0
 
rkot2000Commented:
PRB: Request.ServerVariables("LOGON_USER") Returns Empty String

ID: Q188717


--------------------------------------------------------------------------------
The information in this article applies to:

Active Server Pages
Microsoft Internet Information Server versions 4.0, 5.0

--------------------------------------------------------------------------------


SYMPTOMS
Accessing the Request.ServerVariables("LOGON_USER") variable from Active Server Pages (ASP) returns an empty string.



CAUSE
The LOGON_USER variable is not populated if the ASP page is accessed using Allow Anonymous security.

In order for the LOGON_USER variable to be populated, the user must be authenticated using either Basic or NT Challenge/Response security.



STATUS
This behavior is by design.



REFERENCES
For additional information, please see the following article in the Microsoft Knowledge Base:


Q142868 IIS: Authentication & Security Features

Additional query words: allow anonymous LOGON_USER ASP ServerVariables Request kbASP

0
 
rkot2000Commented:
p.s you need to unload your website after all changes .
0
 
rkot2000Commented:
you can use the following sample asp to check logon user:


<%@ Language=VBScript %>
<HTML>
<HEAD>
<META NAME="GENERATOR" Content="Microsoft Visual Studio 6.0">
</HEAD>
<BODY>

<HR>
 <%=Request.ServerVariables("LOGON_USER")%>
<HR>

</BODY>
</HTML>
0
 
scotiaceilidhAuthor Commented:
Wish I could give More
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

  • 6
  • 3
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now