Solved

Login into Windows Programmatically

Posted on 2002-06-05
18
415 Views
Last Modified: 2012-05-04
Hi All,

Is there anyway that I can login into Windows 2000 server programmatically.

Basically I've created a users database for the webpage.
Once the user has been authenticated, I will need to login in the Server with a fixed account so that I can access certain directories

Thanks
0
Comment
Question by:ermac
  • 4
  • 4
  • 3
  • +4
18 Comments
 
LVL 22

Expert Comment

by:CJ_S
ID: 7058666
You should be able to access those directories without loggin into the windows server itself. Basically within IIS you have to set windows authentication, and add a virtual directory to the directories that need to be accessed. That is the only correct way.

1) Add a virtual directory and point it to the directory that you want to share
2) Check the properties of the virtual directory for security (basic authentication or windows authentication, uncheck the anonymous logon)

CJ
0
 

Author Comment

by:ermac
ID: 7058800
Hi CJ

Does that mean that I will need to create windows accounts for those users? If that is so, it means I will need to purchase additional licenses for those accounts which I don't wish to.

Thanks
0
 
LVL 22

Expert Comment

by:CJ_S
ID: 7058810
I suggest creating only one user which can access that directory. Give that account to the people that need it. It is safe enough.

Adding a user does not mean that you have to buy additional licenses. You only need to buy licenses when you install windows on another machine.

For windows 2000 go to Start -> programs -> Administrative tools -> Computer Management

CJ
0
 

Author Comment

by:ermac
ID: 7058837
Hi CJ

Each of the end users require their own IDs and passwords.
That is the reason why I've created a database to store their accounts.

What I need to do is once they have been authenticated, I will log them in using the fixed windows account and then from there on they can have access to the folder.

By the way, if I'm not wrong I came across this article that says additional accounts will require additional licenses.
0
 

Author Comment

by:ermac
ID: 7058838
BTW I'm not refering to the OS license. I'm refering to the users' license.
0
 
LVL 22

Expert Comment

by:CJ_S
ID: 7058849
User licenses don't cost anything, they are yours to control as an administrator. And you can add as many of them as you want...
There's no such thing as a user license for a windows account. Only for products like SQL Server, MS Office, Windows etc.

I really suggest you choose the above method (windows accounts) to log into the machine itself. it's the only REAL secure way!!!

CJ
0
 
LVL 2

Expert Comment

by:manihopever
ID: 7059178
do you want to grab the users login name and domain name.
Please clear out the problem and why do you need this.

mani.v
0
 
LVL 19

Expert Comment

by:webwoman
ID: 7059919
Accounts ON THE SERVER require a license. This would come into play if you use NT Challenge/Response -- that requires a valid account FOR THAT COMPUTER, and that requires a license. However, it refers to CONNECTED users, not TOTAL users.

If you set up your OWN database, no. There are no licenses required. You can have them all use the same user account ON THE SERVER if you want. The machine doesn't care. It only cares how many concurrent user accounts FOR THAT MACHINE/SERVER are connected.

That's where you run into license problems.
0
 
LVL 22

Expert Comment

by:CJ_S
ID: 7060260
webwoman,
interesting. Any reference?

CJ
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 23

Expert Comment

by:naveenkohli
ID: 7060664
CJ_s,
Read the EULA for Windows server. It has all the information. Every MS server has limit on connections or number of users that can connect to it LEGALLY. Nothing stops you from increasing the number of purchased licenses value on your machine. But if you got sudited by MS, then you will be in big trouble.

Naveen
0
 

Author Comment

by:ermac
ID: 7060781
In that case, how do I bypass the NT Challenge/Response window? i.e. How do I login into the system programatically? This is what I wanted to ask =)

Thanks
0
 
LVL 19

Expert Comment

by:webwoman
ID: 7061048
You set a database, set up fields as username/password (or call them whatever you want), set up a login page, compare the entries from the login page with the database.

Everyone will be the IUSR_machine account to the SERVER. Web users don't count as being logged in to the server if they use the IUSR_machine (anonymouse access) account. They DO if they use an account on the machine (Challenge/Response requires a valid SERVER account)

You can give that server account access to whatever you need them to have access to -- but it will ONLY be content contained within the website folders. They will NOT have access to ANYTHING else -- not FTP folders (unless they're the website folders and/or you set them up for anonymous access, which is decidedly NOT a good idea), no folders/files outside the web root, etc.
0
 
LVL 2

Expert Comment

by:manihopever
ID: 7061732
just follow step by step carefully,

'For local test
1. Remove anonymous access to your virtual directory
   and tick the NT challenge/Response

2. Now if you are logged through NT server.  you can get
   the login/password through,

   auth = Request.servervariables("LOGON_USER")
   The "auth" value would be "<domain name>/<user name>"

3. Then check with the database with the username and
   domain name.  Remember you cant get the password from
   NT.

'For LIVE site
1. Ask Site administrator to Remove anonymous access to
   your virtual directory and tick the NT
   challenge/Response

2. Now if you access the site you will be shown with the
   login dialog box as like you seen in NT authentication.

3. Now You can get the login/password through,  
   auth = Request.servervariables("LOGON_USER")
   The "auth" value would be "<domain name>/<user name>"

3. Then check with the database with the username and
   domain name.  Remember you cant get the password from
   NT.

thats it.  try and let me know if you still have problem.

regards,
mani.v




0
 
LVL 19

Expert Comment

by:webwoman
ID: 7062000
Mani, that's exactly NOT what they want to do. That will require setting up user accounts on the server, and will run into a problem with concurrent users if they don't have enough licenses.
0
 
LVL 33

Expert Comment

by:hongjun
ID: 7516172
This question appears to have been abandoned. Please come back to this question and do the necessary evaluation or feedback. I will invite a Moderator to close this question if there's no reply from you after seven days.

I suggest
<PAQ with no refund>

** PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER **

hongjun
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 7551557
Finalized as proposed

modulo

Community Support Moderator
Experts Exchange
0
 
LVL 33

Expert Comment

by:hongjun
ID: 7582099
BTW, are all PAQs automatically graded as B? That's what I noticed.

hongjun
0
 

Expert Comment

by:modulo
ID: 7590911
Some moderators use "A" and some "B", still a point of discussion :(
But I prefer a "B" as it's a better indication for future question buyers that the (zero point) Q's are not holding "excellent" answers, making the shift easier....

modulo

Community Support Moderator
Experts Exchange
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Have you ever needed to get an ASP script to wait for a while? I have, just to let something else happen. Or in my case, to allow other stuff to happen while I was murdering my MySQL database with an update. The Original Issue This was written…
I was asked about the differences between classic ASP and ASP.NET, so let me put them down here, for reference: Let's make the introductions... Classic ASP was launched by Microsoft in 1998 and dynamically generate web pages upon user interact…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now