Solved

Need library to access operating system's user and password database

Posted on 2004-08-16
10
228 Views
Last Modified: 2010-04-01
I need a library to access operating system's user and password database, in order to synchronize my app's user list with the operating system's. My app is going to be made in Java, so if the library is multi platform it would be great (at least Linux/Unix/*BSD and all Windows but 98/ME). But I think a multi platform library of this kind would be rare, so I can accept also that the library is only for Windows 2000/XP/2003 Server (and NT 4 if possible), or only for Linux/Unix/*BSD.

Originally the question was here: http://www.experts-exchange.com/Programming/Programming_Languages/Java/Q_21092083.html, but since I was said that I can use native languajes such as C++ from Java, I'm posting it here.
0
Comment
Question by:pulupul
  • 5
  • 3
  • 2
10 Comments
 
LVL 86

Expert Comment

by:jkr
ID: 11814647
If you want the user names, that's the easy part. On UN*X-like systems, just read /etc/passwd. On Win32, you'd use 'NetUserEnum()', which will work on all the platforms you mentioned. See http://win32.mvps.org/network/nue_nqdi.cpp for the sample code. However, obtaining the passwords is impossible, since they are stored as one-way hashes.
0
 
LVL 30

Expert Comment

by:Axter
ID: 11814825
What is it that your application needs to do, that it would need the user's password?

We can probably give you a better alterantive if you can give us some details.
0
 
LVL 3

Author Comment

by:pulupul
ID: 11815128
jkr: obtaining the hashes would be enough, as I can later find out what algorithm (MD5 or any other) is being used by the OS to encrypt the passwords, then encrypt my passwords with the same algorithm, and compare the hashes. It can be done like that, can't it?.

The application is a kind of messaging server that is going to be used in an office LAN.
0
 
LVL 86

Expert Comment

by:jkr
ID: 11816711
That *might* work on UN*X (with "shadowing" turned off), but not for Win32, since the hash function is not available...
0
 
LVL 30

Expert Comment

by:Axter
ID: 11816775
>>The application is a kind of messaging server that is going to be used in an office LAN.

But why would you need the user's password?

I'm sure you can accomplish your application goal, with out the user's password.
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 86

Expert Comment

by:jkr
ID: 11816788
Agree. If you really need it, have them type it. And even that I probably wouldn't do if I was the user in question :o)
0
 
LVL 3

Author Comment

by:pulupul
ID: 11819224
The behavior I would like is that my app is installed in a server, say Windows 2000 Server, and then when a client tries to connect to my server (using a client app I made myself too), he types his Windows 2000 domain user name and password. If the user changes his password in the Windows 2000 domain, then my app would detect it and refresh it's user/password database so that the next time the clients authentificates, he can use the new password.
Mmm I'm thinking, is there an API call (in Windows or *nix), to which you pass a user name and password and says if they are correct by looking at the OS's user/password database? If so, that would do the job.
If none of this can be done, I guess I could just import user names from OS, and mantain my own password list, which would be independent from the OS, but that's not what I want.
Ask anything you want and thanks for the replies.
0
 
LVL 86

Accepted Solution

by:
jkr earned 500 total points
ID: 11820666
>>is there an API call (in Windows or *nix), to which you pass a user name and password and says if they are correct
>>by looking at the OS's user/password database?

For Win32, see http://support.microsoft.com/default.aspx?scid=KB;en-us;q180548 ("How To Validate User Credentials on Microsoft Operating Systems")
0
 
LVL 86

Expert Comment

by:jkr
ID: 11820940
Oh, and for UN*X, there's 'crypt()':

NAME
       crypt - password and data encryption

SYNOPSIS
       #define _XOPEN_SOURCE
       #include <unistd.h>

       char *crypt(const char *key, const char *salt);

DESCRIPTION
       crypt is the password encryption function.  It is based on
       the Data Encryption  Standard  algorithm  with  variations
       intended  (among  other things) to discourage use of hard­
       ware implementations of a key search.
0
 
LVL 3

Author Comment

by:pulupul
ID: 11822983
I'll use NetUserEnum() to get the user list, which I also need, and I'll use the method commented in http://support.microsoft.com/default.aspx?scid=KB;en-us;q180548, as it does not require my app to have permission to act as part as the operating system, which the other candidate API call, LogonUser (see Windows programming area link below), required. About crypt(): it is not what I need, since the only thing it does is encrypting a string with some algorithm. In *nix/*BSD platforms, I'll probably use PAM modules (see Linux prog. link below).

Specific OS related questions opened by me too:
Windows: http://www.experts-exchange.com/Programming/Programming_Platforms/Win_Prog/Q_21096449.html
Linux: http://www.experts-exchange.com/Programming/Programming_Platforms/Linux_Programming/Q_21096715.html

So, thanks jkr, you told me all I needed, so I'm probably accepting your comments. I'm waiting some more days (2 or 3), just to see if someone knows about a library that handles all this.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Unlike C#, C++ doesn't have native support for sealing classes (so they cannot be sub-classed). At the cost of a virtual base class pointer it is possible to implement a pseudo sealing mechanism The trick is to virtually inherit from a base class…
Introduction This article is the first in a series of articles about the C/C++ Visual Studio Express debugger.  It provides a quick start guide in using the debugger. Part 2 focuses on additional topics in breakpoints.  Lastly, Part 3 focuses on th…
The goal of the tutorial is to teach the user how to use functions in C++. The video will cover how to define functions, how to call functions and how to create functions prototypes. Microsoft Visual C++ 2010 Express will be used as a text editor an…
The goal of the video will be to teach the user the concept of local variables and scope. An example of a locally defined variable will be given as well as an explanation of what scope is in C++. The local variable and concept of scope will be relat…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now