validate active directory login information

Hello,

I'm going to write an server application that shall check the login information (Windows 2000 domain) given by a client.
How can I realize that issue? Because I've some code that shall do that, but it throws an error. There is a limitation in Windows, so a user can only be logged on once. The outcome of these is, that the logged on user could be authorized but any other user/password combination not.

Here is the code:
Private Function IsAuthenticated(ByVal strUserName As String, ByVal strPassword As String) As Boolean
On Error Resume Next
    Dim strADsPath      As String
    Dim iFlags          As String
    Dim strADsNamespace As String
   
    Dim oADsObject      As Object
    Dim oADsNamespace   As Object
   
    strADsPath = "WinNT://" & m_strDomain
    iFlags = "0"
   
    ' bind to the ADSI object and authenticate Username and password
    Set oADsObject = GetObject(strADsPath)
    strADsNamespace = left(strADsPath, InStr(strADsPath, ":"))
    Set oADsNamespace = GetObject(strADsNamespace)
    Set oADsObject = oADsNamespace.OpenDSObject(strADsPath, m_strDomain & "\" & strUserName, strPassword, 0)
   
    ' we're only bound if err.number = 0
    IsAuthenticated = (Err.Number = 0)
End Function


I read that it could be done with LDAP, but how to use it in VB6?
Or is there a way around the mentured login limitation?

best regards
Martin
LVL 1
mkrellAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
David LeeConnect With a Mentor Commented:
I'd forgotten about this question.  I found the item I was thinking of.  It doesn't use LDAP though.  Here it is: http://vbnet.mvps.org/index.html?code/network/acceptsecuritycontext.htm 

If this isn't what you're looking for, then I recommend that the question be closed and a refund given.
0
 
David LeeCommented:
One way to do this is by changing the user's password.  To do that you have to supply the current password.  If the current password is wrong, then the change will fail and you'll know the current password si wrong.  This works okay, unless you have a policy in place that says a certain amount of time must pass after a password change before the user can change their password a second time.  Here's an example of this approach.  Look about half-way down in the code for a function called IsGoodPWD.

http://www.freevbcode.com/ShowCode.Asp?ID=4935

0
 
mkrellAuthor Commented:
Ok that may work...
But in my opinion it's a bit strange to change the passwords for validating them. Is there no other way?

I found some VB.NET Code using LDAP to solute that... But I couldn't translate it to VB 6
0
 
David LeeCommented:
I seem to remember seeing one somewhere but I can't find it again.  I'll keep looking and if I find it I'll post it here.
0
All Courses

From novice to tech pro — start learning today.