Link to home
Start Free TrialLog in
Avatar of mkrell
mkrell

asked on

validate active directory login information

Hello,

I'm going to write an server application that shall check the login information (Windows 2000 domain) given by a client.
How can I realize that issue? Because I've some code that shall do that, but it throws an error. There is a limitation in Windows, so a user can only be logged on once. The outcome of these is, that the logged on user could be authorized but any other user/password combination not.

Here is the code:
Private Function IsAuthenticated(ByVal strUserName As String, ByVal strPassword As String) As Boolean
On Error Resume Next
    Dim strADsPath      As String
    Dim iFlags          As String
    Dim strADsNamespace As String
   
    Dim oADsObject      As Object
    Dim oADsNamespace   As Object
   
    strADsPath = "WinNT://" & m_strDomain
    iFlags = "0"
   
    ' bind to the ADSI object and authenticate Username and password
    Set oADsObject = GetObject(strADsPath)
    strADsNamespace = left(strADsPath, InStr(strADsPath, ":"))
    Set oADsNamespace = GetObject(strADsNamespace)
    Set oADsObject = oADsNamespace.OpenDSObject(strADsPath, m_strDomain & "\" & strUserName, strPassword, 0)
   
    ' we're only bound if err.number = 0
    IsAuthenticated = (Err.Number = 0)
End Function


I read that it could be done with LDAP, but how to use it in VB6?
Or is there a way around the mentured login limitation?

best regards
Martin
Avatar of David Lee
David Lee
Flag of United States of America image

One way to do this is by changing the user's password.  To do that you have to supply the current password.  If the current password is wrong, then the change will fail and you'll know the current password si wrong.  This works okay, unless you have a policy in place that says a certain amount of time must pass after a password change before the user can change their password a second time.  Here's an example of this approach.  Look about half-way down in the code for a function called IsGoodPWD.

http://www.freevbcode.com/ShowCode.Asp?ID=4935

Avatar of mkrell
mkrell

ASKER

Ok that may work...
But in my opinion it's a bit strange to change the passwords for validating them. Is there no other way?

I found some VB.NET Code using LDAP to solute that... But I couldn't translate it to VB 6
I seem to remember seeing one somewhere but I can't find it again.  I'll keep looking and if I find it I'll post it here.
ASKER CERTIFIED SOLUTION
Avatar of David Lee
David Lee
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial