[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 230
  • Last Modified:

How do identify users who visit an intranet site secured with NTFS?

Hi experts,

I have an intranet site.  IIS 5.1.  I use NTFS permissions, windows authentication to allow access.  

I'd like to create a counter that not only counts page hits, but also keeps track of the Username of visitors to the site in an Access Database.

Is it possible to identify what username is accessing the site?

Could someone point me in the right direction?
0
TCantrell
Asked:
TCantrell
  • 5
  • 3
1 Solution
 
TCantrellAuthor Commented:
I'm using VB; Asp.net

Tx
0
 
rdivilbissCommented:
<%
Dim username, pageName, cmd, conn, RS, cmdText, param, numAffected, connectionString
Username = request.servervariables("AUTH_USER")
pageName = LCase(Trim(request.servervariables("SCRIPT_NAME")))
pageName = Trim(Mid(pageName, InStrRev(pageName, "/")+1))

Const adVarChar = 200
Const adDate = 7
Const adParamInput = = &H0001
Const adExecuteNoRecords = &H00000080

connectionString = Application("examples") ' e.g. "Provider=Microsoft.Jet.OLEDB.4.0;Data Source='E:\web\database\examples.mdb'"

Set cmd = Server.CreateObject("ADODB.Command")
Set conn = Server.CreateObject("ADODB.Connection")
conn.Open(connectionString)

Set cmdText = "INSERT INTO users (username,pageName,when) " &_
                       "VALUES (@username,@pageName,@when);"

Set param = cmd.CreateParameter(@username,adVarChar,adParamInput,CLng(50),username)
cmd.Parameters.Append param
Set param = cmd.CreateParameter(@pageName,adVarChar,adParamInput,CLng(50),pageName)
cmd.Parameters.Append param
Set param = cmd.CreateParameter(@when,adDate,adParamInput,CLng(50),now())
cmd.Parameters.Append param

cmd.commandText = cmdText

cmd.Execute numAffected,, adExecuteNoRecords

%>
0
 
rdivilbissCommented:
Put that script into a separate file in the include folder off the web root, say we call it, "logem.asp"

correct the connection string to match your database location.

Add this as the first line to every page (second line if you use Option.Explicit.

<!--#include virtual="include/logem.asp"-->

I guess you should add:

Set cmdText = nothing
Set param = nothing
Set conn = nothing
Set cmd = nothing

The fields in the database are ID, autonumber - primary key, username Text 50, pageName Text 50 and when Date/Time.

Regards,
Rod
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
TCantrellAuthor Commented:
This looks excellent, I won't be able to test until tomorrow.
tx
0
 
rdivilbissCommented:
okay
0
 
nardokidCommented:
if you just want to identify the username you can also use this:


        Dim username As String
        Dim aryUser As Array
        aryUser = Split("\", Page.User.Identity.Name)
        username = aryUser(1)
0
 
TCantrellAuthor Commented:
I've been trying to get this to work.

I was getting an error message that "Set" was no longer supported.

I've cobbled together something that works except for 2 issues.

When trying to pass the Date into my DB, I get a SQL Syntax error.  

I've tried using this:

MyCommand.Parameters.Add(@when, now())

But I think there is something I need to do to format it so that it works in the SQL statement.

Also, I'm currently scripting this in my Page_Load.

I'd rather turn it into an include file.  Any special instructions for that?
0
 
TCantrellAuthor Commented:
I've got this block of code working in my Page_Load

Is there a clean way of putting this into every page without putting it in the Page_Load or each page?

Should I use an include file, or something else?  I've never used includes.  I appreciate any advice.


varUser = request.servervariables("logon_user")
          varUser = Trim(Mid(varUser, InStrRev(varUser, "\")+1))
          varPage = LCase(Trim(request.servervariables("SCRIPT_Name")))
          varPage = Trim(Mid(varPage, InStrRev(varPage, "/")+1))
   
      Dim strSQLUser as String = "INSERT INTO Users([username], [pageName], [When]) VALUES (@User, @Page, Date() + Time())"

      Dim objConnUser as New OleDbConnection(ConfigurationSettings.appSettings("strConn"))
      Dim myCommandUser as OleDbCommand = new OleDbCommand(strSQLUser, objConnUser)


      myCommandUser.Parameters.Add("@User", varUser)
      myCommandUser.Parameters.Add("@Page", varPage)


      try
       objConnUser.Open()
       myCommandUser.ExecuteNonQuery()
       
      catch ex as Exception
           throw
          
      finally
          objConnUser.Close()
      
      End Try
0
 
TCantrellAuthor Commented:
Thanks Rod!

I finally got it into an include file.

Thanks.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now