How do identify users who visit an intranet site secured with NTFS?

Posted on 2005-05-06
Last Modified: 2012-06-21
Hi experts,

I have an intranet site.  IIS 5.1.  I use NTFS permissions, windows authentication to allow access.  

I'd like to create a counter that not only counts page hits, but also keeps track of the Username of visitors to the site in an Access Database.

Is it possible to identify what username is accessing the site?

Could someone point me in the right direction?
Question by:TCantrell

    Author Comment

    I'm using VB;

    LVL 29

    Expert Comment

    Dim username, pageName, cmd, conn, RS, cmdText, param, numAffected, connectionString
    Username = request.servervariables("AUTH_USER")
    pageName = LCase(Trim(request.servervariables("SCRIPT_NAME")))
    pageName = Trim(Mid(pageName, InStrRev(pageName, "/")+1))

    Const adVarChar = 200
    Const adDate = 7
    Const adParamInput = = &H0001
    Const adExecuteNoRecords = &H00000080

    connectionString = Application("examples") ' e.g. "Provider=Microsoft.Jet.OLEDB.4.0;Data Source='E:\web\database\examples.mdb'"

    Set cmd = Server.CreateObject("ADODB.Command")
    Set conn = Server.CreateObject("ADODB.Connection")

    Set cmdText = "INSERT INTO users (username,pageName,when) " &_
                           "VALUES (@username,@pageName,@when);"

    Set param = cmd.CreateParameter(@username,adVarChar,adParamInput,CLng(50),username)
    cmd.Parameters.Append param
    Set param = cmd.CreateParameter(@pageName,adVarChar,adParamInput,CLng(50),pageName)
    cmd.Parameters.Append param
    Set param = cmd.CreateParameter(@when,adDate,adParamInput,CLng(50),now())
    cmd.Parameters.Append param

    cmd.commandText = cmdText

    cmd.Execute numAffected,, adExecuteNoRecords

    LVL 29

    Accepted Solution

    Put that script into a separate file in the include folder off the web root, say we call it, "logem.asp"

    correct the connection string to match your database location.

    Add this as the first line to every page (second line if you use Option.Explicit.

    <!--#include virtual="include/logem.asp"-->

    I guess you should add:

    Set cmdText = nothing
    Set param = nothing
    Set conn = nothing
    Set cmd = nothing

    The fields in the database are ID, autonumber - primary key, username Text 50, pageName Text 50 and when Date/Time.


    Author Comment

    This looks excellent, I won't be able to test until tomorrow.
    LVL 29

    Expert Comment


    Expert Comment

    if you just want to identify the username you can also use this:

            Dim username As String
            Dim aryUser As Array
            aryUser = Split("\", Page.User.Identity.Name)
            username = aryUser(1)

    Author Comment

    I've been trying to get this to work.

    I was getting an error message that "Set" was no longer supported.

    I've cobbled together something that works except for 2 issues.

    When trying to pass the Date into my DB, I get a SQL Syntax error.  

    I've tried using this:

    MyCommand.Parameters.Add(@when, now())

    But I think there is something I need to do to format it so that it works in the SQL statement.

    Also, I'm currently scripting this in my Page_Load.

    I'd rather turn it into an include file.  Any special instructions for that?

    Author Comment

    I've got this block of code working in my Page_Load

    Is there a clean way of putting this into every page without putting it in the Page_Load or each page?

    Should I use an include file, or something else?  I've never used includes.  I appreciate any advice.

    varUser = request.servervariables("logon_user")
              varUser = Trim(Mid(varUser, InStrRev(varUser, "\")+1))
              varPage = LCase(Trim(request.servervariables("SCRIPT_Name")))
              varPage = Trim(Mid(varPage, InStrRev(varPage, "/")+1))
          Dim strSQLUser as String = "INSERT INTO Users([username], [pageName], [When]) VALUES (@User, @Page, Date() + Time())"

          Dim objConnUser as New OleDbConnection(ConfigurationSettings.appSettings("strConn"))
          Dim myCommandUser as OleDbCommand = new OleDbCommand(strSQLUser, objConnUser)

          myCommandUser.Parameters.Add("@User", varUser)
          myCommandUser.Parameters.Add("@Page", varPage)

          catch ex as Exception
          End Try

    Author Comment

    Thanks Rod!

    I finally got it into an include file.


    Featured Post

    Training Course: Adobe Dreamweaver CC 2015

    Adobe Dreamweaver Creative Cloud is used by web designers and front-end developers and allows you to visualize your site in real-time as you code. This course covers exam objectives for the Adobe Certified Associate (ACA) certification.

    Join & Write a Comment

    Suggested Solutions

    Accessibility and Usability are two concepts that seem to be closely related.  But, too many people seem to have a distorted perception of them. During last five years, those two words have come to the day-to-day work of almost every web develope…
    Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
    Viewers will get an overview of the benefits and risks of using Bitcoin to accept payments. What Bitcoin is: Legality: Risks: Benefits: Which businesses are best suited?: Other things you should know: How to get started:
    This tutorial demonstrates how to identify and create boundary or building outlines in Google Maps. In this example, I outline the boundaries of an enclosed skatepark within a community park.  Login to your Google Account, then  Google for "Google M…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now