Link to home
Start Free TrialLog in
Avatar of saitcho
saitcho

asked on

How do I programmatically authenticate a user into a domain?

We have a .NET windows application that allows users to upload files to a shared folder on our network and also to view those files. The files are uploaded with FileInfo.CopyTo() and the files are viewed with Process.Start(fileName). This has been working well because all of the users of the application have been logged into the domain where the share is.

The app has recently been made available to users outside of our office. They will be coming in through a VPN (SonicWall) so we have created users for them in our domain, but after connecting through the VPN, they are not actually authenticated in the domain. If they try to access the files through the application at this point, there will be an exception because the share is not yet visible to them.

I have successfully used Uwe Keim's Impersonator class (http://www.codeproject.com/KB/cs/zetaimpersonator.aspx) to view the files. This class calls LogonUser() so that my call to Process.Start(fileName) is executed as a user that has permission to access the share. I can't use this technique for uploading the files, though, because the copy operation will need access to both the client's machine and the share.

If I have the users first browse to the share, they will be prompted by windows to supply their credentails and all is well with accessing the files through the app. Is there a way in code to mimic what happens when the user browses to the share and supplies credentials?
Avatar of Ron Malmstead
Ron Malmstead
Flag of United States of America image

Well...I know how to do it via command line.... but you have to supply a user / pass

shell...

net use ipc$ \\servername\sharename /user:domain\username password

that will authenticate a user to the server in that domain...
Avatar of saitcho
saitcho

ASKER

xuserx2000,

I like this approach and I think it will work for me, but I have a couple of questions.

What is ipc$? I have not been able to get the command to work with that. I have been able to get it to work using * instead. Here's the syntax that works for me:

net use * "\\msygis01\MY Documents" password /USER:msy\MYUser

This maps to the highest available drive letter which is fine, except that after the authentication, I want to remove the mapping so that 1) There is not a new one added every time the user runs the program  and 2)  The user won't see the mapping while browsing.

Since the * can map to a different drive letter each time, do you know how I might remove the mapping right after I map it?

Thanks
sorry...i gave you the wrong syntax...

net use \\128.0.0.246\ipc$ /USER:username@domain.com password


This will not connect a network drive, it will simply authenticate you.
ASKER CERTIFIED SOLUTION
Avatar of Ron Malmstead
Ron Malmstead
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial