?
Solved

Authenticating Access DB with Active Directory

Posted on 2014-12-31
7
Medium Priority
?
179 Views
Last Modified: 2014-12-31
Is it possible to link/sync my login form with Active Directory so my users can login using the same AD credentials?
0
Comment
Question by:Lawrence Salvucci
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 58
ID: 40525302
You can use the procedure below to grab the computer name or the users network login.

Jim.

Private Declare Function GetComputerNameA Lib "kernel32" (ByVal lpBuffer As String, nSize As Long) As Long
Private Declare Function GetUserNameA Lib "advapi32.dll" (ByVal lpBuffer As String, nSize As Long) As Long


Public Function WhoAmI(bReturnUserName As Boolean) As String

        ' Function returns either user name or computer name

        Dim strName As String * 255

10      If bReturnUserName = True Then
20        GetUserNameA strName, Len(strName)
30      Else
40        GetComputerNameA strName, Len(strName)
50      End If

60      WhoAmI = left$(strName, InStr(strName, vbNullChar) - 1)

End Function 

Open in new window

0
 
LVL 58
ID: 40525303
I should add that if you really want to poll AD from VBA for other things, you'll need to use LDAP to do it (and yes, it can be done).

Jim.
0
 
LVL 1

Author Comment

by:Lawrence Salvucci
ID: 40525305
I already have code to grab the computer name and network username. I'm trying to find a way to have it sync or verify their password when they log into the database against AD. Instead of having separate passwords for AD and the Access DB I want them to be the same but controlled by AD.
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
LVL 58
ID: 40525315
<<I'm trying to find a way to have it sync or verify their password when they log into the database against AD. Instead of having separate passwords for AD and the Access DB I want them to be the same but controlled by AD. >>

  But if their logged into the computer, then they've already authenticated with AD and all you need to do is grab the network name.

 If your saying though that you want to have a situation where user A is logged in, but user B sits down and fires up your app and enters a username/password, and authenticate that, then I don't know how to do that off-hand.   It's just never come up before.

 Everyone relies on the logged in username.

Jim.
0
 
LVL 1

Author Comment

by:Lawrence Salvucci
ID: 40525321
I understand what you're saying. So if a user already authenticates with AD there is no need for them to enter a PW when accessing the DB, correct? Right now I have a login form that is bound to a table in my DB where the username and PW are stored. So would I not need to use that table?
0
 
LVL 58

Accepted Solution

by:
Jim Dettman (Microsoft MVP/ EE MVE) earned 2000 total points
ID: 40525340
<<So would I not need to use that table? >>

You may or may not.  There are a number of approaches you can take depending on how you want to handle security:

1. Rely on the network login name - no login form in the app - it just starts up.
2. A login form, defaulted to the network login name, and asks for a password to match against an app level user table.
3. A login form, which defaults to the network name, but allows the username to be changed, and asks for a password to match against an app level user table.

With #1 obviously, no table needed.   With #2 and 3 you would.   I usually use #2 only to protect someone from walking up to the station and using the app.  It's also an easy way to control who has access to what apps.  

If however users are trained well and lock their stations (or logout) when leaving, then #1 is fine.

#3 I use when one station may be used by multiple people, say a receiving app on a warehouse computer.  Again however, it relies on someone exiting the app when leaving.

So what you need depends on the situation.  My suggestion would be to leave the user table in and as part of that login, have a "RequiresLogin" flag and also a "CanChangeUserName" flag.

When your app starts up, check the first and if true, pop-up your login form.    Second says if they can login as any user or not.

That covers all the situations then that you might encounter.

But if you always want to authenticate against AD, I would take the easy way out and use #1 or #2 and rely on the authentication process built into windows to do the job.   If another user needs to use the app, then they need to login to windows.

That can be a good idea anyway in terms of the app needing to save external files or data, create temp files, etc. as it is all handled at the windows user level then.

Jim.
0
 
LVL 1

Author Closing Comment

by:Lawrence Salvucci
ID: 40525366
Thank you for the detailed explanation Jim. I agree with you about using #2 as the viable option. Thank you again for your help!
0

Featured Post

Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Access custom database properties are useful for storing miscellaneous bits of information in a format that persists through database closing and reopening.  This article shows how to create and use them.
This article shows how to get a list of available printers for display in a drop-down list, and then to use the selected printer to print an Access report or a Word document filled with Access data, using different syntax as needed for working with …
With Microsoft Access, learn how to specify relationships between tables and set various options on the relationship. Add the tables: Create the relationship: Decide if you’re going to set referential integrity: Decide if you want cascade upda…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question