Re: Windows Authentication in VB.Net Application

Thanks Dominick, that solved my problem. I hope everyone else with the
same problem checks this post.

Dominick Baier wrote:
On w2k you need very high privileges to call LogonUser - i found Keith's
old SSPI Verififer that works on w2k as a normal user.

http://www.develop.com/technology/resourcedetail.aspx?id=ee929f0b-1f9d-4a2a-92a1-911706bd7b52

---
Dominick Baier, DevelopMentor
http://www.leastprivilege.com

I looked into the example for the WindowsImpersonationContext class
and it said that it would only work with XP and we use 2K. I tried it
anyway and I could not get it to work. I also looked for
NegotiateStream and that said it was part of the 2.0 framework and we
are working with the 1.1 framework. Any other ideas?

Joe Kaplan wrote:

You can basically either use the LogonUser API (which has a wrapper
documented in the code sample for the WindowsImpersonationContext
class) or you can use SSPI directly, which is normally done using the
NegotiateStream class.

In order to provide the UI, you should probably use
CredUIPromptForCredentials.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
"Rocky Neurock" <jneurock@xxxxxxxxx> wrote in message
news:1156945423.034903.260650@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I have an application that requires a user name and password so no
one sits down at anyone else's desk and runs the application as that
user. I don't want to create a database to store user names and
passwords. All I want to do is prompt the user for their Windows
user name and password and verify it against the domain and not
their local system. This is so users can run the application on
other user's systems without having to log in to that system. This
is necessary so that managers and supervisors can access the
application at any workstation.

I haven't found any nice code examples demostrating an effective way
to check user credentials in a windows forms application. Does
anyone have any thoughts, suggestions? Thanks.


.

Relevant Pages

  • Re: Windows Authentication in VB.Net Application
    ... On w2k you need very high privileges to call LogonUser - i found Keith's old SSPI Verififer that works on w2k as a normal user. ... Co-author of "The .NET Developer's Guide to Directory Services ... All I want to do is prompt the user for their Windows ...
    (microsoft.public.dotnet.security)
  • Re: Roles.IsUserInRole != Context.User.IsInRole
    ... My book is on .NET Directory Services programming and has been out ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... Dominick Baier, DevelopMentor ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: How to bypass Forms Authentication on selected pages programma
    ... Dominick Baier ... "Joe Kaplan" wrote: ... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services ...
    (microsoft.public.dotnet.security)
  • Re: About ASP.Net Impersonation
    ... Dominick Baier - DevelopMentor ... authenticated with integrated Windows auth, you need to properly configure Kerberos delegation. ... Our asp.net app needs to access other servers from our IIS servers. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Kerberos S4U problem
    ... Dominick Baier - DevelopMentor ... does it work from Windows XP or only from Server? ... I have been attempting just this, I have set my local account to have permission to act as part of the operating system and have flaged it as trusted for delegation, however whenever I use this function I get a System.Security exception with the message "Incorrect Function", I get the exact same result if I call LsaLogonUser using the Kerberos S4U format. ...
    (microsoft.public.dotnet.security)