Re: Authenticating NT Credentials in C#

I'm not sure how you are supposed to deal with that. If you could connect
to an existing RPC server endpoint that supports SSPI auth (most of them in
Windows), then you could probably get by with just the client. However, I'm
not sure what you are supposed to do there to be honest. Perhaps looking at
one of the C++ samples might give you a clue as to how to go about doing
that.

Another option would be to use LDAP to do the authentication and use the
ability of MS LDAP to do SSPI for authentication. You would need to be able
to find an LDAP server to connect to, but that can usually be located via
DNS/DC locator service if you have the domain name to use.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"Matthew Wieder" <MatthewWieder@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:26F3D7BE-497C-4454-9746-60FDCF7E23A1@xxxxxxxxxxxxxxxx
The only examples I am able to see that use that class involve writing a
server as well and validating the client against that server. I'm
interested
in validating against the NT domain - not my own server.

"Joe Kaplan" wrote:

There is a wrapper in .NET 2.0 for SSPI-authenticated streams called
NegotiateStream. You might want to look around for some implementations
that demonstrate how to use it for that purpose.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
"Matthew Wieder" <MatthewWieder@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:DE970525-1EB3-4923-A6E1-C04770B86840@xxxxxxxxxxxxxxxx
I must be missing something since this seems like a common task, but I
can't
find any .NET samples of, if given an NT domain/username and password,
to
validate that the username and password are correct. LogonUser won't
work
since the code needs to run on Windows 2000 without admin priviledges.
I
would think there to be a .NET class for this purpose, but the only
thing
I've found is the SSPI example here
http://support.microsoft.com/?id=180548
using C++.





.

Relevant Pages

  • Re: LDIFDE Error when trying to change passwords.
    ... Can you show the command line you are trying to use? ... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... import directly from the server via a command prompt, ...
    (microsoft.public.windows.server.active_directory)
  • Re: Integrated Windows Authentication Timeout?
    ... I'd suggest bumping up the auditing on both the web server and SQL ... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... I do not use any session data so the session timeout should not be the ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Why got error "Only one type of operation can be performed in
    ... you have the full stack trace of the error message? ... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... It could be that you have run into an ADSI limitation on Win2K server ...
    (microsoft.public.dotnet.security)
  • Re: How to run as in a deamon
    ... problem to store the credentials vs. the operating system's. ... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... have login rights on the server. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: ADFS System.Web.Security.SingleSignOn.WebSsoConfigurationExcep
    ... claims app doesn't overlap with the federation server ... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... entered the complete URL for the web site under "Base URL". ...
    (microsoft.public.windows.server.active_directory)