Re: Remote user authentication
From: Antonio (antoniopassado_at_hotmail.com)
Date: 01/08/04
- Next message: SB Fong: "Cert for use with CAPICOM signing and backup the private key"
- Previous message: Mark_Pryor: "Re: Importing a presisted hash value and using it CryptDeriveKey results in NTE_BAD_HASH"
- In reply to: Param: "Remote user authentication"
- Next in thread: Param: "Re: Remote user authentication"
- Reply: Param: "Re: Remote user authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 8 Jan 2004 10:03:56 +0100
Hi,
If I understand your problem right you want to authenticate over the
Internet a user from a machine, however server doesn't know anything about
that user of that machine even if his username and password match one of the
server's users? If yes, why would you need than to authenticate exactly that
user and not the user with such name and password known on the server? When
you authenticate to a system, you provide a name known to that system and I
think here should be the same. If authenticating someone remotely as given
user from the server is OK for you than SSPI should be enough otherwise you
need to elaborate on details of your scenario.
I hope the following information will be relevant to your case. Have a look
at the following functions in MSDN and check out sample codes if they are
available there:
AcquireCredentialsHandle
InitializeSecurityContext
AcceptSecurityContext
CompleteAuthToken
Detailed explanations and good examples can be found in book "Programming
server-side applications for Windows 2000" by Jeffrey Richter and Jason D.
Clark. We've used this API for authenticating remote users over the Internet
similarly to your scenario.
Regards,
Antonio
"Param" <tparames@hotmail.com> wrote in message
news:eIFSOdG0DHA.2160@TK2MSFTNGP12.phx.gbl...
> Hi,
> I have the following requirement:
> I need to authenticate the credentials of a user which is on a remote
> machine (Win2000 Server). The user is only local to that machine and not a
> domain user. Also, the user is a member of "Users" group (or it may belong
> to any group). I will use only IP address and not the DNS for connecting
to
> the remote machine.
> I tried the following approaches:
>
> 1) Using SSPI functions such as "GenClientContext" which involves
preparing
> client and server messages to negotiate, challenge and authenticate. But
> this works fine only for local users and domain users.
>
> 2) Mapping of a drive from remote machine. But this works only for admin
> users.
>
> 3) Changing the password to the same value using NetUserChangePassword.
But
> this fails if password policy restricts.
>
> Is there any other way to authenticate the remote user credentials? Please
> note that I know the password for the Administrator account in that remote
> machine.
>
> Thanks in advance,
> Param.
>
>
>
- Next message: SB Fong: "Cert for use with CAPICOM signing and backup the private key"
- Previous message: Mark_Pryor: "Re: Importing a presisted hash value and using it CryptDeriveKey results in NTE_BAD_HASH"
- In reply to: Param: "Remote user authentication"
- Next in thread: Param: "Re: Remote user authentication"
- Reply: Param: "Re: Remote user authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
