RE: How to establish logon session to another domain using current credentials?

From: Rhett Gong [MSFT] (v-raygon_at_online.microsoft.com)
Date: 04/27/04


Date: Tue, 27 Apr 2004 11:03:50 GMT

Hi Victor,
To bind to ad object, we need to use following function (or similar functions):
1>ADsGetObject Binds to an ADSI object using the current credentials.
2>ADsOpenObject Binds to an ADSI object using specified credentials
To establish a logon session.
We can use LogonUser, but it still requires credentials.
 
So far as I know, if we do not prompt user for the credential, our application needs to know it before the
application was created.(So there is only one way left ---- hardcode a credential for an user)
What's your idea? Or you are in a certain special scenario. Please feel free to let me know if I have something
misunderstood.

Best regards,
Rhett Gong [MSFT]
Microsoft Online Partner Support

This posting is provided "AS IS" with no warranties, and confers no rights.
Please reply to newsgroups only. Thanks.



Relevant Pages

  • Re: DirectoryEntry Impersonate or WindowsIdentity Impersonate?
    ... Therefore, if you are doing a lot of binds with the same credentials, it ... One the other hand, if you are doing just a few binds for each user, I would ... > Another security question. ... Use the WindowsIdentity to impersonate the current user either by ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: DirectoryEntry Impersonate or WindowsIdentity Impersonate?
    ... Bill ... open object exists in memory with the server, ... Therefore, if you are doing a lot of binds with the same credentials, it ... One the other hand, if you are doing just a few binds for each user, I would ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: DirectoryEntry Impersonate or WindowsIdentity Impersonate?
    ... If you bind with the LDAP provider and specify ... credentials, the method for exchanging credentials with the server is ... (assuming the server has a valid cert and SSL can be negotiated). ... > Therefore, if you are doing a lot of binds with the same credentials, ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: User token created by ADsGetObject
    ... ADsGetObject Binds to an ADSI object using the *current credentials*. ... get user token of this logon session. ...
    (microsoft.public.platformsdk.security)