RE: User account management and information functions usage with trusted domains

From: Rhett Gong [MSFT] (v-raygon_at_online.microsoft.com)
Date: 11/15/05 

Date: Tue, 15 Nov 2005 07:34:58 GMT

Hello Sami,
Based on my understanding, you would like to use NetUserGetInfo(), NetUserGetGroups() and NetUserGetLocalGroups() for user information to do authentication across
domain, but fails with the first call to DsGetDcName() and the error is ERROR_NO_SUCH_DOMAIN.
 
If you make sure you have successfully configured SJL2K3D and SJL2KD trusted each other, you can use following call from sjlvpcws2003 to discover SJL2K3D's dc.
DWORD DsGetDcName(
  LPCTSTR ComputerName, // null
  LPCTSTR DomainName, // SJL2K3D
  //.....
  ULONG Flags, // you may use DS_AVOID_SELF|DS_FORCE_REDISCOVERY
  //.....
)
In my test env, it works fine for me. Please test it and let me know your result.

In addition, since you want to authenticate a user again a domain, I would like to recommend you use LogonUser, since this function is made for authentication directly and
easy to use.

Thanks,
Rhett Gong [MSFT]
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
http://support.microsoft.com/default.aspx?scid=/servicedesks/msdn/nospam.asp&SD=msdn

This posting is provided "AS IS" with no warranties and confers no rights.

Relevant Pages

  • Re: User account management and information functions usage with trusted domains
    ... happens when you pass in the DNS name of the domain? ... > I can login to the workstation where I run the software with an account ... >> for authentication directly and easy to use. ... , NetUserGetInfo() ...
    (microsoft.public.platformsdk.security)
  • Re: Calling NetUserGetInfo from ASP.NET app
    ... as an administrator, WinNT and NetUserGetInfo work. ... Client Domain: PACE ... when using LDAP is a classic symptom of an authentication failure related ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Custom IIdentity class - how to set it?
    ... am i correct then in thinking that this event will be raised multiple times ... So then the user information would be ... >> GenericIdentity) to contain lots of extra useful information to be ... >> to be controlling all of the authentication using custom forms ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: tomcat-5.0.27 authentication/authorization
    ... authentication to it then you could implement your own authentication and ... The listener will check the session and if it founds the user information in ... current request and the request is not the login page, ...
    (comp.lang.java.programmer)
  • Re: ASP.NET 2.0 Authentication pattern
    ... > - create custom IIdentity for additional user information ... You need to think about authentication as a seperate "silo" of functionality ... The provider architecture handles these ... areas out into its own provider and backing data store. ...
    (microsoft.public.dotnet.framework.aspnet.security)