Re: Getting user name for failed authentication

From: Henning Krause (newsgroup.no_at_spam.infinitec.de)
Date: 06/28/04

• Next message: Antonio: "Re: Getting user name for failed authentication"
• Previous message: S. Pidgorny : "Re: sftp upload to Windows 2003 EFS directory fails (using public key authentication)"
• In reply to: Antonio: "Re: Getting user name for failed authentication"
• Next in thread: Antonio: "Re: Getting user name for failed authentication"
• Reply: Antonio: "Re: Getting user name for failed authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Mon, 28 Jun 2004 14:06:52 +0200

Hello,

MSDN states that InitializeSecurityContext and AcceptSecurityContext both
return an error if the user could not be authenticated.... Doesn't that
help?

Greetings,
Henning Krause
==========================
Visit my website: http://www.infinitec.de
Try my free Exchange Explorer: Mistaya
(http://www.infinitec.de/?page=products)

"Antonio" <antoniopassado@hotmail.com> wrote in message
news:#iezxoOXEHA.3972@TK2MSFTNGP12.phx.gbl...
> Hi Henning,
>
> We are using SSPI to authenticate over NTLM, particularily
> InitializeSecurityContext/AcceptSecurityContext. Authentication happens
> inside our application and we have access to necessary credential handles,
> but at the moment we've got no clue how can we possibly dig this
information
> out of there in case of failed authentication. In case of successful
> authentication we call QuerySecurityContextToken(phContext, &hToken)) and
> then QueryContextAttributes(phContext, SECPKG_ATTR_NAMES, &secNames)) to
get
> the name he used for authentication. However this doesn't work for failed
> authentication.
>
> Regards,
> Antonio
>
> "Henning Krause" <newsgroup.no@spam.infinitec.de> wrote in message
> news:uKmQpLuWEHA.1764@TK2MSFTNGP10.phx.gbl...
> > How do you authenticate the user?
> >
> > Do you use some sort of LogonUser?
> >
> > Or does the authentication happens outside of you application?
> >
> > Greetings,
> > Henning Krause
> > ==========================
> > Visit my website: http://www.infinitec.de
> > Try my free Exchange Explorer: Mistaya
> > (http://www.infinitec.de/?page=products)
> >
> >
> > "Antonio" <antoniopassado@hotmail.com> wrote in message
> > news:ew4CxJrWEHA.3664@TK2MSFTNGP12.phx.gbl...
> > > Hello Henning,
> > >
> > > Thanks for your answer. What you say is true, but problem still
remains
> if
> > > we wan't to log into our own run-time log. Is there a way of realy
> getting
> > > this information somehow?
> > >
> > > Kind regards,
> > > Antonio
> > >
> > > "Henning Krause" <newsgroup.no@spam.infinitec.de> wrote in message
> > > news:#rSGPFrWEHA.3084@TK2MSFTNGP10.phx.gbl...
> > > > Hello,
> > > >
> > > > you could simply audit failed logons with Windows itself. They show
up
> > in
> > > > the security event log afterwards.
> > > >
> > > > Greetings,
> > > > Henning Krause
> > > > ==========================
> > > > Visit my website: http://www.infinitec.de
> > > > Try my free Exchange Explorer: Mistaya
> > > > (http://www.infinitec.de/?page=products)
> > > >
> > > >
> > > > "Antonio" <antoniopassado@hotmail.com> wrote in message
> > > > news:u2IVaIqWEHA.3740@TK2MSFTNGP12.phx.gbl...
> > > > > Hi everybody,
> > > > >
> > > > > We are using NTLM for authenticating clients that connect over
> network
> > > to
> > > > > our server. In case of failed authentication we would like to log
a
> > > > message
> > > > > into event log with the name under which user tried to login. Is
it
> > > > possible
> > > > > somehow to obtain this name during authentication process?
> > > > >
> > > > > Thanks in advance,
> > > > > Antonio
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>

---

• Next message: Antonio: "Re: Getting user name for failed authentication"
• Previous message: S. Pidgorny : "Re: sftp upload to Windows 2003 EFS directory fails (using public key authentication)"
• In reply to: Antonio: "Re: Getting user name for failed authentication"
• Next in thread: Antonio: "Re: Getting user name for failed authentication"
• Reply: Antonio: "Re: Getting user name for failed authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Exchange Explorer problem ... have entered your username in the Domain\Username format? ... OWA Forms ... And use Basic or NTLM authentication as the login method. ... >> Henning Krause ... (microsoft.public.exchange2000.applications) Re: Accessing Exchange mailbox from WinForm ... Henning Krause ... Why does Outlook use MAPI and why shouldn't I? ... Is there a way I can simply pass along the Credentials via the Windows ... what's the point of Windows Authentication? ... (microsoft.public.exchange.applications) Re: Getting user name for failed authentication ... authentication. ... but because during successful authentication we don't need to ... > Henning Krause ... >> Regards, ... (microsoft.public.windows.server.security) Re: Getting user name for failed authentication ... out of there in case of failed authentication. ... > Henning Krause ... >> Kind regards, ... (microsoft.public.windows.server.security) Getting of user name for failed authentication ... We are using NTLM for authenticating clients that connect over network to ... our server. ... In case of failed authentication we would like to log a message ... (microsoft.public.platformsdk.security)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.windows.server.security  > 2004-06