Re: How to retrieve user's domain correctly?

From: Drebin (thedrebin_at_hotmail.com)
Date: 09/17/04 

Date: Fri, 17 Sep 2004 13:07:00 GMT

If you DO have a matching account on your local machine, that is expected
behaviour - your local account is much more "trusted" than your domain
account, and likely has more privs on the local machine. So it is by design
that if you have a domain and matching local account, the local account
should always take precendence. In other words, your process will always try
your local SID first, when trying to do anything, including trying to find
out where the account is from.

If you have a machine that does NOT have a matching account - it should,
work the way you expected, because there is only one instance of that
account. If THAT shows incorrectly, then I would say it's a bona fide bug in
Win32

"WNC" <wcedeno@online.nospam> wrote in message
news:F19F4742-6B18-47FE-A7D2-5D6DACEC0DD1@microsoft.com...
> Thank you Drebin for your response.
>
> We have checked this multiple times and we are certain that we have
> logged-in through the domain (USERX_DOMAIN). We used another system which
> does not have the local USERX account and we get the correct information.
>
> We investigated further this bug and found that even a WIN32 API returns
the
> incorrect information. Following is the summary of what we have seen so
far.
> All of the results were obtained from a system running .Net framework 1.1
on
> Windows 2000 profesional SP4.
>
> 1. .Net System.Environment.UserDomainName -> Incorrectly returns
MACHINE_NAME.
> 2. .Net SystemInformation.UserDomainName -> Incorrectly returns
MACHINE_NAME.
> 3. Win32 API LookupAccountName -> Incorrectly returns MACHINE_NAME.
> 4. .Net System.Environment.GetEnvironmentVariable("USERDOMAIN") ->
Correctly
> returns USERX_DOMAIN.
> 5. Win32 API GetUserNameEx with NAME_FORMAT set to -> Correctly returns
> USERX_DOMAIN/USERX.
>
> At this moment it looks that the problem is being propagated to the .Net
> framework classes by the Win32 API.
> WNC
>
> "Drebin" wrote:
>
> > It sounds like you authenticated through your local machine - in other
> > words, when you go to login, you specify to log in from the local
machine
> > instead of the domain.
> >
> > If that is the case, this is correct - you ARE logged in as your machine
> > account and NOT your domain account. And if you are trying to get the
> > running user of the CURRENT process, this is pretty reliable:
> >
> > string strUser = Environment.UserDomainName + "\\" +
Environment.UserName;
> >
> > HTH
> >
> >
> > "WNC" <wcedeno@online.nospam> wrote in message
> > news:0DAE4440-A1C9-4BF8-8EC9-D91E0869FE9C@microsoft.com...
> > > If you are using any of the following two calls below, you may not get
> > > what
> > > you are looking for.
> > >
> > > string domain = System.Environment.UserDomainName;
> > > string domain = SystemInformation.UserDomainName;
> > >
> > > I happen to have an account USERX as part of the local domain
> > > (MACHINE_NAME)
> > > of my system. The same account name USERX is used for my USERX_DOMAIN
> > > domain.
> > > I logged in as USERX_DOMAIN\USERX but the domain returned by those two
> > > calls
> > > is MACHINE_NAME.
> > >
> > > As a workaround, I am going to use the value of the environment
variable
> > > USERDOMAIN, which is correct, to get the correct domain name. How
could I
> > > obtain the correct domain name without depending on an overwritable
> > > environment variable?
> > >
> > > --
> > > WNC
> >
> >
> >

Relevant Pages

  • Re: HKEY_LOCAL_MACHINE Registry Access
    ... > Using Regedit: I'm sitting at my local machine, ... > you're talking about the LOCAL SERVICE account). ... - you are logged on using a DOMAIN administrators account that is a member ...
    (microsoft.public.dotnet.languages.csharp)
  • RE: search webservice authorization issue
    ... dedicated account is OK for me. ... > It works fine on your local machine with default credentials because you are ... > boundary, your sending your credentials to the target SPS server, SPS in turn ...
    (microsoft.public.sharepoint.portalserver.development)
  • Re: Local Admin vs Domain Admin problems
    ... domain and added this to the local administrators group. ... If you believe you've mistakenly created a local account, ... get no additional rights. ... > programs on his local machine and change things. ...
    (microsoft.public.win2000.security)
  • Re: For one server only, services now run only under local system - no
    ... Make sure the account has appropriate policy permissions on local machine such as logon as a service. ... because it uses an outlook profile on the machine and local system, I'm told, ...
    (microsoft.public.win2000.general)
  • Re: exdeploy dsscopescan problem
    ... Since you said you can add the account to ... > includes the exchange server i cannot connect to via exdeploy ... > service admin rights to all exchange site and configuration levels and to ... > usrmgr on the local machine, the account in the administrators group says ...
    (microsoft.public.exchange.setup)