Re: Authenticate Against the Domain

Passwords are not stored by Windows Dave. It merely keeps a "digest" of your
password and so can confirm that you know it but without *it* knowing it
itself (also called a 'zero-knowledge proof')

There's a difference between 'authentication' and 'authorisation'. A user is
authenticated when they enter an account name and password, e.g. when they
log on. Thereafter, you can find who they were authenticated as by calling,
say, the GetuserNameEx API. Once you have some guaranteed accurate
information like this then it can be used to determine whether you're
authorised to access some resource. In the example I mention here, the
textual "domain\account" name could be used as some sort of key. Internally,
though, you can also get the security token associated with your process and
pass that around as proof of who you were authenticated as.

Can you provide any more information about what your FAX server will accept
as proof of who you were authenticated as?

Tony Proctor

"FreeMinded" <thedaveboyle@xxxxxxxxx> wrote in message
news:1177320988.499108.254800@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi folks, I would like to develop functionality into our VB6 and .net
applications so that the user is authenticated based on their windows/
domain credentials, and they don't have to enter a password any more.

The module i'm developing interfaces with the fax software on our fax
server. This fax software requires that the user logs in. The client
application that the user has locally doesn't require the user to log
in though - they are authenticated against the domain.

Can anyone with familiarity in this field explain to me what would be
involved in adding this functionality to our application? What is
involved in getting the application to automatically authenticate the
user against the domain instead of having to type in a username and
password?

Currently the application does this:

objLF.Session.Logon(ServerName, Port, UserId, UserPassword)

where the password is taken from a textbox. Would it be possible to
get that password value from the domain controller?

Thanks,

Dave



.

Relevant Pages

  • Re: Kerberos machine authentication - apparent authentication fail
    ... > until logon), the wireless connection can kick off when it is ready. ... > was confirmed in the server event logs with IAS (i set that up as the radius ... > as an ordinary user kicks in and takes over from the machine authentication. ... > while the network sorts itself out and a double click on a network link of ...
    (microsoft.public.windows.server.security)
  • Re: Basic Authentication + IIS 5 + Windows 2000 + Frontpage 2002 = failure?
    ... SYSTEM account. ... In IIS I took the virtual server that I was testing, ... Authentication premise. ... From a website perspective, I ...
    (microsoft.public.inetserver.iis.security)
  • Re: Remote Web Workplace Issues-Please help!
    ... Open the Server Management Console, ... client after Authentication" right. ... permissions, and Microsoft Windows user rights according to the KB 812614. ... Download the IIS Resource Kit tools from the following page: ...
    (microsoft.public.windows.server.sbs)
  • Need help configuring Wireless Connection profile
    ... I have an SBS 2003 server and a Server 2003 member server set up using RADIUS ... Windows authentication for all users,4129,LRG\ryanv,4149,Wireless WPA2 PEAP ... Certificate Services ...
    (microsoft.public.windowsxp.general)
  • [REVS] NTLM HTTP Authentication is Insecure By Design
    ... in front of a web server, and that proxy server shares a single TCP ... These are attacks that make use of non-RFC HTTP requests (HTTP Request ... the authentication is associated with the ...
    (Securiteam)