Click to See Complete Forum and Search --> : user authentication in NT
sigkill
April 16th, 2003, 11:51 PM
Hi,
I'm new to windows programming...
I'm looking for APIs to authenticate users against a NT domain. I'm looking for something like:
BOOL authenticate_user( domain, username, password );
Is there any way to achieve this in VC++?
Thanks in advance....
Ravi
mahanare
April 17th, 2003, 12:57 AM
we have a function called LogonUser(..)
refer to MSDN.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/security/logonuser.asp
be clear with your requirements, tell me what you exactly have to do? so that i may be helpful to you.
Because I did some work on this.
cheers
mahanare
sigkill
April 18th, 2003, 09:09 AM
Thanks for the reply...but I have few doubts about that function.
i wrote a sample program which takes username, domain and password and verify using LogonUser.
* it works fine on a win2k box (i had to set 'run as part of the os' rights to the user, Administrator).
* when i tried on a XP box there was a problem...for a user account 'A' with some password, it works fine...i.e., it will return success only if the password is ok...but if i give some arbitrary username, which is not present on the box, it returns true in all cases.
it works fine on a win2k box.
Also, I want to verify from experienced windows programmers, whether this is the proper way to verify user accounts.
Thanks...
Ravi
sigkill
April 19th, 2003, 12:43 AM
I want to write a server which acts as a frontend to an NT domain. It should authenticate users, show/modify user and group accounts so that it can also be managed from a unix box.
I tried the netapi32.lib api for accessing user and group information and it works fine. I want the other part i.e., verifying user authentication.
mahanare
April 19th, 2003, 01:01 AM
Ravi, LogonUser() didn't give any problem to me.
as the MSDN reads you can authenticate the user with the local system only, we cann't take the username, password,domain from user and authenticate with a remote system.
But I think This the function you are looking for.
Because I used it to do some other work with CreateProcessAsUser() which needs the user handle returned by LogonUser(). see If the user is authenticated correctly then it returns a PHANDLE which containes the authentication of the user.
See this is how i used it
if (!LogonUser(
"trniac",
"HISOBGT",
"password",
LOGON32_LOGON_INTERACTIVE,
LOGON32_PROVIDER_DEFAULT,
&hToken
))
return RTN_ERROR;
even you may be interested to read the following disscussion
http://www.codeguru.com/forum/showthread.php?s=&threadid=240882
remember LogonUser() will never returns nonzero value for a wrong user.
It returns Non zero for successfull athentication and zero for failure in that case GetLastError() should be used to get the reason for failure of the function it returns DWORD value which can be used to get the description through program or through Tools->Error Lookup from vc++ editor.
Got it?
get back to me if you think I can do something for you,
cheers
harinath
codeguru.com
Copyright Internet.com Inc., All Rights Reserved.