Hi,
I am looking to find a way to get currently logged in user's object GUID
without querying ActiveDirectory . For example, when i log in to my
laptop from home, I'm not on the office network so i can't reach AD but
I'm sure i still can get my AD's objectGUID, as the profile is cached
locally.
Any ideas?
Thank you,
Andrey
6  5666 
Hi Andrey,
I think you may try the ADSI WinNT Provider, it can query the local user: http://msdn2.microsoft.com/en-us/library/aa746543.aspx
Sincerely,
Luke Zhang
Microsoft Online Community Support
=============== =============== =============== =====
Get notification to my posts through email? Please refer to http://msdn.microsoft.com/subscripti...ult.aspx#notif
ications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at http://msdn.microsoft.com/subscripti...t/default.aspx.
=============== =============== =============== =====
This posting is provided "AS IS" with no warranties, and confers no rights.
"MuZZy" <tn*@newsgroups .nospamwrote in message
news:O2******** ******@TK2MSFTN GP05.phx.gbl...
Hi,
I am looking to find a way to get currently logged in user's object GUID without querying
ActiveDirectory . For example, when i log in to my laptop from home, I'm not on the office
network so i can't reach AD but I'm sure i still can get my AD's objectGUID, as the
profile is cached locally.
Any ideas?
Thank you,
Andrey
No, the objectGUID is not part of the profile, so, not cached locally, don't know why you
need this objectGUID anyway.
Willy.
Willy Denoyette [MVP] wrote:
"MuZZy" <tn*@newsgroups .nospamwrote in message
news:O2******** ******@TK2MSFTN GP05.phx.gbl...
>Hi,
I am looking to find a way to get currently logged in user's object
GUID without querying ActiveDirectory . For example, when i log in to
my laptop from home, I'm not on the office network so i can't reach AD
but I'm sure i still can get my AD's objectGUID, as the profile is
cached locally.
Any ideas?
Thank you,
Andrey
No, the objectGUID is not part of the profile, so, not cached locally,
don't know why you need this objectGUID anyway.
Willy.
I can explain why do i need it - maybe you can give me a better advice.
Our application currently supports its own set of application
users/logins, but it becomes a problem for our bigger clients who want
all of their software to be "One click login" so that once you are
logged in to Windows, you have access to all apps without need to login
again using those apps' logins. Like in SQL server you can login using
sql account or using windows authentication.
So i want to add mapping of existing application accounts to Active
Directory users, for that i need some user's ID which is reliable and
which doesn't change if user is say renamed (that's why i can't use
principal name for that). SO my idea was to use either GUID or SID, but
as i understand SID can change, but GUID will never change.
In case if the user is currently not on the network i still need to be
able to authenticate him that's why i need something i can query
locally, without access to AD.
I guess, i will go with SID then...
Thank you,
ANdrey
"MuZZy" <tn*@newsgroups .nospamwrote in message
news:%2******** ********@TK2MSF TNGP05.phx.gbl. ..
Willy Denoyette [MVP] wrote:
>"MuZZy" <tn*@newsgroups .nospamwrote in message
news:O2******* *******@TK2MSFT NGP05.phx.gbl.. .
>>Hi,
I am looking to find a way to get currently logged in user's object GUID without
querying ActiveDirectory . For example, when i log in to my laptop from home, I'm not on
the office network so i can't reach AD but I'm sure i still can get my AD's objectGUID,
as the profile is cached locally.
Any ideas?
Thank you,
Andrey
No, the objectGUID is not part of the profile, so, not cached locally, don't know why
you need this objectGUID anyway.
Willy.
I can explain why do i need it - maybe you can give me a better advice.
Our application currently supports its own set of application users/logins, but it becomes
a problem for our bigger clients who want all of their software to be "One click login" so
that once you are logged in to Windows, you have access to all apps without need to login
again using those apps' logins. Like in SQL server you can login using sql account or
using windows authentication.
Not sure what do you mean by this? SQL server and Windows authentication are different
beasts!
So i want to add mapping of existing application accounts to Active Directory users, for
that i need some user's ID which is reliable and which doesn't change if user is say
renamed (that's why i can't use principal name for that). SO my idea was to use either
GUID or SID, but as i understand SID can change, but GUID will never change.
GUID, and objectSID's don't change by renaming an object, anyway,authenti cation (in an AD
realm) doesn't use objectGUID's or GUID's or SID, authentication uses kerberos tickets
obtained by a login (specifying login credentials). A kerberos ticket is cached localy and
is valid for a configurable period only, after which it can't be used any longer.
In case if the user is currently not on the network i still need to be able to
authenticate him that's why i need something i can query locally, without access to AD.
I guess, i will go with SID then...
I'm not quite clear on what you mean in your last paragraph, if the user is not on the
network, how do you access network resources? or what do you need to authenticate the user
for?
Willy.
Willy Denoyette [MVP] wrote:
"MuZZy" <tn*@newsgroups .nospamwrote in message
news:%2******** ********@TK2MSF TNGP05.phx.gbl. ..
>Willy Denoyette [MVP] wrote:
>>"MuZZy" <tn*@newsgroups .nospamwrote in message
news:O2****** ********@TK2MSF TNGP05.phx.gbl. ..
Hi,
I am looking to find a way to get currently logged in user's object
GUID without querying ActiveDirectory . For example, when i log in to
my laptop from home, I'm not on the office network so i can't reach
AD but I'm sure i still can get my AD's objectGUID, as the profile
is cached locally.
Any ideas?
Thank you,
Andrey
No, the objectGUID is not part of the profile, so, not cached
locally, don't know why you need this objectGUID anyway.
Willy.
I can explain why do i need it - maybe you can give me a better advice.
Our application currently supports its own set of application
users/logins, but it becomes a problem for our bigger clients who want
all of their software to be "One click login" so that once you are
logged in to Windows, you have access to all apps without need to
login again using those apps' logins. Like in SQL server you can login
using sql account or using windows authentication.
Not sure what do you mean by this? SQL server and Windows authentication
are different beasts!
>So i want to add mapping of existing application accounts to Active
Directory users, for that i need some user's ID which is reliable and
which doesn't change if user is say renamed (that's why i can't use
principal name for that). SO my idea was to use either GUID or SID,
but as i understand SID can change, but GUID will never change.
GUID, and objectSID's don't change by renaming an object,
anyway,authenti cation (in an AD realm) doesn't use objectGUID's or
GUID's or SID, authentication uses kerberos tickets obtained by a login
(specifying login credentials). A kerberos ticket is cached localy and
is valid for a configurable period only, after which it can't be used
any longer.
>In case if the user is currently not on the network i still need to be
able to authenticate him that's why i need something i can query
locally, without access to AD.
I guess, i will go with SID then...
I'm not quite clear on what you mean in your last paragraph, if the user
is not on the network, how do you access network resources? or what do
you need to authenticate the user for?
Willy.
Ok, based on your comments i realized i should be more clear. Give you
an example: say, i have a user in my app:
login: "andrey_app "
password: "password"
Also, that user's windows principal username is: "andrey@domain" .
I somehow map andrey@domain to andrey_app (store the mapping in the
database).
Currently, when a user logs in to the application, he provides
andrey_app/password as his credentials and i authenticate him for the
application. What i want to do is to avoid the need for the user to type
in those username/password. If a user choses "Windows Authentication"
i'll take his windows username:
WindowsIdentity user = WindowsIdentity .GetCurrent();
by that name i will get his application username andrey_app and will log
this user in as andrey_app.
And that's what i meant about SQL server and Windows authentication -
when you connect to sql database you can either provide your sql server
login/password or use trusted connection, where sql server will
authenticate you by your windows username.
Now, some clients are using the app remotely with the copy of the
database and later they synch their local db with the main one, so they
might need to be authenticated when outside the network.
You may still consider UserName as mapping index, instead of ojectGUID.
Chaning user account is rare, and you can also add a function to your
system, to support change windows user account mapping.
Sincerely,
Luke Zhang
Microsoft Online Community Support
=============== =============== =============== =====
Get notification to my posts through email? Please refer to http://msdn.microsoft.com/subscripti...ult.aspx#notif
ications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at http://msdn.microsoft.com/subscripti...t/default.aspx.
=============== =============== =============== =====
This posting is provided "AS IS" with no warranties, and confers no rights. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Marcin Zmyslowski |
last post by:
Hello all!
I want to create a page in ASP language which gives me information about
currently logged users. I thought to do it by this way: when somebody
will log in to page, there will be a value of this user id stored in the
table among the other fields in the form which are filling in. After
clicking on the button "Log off" the value of the user id will be
deleted from the MS SQL Server 2000 database. I would do it, but I don`t
know...
|
by: anonymous |
last post by:
Hi all,
I've been searching the way to achieve the following task.
But no luck so far.
I have a web site(main site), which requires authentication. This
authentication is set at Windows directory level, so user will see the
pop up gray box in order to log in rather than custom web page. The
username and password are stored at active directory level, thus this is
the windows integrated security.
|
by: sushi |
last post by:
Hello,
I am running a ASP.Net application. It runs by defaul in the context
of ASPNET user. I want to dynamically impersonate it so as to run in the
context of currently logged in user. I know it is possible by specifying
username, domain and password and using WindowsIdentity,
WindowsImpersonationContext classes. But I wanted to know whether it is
possible to achieve this by not passing username and password and system
taking the same...
|
by: SStory |
last post by:
I have a service which has no U/I, that I use to ensure a certain tray
application is running.
I would like for the service which runs under "Local System", to create the
process as a normal app for the user currently logged in....
Is there a way to do it.... or is there a way for a winforms app launched by
a user to communicate with a service??
How would it get a hold on the service that was running before it was and
|
by: eswanson |
last post by:
How do you get the currently logged in user from a regular c sharp class?
I have a common utility class in which I have some static functions that
called from multiple places. In one of the functions, I need to know who is
the username of the user that is currently logged into the website. On the
webpage in the website, I can use either profile.username or
context.username, what is the method for doing this in a regular c sharp
class?...
| | |
by: John |
last post by:
Hi
We can get the current logged in user's name but is it also possible to get
the default email form outlook of the currently logged-in user as well? The
reason for this is that I need to email the users warnings from time to
time. As the system may be running by different users on different pcs, I
need to pick up the email of the currently logged-in user to send him/her
the email.
Thanks
|
by: simonlpwaters |
last post by:
I need to obtain the username of the currently logged in user on a
machine. However, the program that needs to do this will be running
under different credentials to the logged in user, so using
Environment.UserName will give the user name of the user that is
running the program.
Any help would be appreciated, this is giving me a headache.
|
by: gihope |
last post by:
Hi, can anyone advise me how I can access the UserName of a currently logged in user without using the LoginName control.
For instance I want to search tables I have created in my database that I have referenced by UserName as a foreign key. This is straightforward if I can identify what the currently logged in user's username is. But I can't??
I have tried Environment.UserName but this simply provides the username of my computer, rather...
|
by: Tapiwa |
last post by:
Hello,
I am currently maintaing an old ASP 2.0 application and would like to know
the command to retain the currently logged on user (i.e. WINDOWS login). The
equivalent command in ASP.NET would be User_login =
HttpContext.Current.User.Identity.Name()
Thanks in advance.
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| | |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
