473,545 Members | 1,769 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Authenticating against Windows Network: System.Director yServices.Direc torySearcher or LogonUser(..) from advapi32.dll?

I'm trying to authenticate a user against a windows network. I want it to
work across any kind of windows network from NT 4.0 up to Windows 2003 ADS.

So far I've been using DirectoryEntry and DirectorySearch er and doing a
search on Active Directory. With the addition of a customer on an NT 4.0
network, I've had to add DllImport using LogonUser() from advapi32.dll in
addition to the directory search.

To simplify my code, Is it possible to just use LogonUser from advapi32.dll
in any scenario? If LogonUser is called in an Active Directory Network,
does it do a directory search? Is this LogonUser Safe to keep around in
case one of my clients goes to a pure Windows 2003 network?
Nov 22 '05 #1
3 5362
LogonUser doesn't use an LDAP search under the hood like the
DirectorySearch er does. However, if you just want to authenticate,
LogonUser will work. It requires that the user actually has rights to logon
locally, but otherwise I'd suggest you use that if you can.

You actually don't need to use the DirectorySearch er to authenticate a user
either. If you want to use LDAP, a bind using the DirectoryEntry is
sufficient.

Joe K.

"Zeno Lee" <ms**@streetsol utions.com> wrote in message
news:eu******** ******@TK2MSFTN GP10.phx.gbl...
I'm trying to authenticate a user against a windows network. I want it to
work across any kind of windows network from NT 4.0 up to Windows 2003
ADS.

So far I've been using DirectoryEntry and DirectorySearch er and doing a
search on Active Directory. With the addition of a customer on an NT 4.0
network, I've had to add DllImport using LogonUser() from advapi32.dll in
addition to the directory search.

To simplify my code, Is it possible to just use LogonUser from
advapi32.dll in any scenario? If LogonUser is called in an Active
Directory Network, does it do a directory search? Is this LogonUser Safe
to keep around in case one of my clients goes to a pure Windows 2003
network?

Nov 22 '05 #2
Hi Zeno,
I agree with the answer from Joe.
In addition, if you are developing a ad admin software and user could to
perform operations on AD after being authenticated. using DirectoryEntry
with proper AuthenticationT ype is a good choice.

For further information, please post to security/AD newsgroup. and we will
follow up you there.

Thanks,
Rhett Gong [MSFT]
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security

This posting is provided "AS IS" with no warranties and confers no rights.

Nov 22 '05 #3
http://support.microsoft.com/default...b;en-us;841699
http://support.microsoft.com/default...b;en-us;180548

"Zeno Lee" wrote:
I'm trying to authenticate a user against a windows network. I want it to
work across any kind of windows network from NT 4.0 up to Windows 2003
ADS.

So far I've been using DirectoryEntry and DirectorySearch er and doing a
search on Active Directory. With the addition of a customer on an NT 4.0
network, I've had to add DllImport using LogonUser() from advapi32.dll in
addition to the directory search.

To simplify my code, Is it possible to just use LogonUser from
advapi32.dll in any scenario? If LogonUser is called in an Active
Directory Network, does it do a directory search? Is this LogonUser Safe
to keep around in case one of my clients goes to a pure Windows 2003
network?

Nov 22 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
3
5149
Impersonation and UNC shares in a windows service
by: Chris | last post by:
Hello all, Here is my problem. I have a windows service (C#) that is supposed to move files from/to the local drive to/from a UNC share (\\domainserver\share). The service is running on a Win3k server not connected to a domain, as a local user. The service impersonates a local user (on domainserver) that has full permissions to that share....
.NET Framework
8
9749
Impersonate user from ASP.NET - access to network file share
by: Michelle | last post by:
Hello! I have an ASP.NET application (1.1 framework) that needs to be able to read/write files on a network share. The access to this file share will be fairly restricted, so I need to impersonate a specific user account on our domain in order to gain access. The impersonation is only needed for the sections that reads/writes files. I...
.NET Framework
4
3691
Verify a Windows Account
by: Reader | last post by:
I have an application that allows a user to enter a user name, user password, and the domain or machine name. From this information I would like to verify the user account and password is valid. This must work for either a domain or a local machine account. I have tried to find examples from the web and it seems every example that I have found...
.NET Framework
3
814
Authenticating against Windows Network: System.DirectoryServices.DirectorySearcher or LogonUser(..) from advapi32.dll?
by: Zeno Lee | last post by:
I'm trying to authenticate a user against a windows network. I want it to work across any kind of windows network from NT 4.0 up to Windows 2003 ADS. So far I've been using DirectoryEntry and DirectorySearcher and doing a search on Active Directory. With the addition of a customer on an NT 4.0 network, I've had to add DllImport using...
.NET Framework
1
1231
Impersonation and Network Share
by: Jason MacKenzie | last post by:
I have an asp.net application with a treeview control that accesses a network share and recurses through all the directories and displays the structure on a scree - pretty standard stuff. I impersonate a domain admin account with the code that I will attach below. When I step through the code the impersonation appears to be successful and...
ASP.NET
8
17124
impersonate user in windows forms
by: RTT | last post by:
i'm writing a windows form but codebased a iwant to run the code as a different user. like in a webapplication you can impersonate a user so the website does not run on the standard ASP.NET user. is it possible to do the same for a windows form and define a user codebased and run the code like that user is running the application.
Visual Basic .NET
10
8278
Authenticating against network server using non-domain account
by: Martin Robins | last post by:
I need to access the scheduler service on a network computer in order to manipulate it remotely from .NET; I have all of the necessary code to perform the manipulation and it works - great - but I am having problems with authentication. I have tried using LogonUser and this works fine with a domain account, however it is not possible to use...
C# / C Sharp
1
1637
Authenticating to a service
by: GM | last post by:
Hello, I need ideas, concepts to realize the following things: I have a service (vb.net) running on a workstation communicating with a client application. The data flow does not need to be encrypted, but it must be validated that it comes from a specific client. I want to make sure that the client application authenticates to the...
Visual Basic .NET
3
5690
Filecopy to network share
by: Michel Smit | last post by:
Hello, I have a question. We have a webserver in a domain, DomainA, and a webserver in a DMZ with local users and groups only. I'm trying to copy a file from the DomainA webserver to the DMZ webserver. Het firewall is configured to allow traffic via NetBIOS by ip-address. File copy takes place in a .NET assembly. Problem is described...
.NET Framework
4
5797
Impersonate specific user in code with Windows 2008
by: =?Utf-8?B?QXZhRGV2?= | last post by:
ASP.Net 2. We are migrating to Windows 2008 64 bit Server with IIS 7 from Windows 2003 32 Bit with IIS 6. A few library classes we wrote uses impersonation in code like explained in this article: http://support.microsoft.com/?id=306158#4 This doesn't work in Windows 2008 Server, we receive the following exception:
ASP.NET
0
7393
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language...
Windows Server
0
7803
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
Online Marketing
1
7411
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
Windows Server
0
7749
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
General
0
5965
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
Career Advice
1
5322
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes...
Microsoft Access / VBA
0
3439
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
1
1871
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp
1
1012
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us