473,322 Members | 1,540 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,322 software developers and data experts.

Authenticating against Windows Network: System.DirectoryServices.DirectorySearcher or LogonUser(..) from advapi32.dll?

I'm trying to authenticate a user against a windows network. I want it to
work across any kind of windows network from NT 4.0 up to Windows 2003 ADS.

So far I've been using DirectoryEntry and DirectorySearcher and doing a
search on Active Directory. With the addition of a customer on an NT 4.0
network, I've had to add DllImport using LogonUser() from advapi32.dll in
addition to the directory search.

To simplify my code, Is it possible to just use LogonUser from advapi32.dll
in any scenario? If LogonUser is called in an Active Directory Network,
does it do a directory search? Is this LogonUser Safe to keep around in
case one of my clients goes to a pure Windows 2003 network?
Nov 22 '05 #1
3 5340
LogonUser doesn't use an LDAP search under the hood like the
DirectorySearcher does. However, if you just want to authenticate,
LogonUser will work. It requires that the user actually has rights to logon
locally, but otherwise I'd suggest you use that if you can.

You actually don't need to use the DirectorySearcher to authenticate a user
either. If you want to use LDAP, a bind using the DirectoryEntry is
sufficient.

Joe K.

"Zeno Lee" <ms**@streetsolutions.com> wrote in message
news:eu**************@TK2MSFTNGP10.phx.gbl...
I'm trying to authenticate a user against a windows network. I want it to
work across any kind of windows network from NT 4.0 up to Windows 2003
ADS.

So far I've been using DirectoryEntry and DirectorySearcher and doing a
search on Active Directory. With the addition of a customer on an NT 4.0
network, I've had to add DllImport using LogonUser() from advapi32.dll in
addition to the directory search.

To simplify my code, Is it possible to just use LogonUser from
advapi32.dll in any scenario? If LogonUser is called in an Active
Directory Network, does it do a directory search? Is this LogonUser Safe
to keep around in case one of my clients goes to a pure Windows 2003
network?

Nov 22 '05 #2
Hi Zeno,
I agree with the answer from Joe.
In addition, if you are developing a ad admin software and user could to
perform operations on AD after being authenticated. using DirectoryEntry
with proper AuthenticationType is a good choice.

For further information, please post to security/AD newsgroup. and we will
follow up you there.

Thanks,
Rhett Gong [MSFT]
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security

This posting is provided "AS IS" with no warranties and confers no rights.

Nov 22 '05 #3
http://support.microsoft.com/default...b;en-us;841699
http://support.microsoft.com/default...b;en-us;180548

"Zeno Lee" wrote:
I'm trying to authenticate a user against a windows network. I want it to
work across any kind of windows network from NT 4.0 up to Windows 2003
ADS.

So far I've been using DirectoryEntry and DirectorySearcher and doing a
search on Active Directory. With the addition of a customer on an NT 4.0
network, I've had to add DllImport using LogonUser() from advapi32.dll in
addition to the directory search.

To simplify my code, Is it possible to just use LogonUser from
advapi32.dll in any scenario? If LogonUser is called in an Active
Directory Network, does it do a directory search? Is this LogonUser Safe
to keep around in case one of my clients goes to a pure Windows 2003
network?

Nov 22 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
by: Chris | last post by:
Hello all, Here is my problem. I have a windows service (C#) that is supposed to move files from/to the local drive to/from a UNC share (\\domainserver\share). The service is running on a Win3k...
8
by: Michelle | last post by:
Hello! I have an ASP.NET application (1.1 framework) that needs to be able to read/write files on a network share. The access to this file share will be fairly restricted, so I need to...
4
by: Reader | last post by:
I have an application that allows a user to enter a user name, user password, and the domain or machine name. From this information I would like to verify the user account and password is valid. ...
3
by: Zeno Lee | last post by:
I'm trying to authenticate a user against a windows network. I want it to work across any kind of windows network from NT 4.0 up to Windows 2003 ADS. So far I've been using DirectoryEntry and...
1
by: Jason MacKenzie | last post by:
I have an asp.net application with a treeview control that accesses a network share and recurses through all the directories and displays the structure on a scree - pretty standard stuff. I...
8
by: RTT | last post by:
i'm writing a windows form but codebased a iwant to run the code as a different user. like in a webapplication you can impersonate a user so the website does not run on the standard ASP.NET...
10
by: Martin Robins | last post by:
I need to access the scheduler service on a network computer in order to manipulate it remotely from .NET; I have all of the necessary code to perform the manipulation and it works - great - but I am...
1
by: GM | last post by:
Hello, I need ideas, concepts to realize the following things: I have a service (vb.net) running on a workstation communicating with a client application. The data flow does not need to be...
3
by: Michel Smit | last post by:
Hello, I have a question. We have a webserver in a domain, DomainA, and a webserver in a DMZ with local users and groups only. I'm trying to copy a file from the DomainA webserver to the DMZ...
4
by: =?Utf-8?B?QXZhRGV2?= | last post by:
ASP.Net 2. We are migrating to Windows 2008 64 bit Server with IIS 7 from Windows 2003 32 Bit with IIS 6. A few library classes we wrote uses impersonation in code like explained in this...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.