Thank you,
We have no intention of using a single logon to our application. We are
aiming at domain accounts, AD.
So far I can prompt the user to enter a user id, domain name and
password. The I validate these using LogonUser and then
I start our application using the user's information, the application is
started under the user's identity.... like runas will do.
This works fine, but now we have 2 clients, one that uses smart-cards
and the other one that uses a fingerprint reader to authenticate the users
at logon. Is there a standard API I can use? or will I have to write a
custom module for each client?
Thank you!
"richlm" <ri*****@h0tmai1.com> wrote in message
news:eO**************@tk2msftngp13.phx.gbl...
Need more information about your infrastructure to provide a sensible
answer. Here are some 'leading' questions to make sure we're on the same
track:
- are you looking for single-sign-on?
- when you are talking windows credentials does that imply AD & domain
user accounts - or is this network a workgroup with just local machine
accounts?
Also a couple of pointers/ideas:
- Generally you don't store passwords - you only ever store a hash of the
password. After the hash of the password is verified, the password itself
is discarded.
If you do store passwords this is a BIG security risk.
- Have you considerd ADAM (Active Directory Application Mode) as a
possible alternative to SQL server?
see
http://www.microsoft.com/downloads/d...displaylang=en