Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Determine logged-on user name 1

Status
Not open for further replies.
tvbruwae

tvbruwae

Programmer
Aug 9, 2001
224
EU
Hi

Is it possible to determine the Windows logon account from within a web page? I need certain users (whose names are listed in a database) to be able to enter an ASP page, without forcing them to enter any username or password. I can only do this by checking the account with which they logged onto Windows, but I haven't found a way to retrieve it inside a web page. I don't care about the language (ASP, Javascript, ...), as long as it works with an IIS server that allows anonymous access. Any tips?

Thanks.

Tim
 
Sort by date Sort by votes
Why don't you use cookies to set a value on the users comp, that dosn't expire, similar to Tek-Tips here? "The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us"
Bill Watterson, Calvin & Hobbes
 
Upvote 0 Downvote
I don't believe there's a way to create such a cookie without ever having the user enter a Username/Password combination...
 
Upvote 0 Downvote
Do you or your company administer this server? If so, all you need to do is put the file or files in a subdirectory of your site and set the NTFS permissions so that the machine's annonymous user has no rights to it and your special group does have rights to it. Then go into your IIS console and remove Annonymous Access under the directory security tab. Leave the NT Challenge/Response checked (in IIS 5.0 it's called Integrated Windows Authentication). Don't check the Basic Clear Text box. Now IIS will check the user against the SAM database and allow access to whomever you've specified with the NTFS perms.
 
Upvote 0 Downvote
Thanks for your tip. As far as I've seen though, this still requires the user to enter a username/password when connecting to the "secured" page. Is there a way to make this login screen disappear (i.e. automatically sending the windows account to IIS) or will I just have to live with this popup :cool:?
 
Upvote 0 Downvote
OK, your response made me think a little deeper and I think that we're actually both right! I assumed from your first post that this was an Intranet situation. I keyed in on the "Windows Logon" part and not the username database part.

So ... try this: Since you don't want them to ever see a logon pop-up it doesn't matter what the ID/Pwd combo is. Try setting a cookie that randomly sets the ID/Pwd (or have your DB do it and put the values in the cookie). That way the application wouldn't expect their input the first time and it would get it from the cookie every other time.

Second thought, similar to the first. Since you don't want the user's input at all, can the ID/Pwd combo be the same for every user in the database? You could set the same ID/Pwd in the cookie for every user and eliminate that query all together.

In fact, if you do that, you could set up an NT user with that ID/Pwd and restrict access to that sub-directory to that user only (refer to my first suggestion). Then you could eliminate the entire database! Unless, of course, it serves another purpose too.

MAJOR CAVEAT: I've never tried to do any of this so I don't know what your results will be. But, off the top of my head, I don't see why it wouldn't work. Please write back and let me know what happened and how you eventually get it to work. It's an interesting problem and I'm a "curious" sort, if you know what I mean! >:):O>
 
Upvote 0 Downvote
Try this code.... Its in ASP...
It gives u current NT logged in user ID

'#####################################################
If Request.ServerVariables("LOGON_USER") = "" Then
Response.Status = "401 access denied"
Response.End
End If
Dim VarLoginID
varLoginID=Request.ServerVariables("LOGON_USER")
varLoginID=UCase(Mid(varLoginID,10,7))
'#####################################################

Happy Programming

For more details u can write me on
ts3328@emirates.com

Regards
Dhananjay
 
Upvote 0 Downvote
This is more or less the code I was using in the script by now. Seems that the logon box had disappeared after changing the NTFS permissions as well, so I don't have any problems left concerning the logon user. Thanks for posting everyone, it's been a great help!

Tim
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Kennelbloke
  • Locked
  • Question
Can't Get Markers to show on Map
Replies
0
Views
376
Kennelbloke
Kennelbloke
rogerte
  • Locked
  • Question
Code that works on Windows, Android and Iphone
Replies
0
Views
277
rogerte
rogerte
JScannell
  • Locked
  • Question
Javascript issue on iPhone/iMac platforms
Replies
0
Views
287
JScannell
JScannell
AbidingDude
  • Locked
  • Question
Where Does The "name" Attribute Stand?
Replies
1
Views
122
gmmastros
gmmastros
EEM6498
  • Locked
  • Question
Combine First_Name and Last_Name into Name - Javascript
Replies
1
Views
281
Praveen425188
Praveen425188

Part and Inventory Search

Sponsor

Back
Top