Determine Windows user name

[tvbruwae]

Hi

Is it possible to determine the Windows logon account from within a web page? I need certain users (whose names are listed in a database) to be able to enter an ASP page, without forcing them to enter any username or password. I can only do this by checking the account with which they logged onto Windows, but I haven't found a way to retrieve it inside a web page. I don't care about the language (ASP, Javascript, ...), as long as it works with an IIS server that allows anonymous access. Any tips?

Thanks.

Tim

 

[link9]

faq333-144


paul

 

[tvbruwae]

I know, I read it too. But this only works when IIS is set to refuse anonymous access.

 

[wrbodine]

I have the same question, how to get the Windows username and still use Anonymous Access. Any ideas?

Thanks,
Ray

 

[StellaIndigo]

The following will return the user name

strUser = Trim(Request.ServerVariables("LOGON_USER&quot)

it does return the domain also in the format DOMAIN\username.

You'll need to be running NT authentication only.

Stella

 

[wrbodine]

Is there any way to obtain this without using Windows Authentication? This is for our Intranet, and we can't switch Authentication modes....

Thanks,
Ray

 

[StellaIndigo]

No, without authentication you are logged in anonymously. However if the IIS server is in the domain the authentication process is transparent to the user. I use this method on our company intranet. I also look up group memberships and other info about the user.

Another way maybe to set a cookie for the user, like forums, they register once after that your asp scripts read the cookie to determine the user name, and any other infor you wish to store. (only problem is if they delelet their cookies in IE or use privacy in ie6)

Stella

 

[Bastien]

what about tracking IP...behind the firewall, each machine should have a unique IP and compare that to a network IP login table Bastien

There are many ways to skin this cat,
but it still tastes like chicken

 

[tvbruwae]

StellaIndigo is right, you need to have Windows Authentication set to retrieve the user name. To the end-users it's a transparent process, as their windows account is automatically transferred to the webserver. Afterwards you can set file permissions on your HTML and ASP documents (on NTFS disks) to allow certain users/groups access to the different parts of your intranet site. When such permissions deny access to a certain user, he or she will receive the logon box.

On FAT systems (or NTFS where everyone has access) a logon box should never be displayed. Couldn't you check the security settings on the other parts of your intranet to see if you could still enable Windows authentication without having the logon box appear?