Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

NT Challenge/Response Question

Status
Not open for further replies.
Mighty

Mighty

Programmer
Feb 22, 2001
1,682
US
I can get the userid of the person logged in to my Intranet site by controlling access to certain directories and using NT Challenge\Response. However, is there any way to find the actual name of the user by mapping the userid to the actual username.

e.g. If the Request.ServerVariables("LOGON_USER") gives me my_Domain\doej and this refers to the user John Doe - can I somehow determine that from the NT user list. Mise Le Meas,

Mighty :)
 
Sort by date Sort by votes
You're wondering if you can use a server variable to get the logged in user's user name rather than the loggin ID? -Ovatvvon :-Q
 
Upvote 0 Downvote
I'm wondering if I can somehow get the useried of the person logged in and translate that into their actual name as defined in the Windows NT User list. Mise Le Meas,

Mighty :)
 
Upvote 0 Downvote
I may be stating the painfully obvious (surprise!), but judging from the lack of response here, would it not be easy enough to store the info in your own table, and then access it once you have the logon???

I suppose it would depend on the size of your network, and the amount of changes that took place. On my relatively small network (<50 ppl), it wouldn't be a bad solution, short of being able to actually grab it from NT's database directly.
penny.gif
penny.gif
 
Upvote 0 Downvote
link9,

I could do that but I'd rather not have to go down that road. Mise Le Meas,

Mighty :)
 
Upvote 0 Downvote
I disagree with link9's suggestion. In order to do this, you sometimes have to leave your NT permissions open to the IIS guest account. If you are in an administration section of your site, this is very bad. Anyone can pop in and attempt to get your page. Now you could set up session checks on each ASP page to make sure people are authorized to use it, but it's still not really an entirely safe security option.

You want to look into Active Directory Services. They come with Win2000 servers or as an upgrade to WinNT. They supposedly allow a user to check permissions using ASP code and log people into NT. I haven't played with it much though. Harold Blackorby
hblackorby@scoreinteractive.com
St. Louis, MO
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

penguinspeaks
  • Locked
  • Question
fso Question 1
Replies
3
Views
189
Offera
Offera
leifoet
  • Locked
  • Question
Insert (new) records in a table => question about the inputscreen
2
Replies
20
Views
368
ChrisHirst
ChrisHirst
Blueie
  • Locked
  • Question
Correct syntax question 2
Replies
4
Views
136
Blueie
Blueie
damipera
  • Locked
  • Question
Response.Write - HTML texts 2
Replies
4
Views
114
damipera
damipera
ahoodin7
  • Locked
  • Question
I have a question about loading Act 1
Replies
5
Views
158
MarkSweetland
MarkSweetland

Part and Inventory Search

Sponsor

Back
Top