Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Security question ... Is this possible?

Status
Not open for further replies.
Wallegator

Wallegator

Programmer
Jan 3, 2001
58
0
0
US
I have a VB application. I grab the NT users name. I want to enter a password and verify that the entered password matches my NT password. If it does not match access to the application is denied.

Is this possible? If so, can you to direct me to any articles that will show me how to accomplish this.

Thank you in advance.
 
Sort by date Sort by votes
Is this a re-post of your thread222-357987? If so, I don't believe that NT security has changed that much since then
________________________________________________________________
If you want to get the best response to a question, please check out FAQ222-2244 first

'People who live in windowed environments shouldn't cast pointers.'
 
Upvote 0 Downvote
Option Explicit
Private Declare Function GetUserName Lib "advapi32.dll" Alias "GetUserNameA" (ByVal lpBuffer As String, nSize As Long) As Long


Private Sub Form_Load()
Dim sUserID As String
Dim sUserIDFromUser As String
Dim iLen As Integer

sUserID = Space$(100)
iLen = GetUserName(sUserID, 100)
If iLen = 0 Then
' Err.Raise ERROR_READING_COMPUTER_NAME
End If
sUserID = Left$(sUserID, InStr(sUserID, vbNullChar) - 1)

sUserIDFromUser = InputBox("Enter ID")
If UCase$(sUserID) = UCase$(sUserIDFromUser) Then
MsgBox "Valid User"
Else
MsgBox "InValid User"
End If

End Sub
 
Upvote 0 Downvote
Re: Is this a re-post?
No. In my previous post I asked if I could populate a field in the VB form with the Windows NT password. In this post I want to compare what I enter as a VB password to what I entered as an NT password. If the inputs equal, access is allowed. If the inputs do not equal, access is denied.
 
Upvote 0 Downvote
You still can't get hold of an NT password

I would think that persistence at trying to break NT security would bring a RED-FLAG!
________________________________________________________________
If you want to get the best response to a question, please check out FAQ222-2244 first

'People who live in windowed environments shouldn't cast pointers.'
 
Upvote 0 Downvote
I misunderstood your question. Disregard my previous post in this thread. I don’t know of a way to obtain an NT password.
 
Upvote 0 Downvote
What you are trying to do is not possible. The NT password is encrypted by an 1 way algorythm. Even the NT LSA cannot 'view' a password in plain text

You can achieve what you want by creating a NT local group and adding authorised user to it. You can then check the user is a member of that group which will achieve the same result.

That is a relatively simple API based thing to do and will solve your`requirement (if that is truely what the question is about)

johnwm I agree entirely about persistent requests to crack NT security being red flagged.

Matt
 
Upvote 0 Downvote
My intent is NOT to crack NT security. I am only posing the question with the intent to fulfill a database request and alleviate multiple user logins/passwords. However, I can see that my question may be viewed as malicious in nature.

I thank you all for your comments.
 
Upvote 0 Downvote
what sort of DB are you using?

If you are serious about authenticating your users, read up on NT security and implement a scheme that checks the NT grouping of the user. If this is valid, you can initiate a DB connection using a password that is hardcoded (an encrypted) into your connection string.

If you then have problems with this sort of scheme, post some code so that we can verify what you are trying to do.

The NT security model is flexible enough to let you do this sort of thing, but you do not need to authenticate users yourself. That authentication is something that NT has already done!

Matt
 
Upvote 0 Downvote
Matt is right ..

the way to do is is to create an NT group and add the users to it that you want to access the system. When you run the system you do a check that the user is in that NT group, if they are you go ahead, if not you'd give an access denied error and stop the program. This is also useful because your users don't have to remember another login/password, your application does this for you.

Transcend
 
Upvote 0 Downvote
If you are using SQL2000 server try this...

use integrated (NT) security for your connection and do all your validation through SQL security.

If it is imperative that users are denied access to your app and not just the sql data then open the connection first thing in your app and trap the access denied error there

Matt
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

sal21
  • Locked
  • Question
NEVER used - get all possible info by ip
Replies
4
Views
96
strongm
strongm
Michael OConnor
  • Locked
  • Question
Is this Meridian Mail
Replies
2
Views
64
Michael OConnor
Michael OConnor
sal21
  • Locked
  • Question
how to read the coordinates in from this file
Replies
3
Views
131
Ken01
Ken01
sal21
  • Locked
  • Question
ARRANGE this Access coe to vb6
Replies
4
Views
82
strongm
strongm
sal21
  • Locked
  • Question
RETIRIEVE all possible info based lat and long
Replies
4
Views
108
sal21
sal21

Part and Inventory Search

Sponsor

Back
Top