Urgent - NT Remote Authentication API

U

Unicorn

I want to create a program by VB 6 which
Authenticate Users on a remote server
I found some API like LogonUser in Advapi32.dll
but I can't find any API for authenticating users
on a remote computer,

Is there any API or any way to authenticate username
and password on a remote computer on network?

answer me as soon as possible, please.

Kind Regards,
Farzad Hayati.
 
R

Randy Birch

Try http://vbnet.mvps.org/code/network/acceptsecuritycontext.htm

--

Randy Birch
MS MVP Visual Basic
http://vbnet.mvps.org/
----------------------------------------------------------------------------
Read. Decide. Sign the petition to Microsoft.
http://classicvb.org/petition/
----------------------------------------------------------------------------



:I want to create a program by VB 6 which
: Authenticate Users on a remote server
: I found some API like LogonUser in Advapi32.dll
: but I can't find any API for authenticating users
: on a remote computer,
:
: Is there any API or any way to authenticate username
: and password on a remote computer on network?
:
: answer me as soon as possible, please.
:
: Kind Regards,
: Farzad Hayati.
:
:
:
 
C

Crouchie1998

Hi

If you want to use LogonUser API to authenticate users in Windows 2000 then
forget it. This is because it fails, as you need the SE_TCB_NAME (Act As
Part Of The Operating System) attribute set.

You can set this in Local Security Settings (User Rights Assignment) (Admin
Tools), but that means that your users will be running with Operating System
rights. Therfore, the users can do anything whatsoever on the computer. This
would then create one massive security hole in Windows.

On the other hand: Microsoft won't tell you how to set SE_TCB_NAME in code
because that means every Windows 2000 machine security will be useless.

So, forget about using LogonUser for Windows 2000. However, the function
suceeds in Windows XP (not sure after SP 2 though)

I have spent many weeks/months researching this subject

Crouchie1998
BA (HONS) MCP MCSE
 
P

Pedro CR

maybe you can try through windows scripting host.

the latest version is able to connect to remote computers and copy files and
launch programs under the credentils that you indicate.

you can write a script that simply logs on remotelly and then starts the
program under logon that it just created.
 
M

Mark Yudkin

1) Why can't you just do a domain logon? Why do need to perform a remote
local logon?
2) If you need to access a remote file / printer providing a userid and
password: NetUseAdd
3) API-less coding [not the subject of this group though]: WshNetwork object
(also WshRemote and co)

LogonUser needs TCB privilege under W2K and earlier. MS only lifted this
pointless limitation in XP / W2K3. You will need "impersonate after logon"
privilege on W2K SP4 or W2K3.
 
U

Unicorn

Thanks a lot Randy
This Module work fine
this site is great

thank you again for your advise

Kind Regards,
Farzad Hayati.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

LogOnUser API issue - Windows workgroup 0
Auto Login to win NT 10
Can a GINA STUB fulfil my requirement? 0
LogonUser to remote machine fails with error 1326 4
Authenticating against network server using non-domain account 10
Impersonation Question 3
Authenticating against Windows Network: System.DirectoryServices.DirectorySearcher or LogonUser(..) 3
C# connection string using Windows NT Authentication 2

Top