|
|
You're in the
dotnet security
group:Authenticate User in Windows 2000 machine
dotnet security:
I tried many times to convert the ff code to .NET but I fail to have it converted. How To Validate User Credentials from Visual Basic by Using SSPI http://support.microsoft.com/default.aspx?scid=kb;en-us;279815 I would like to use the above link to authenticate the current user of the computer in a windows 2000 platform. I have a code that works with Windows XP using the Login API, but sad to say, it fails at Windows 2000. LogonAPI for VB.NET example: Works only for Windows XP http://support.microsoft.com/default.aspx?scid=kb;en-us;841699 Newsgroup said that giving the current user's rights set to SE_TCB_NAME (Act As Part Of The Operating System), then the LogonAPI VB.NET example will work under Windows 2000, but if that's the case, then the use will have Admin rights, which in the company I work with will not do. Anyone could help me on this dilema??? Does the above link actually work? If the validating a user's Credentials using SSPI does work with VB.NET, then my problems are solve. And from what I've been reading, many other developers as well will benefit from this effort. Thanks, Henry :)
Here was my attempt to convert it to VB.NET.
Just copy and paste the code below to a New Module. How to use is easy. Just call the function SSPValidateUser("username", "domain", "password") or SSPValidateUser(System.Environment.UserName, System.Environment.UserDomainName, "password") to not type in username and domain anymore. I encounter 2 problems, I made a comment in my code where the problem lies. "Problem #1", "Probelm #2". 'PROBLEM #1 ss = InitializeSecurityContext2(AuthSeq.hcred, 0, 0, 0, 0, SECURITY_NATIVE_DREP, 0, 0, AuthSeq.hctxt, sbdOut, fContextAttr, tsExpiry) 'PROBLEM #2 ss = AcceptSecurityContext2(AuthSeq.hcred, 0, sbdIn, 0, SECURITY_NATIVE_DREP, AuthSeq.hctxt, sbdOut, fContextAttr, tsExpiry) The error message on both is : An unhandled exception of type 'System.NullReferenceException' occurred in UserAuthentication.exe Additional information: Object reference not set to an instance of an object. '------------------ Option Explicit On Module modSSPI Private Declare Sub CopyMemoryInteger Lib "kernel32" Alias "RtlMoveMemory" (ByRef Destination As Integer, ByRef Source As SecBuffer, ByVal Length As Integer) Private Declare Sub CopyMemorySecBuffer Lib "kernel32" Alias "RtlMoveMemory" (ByRef Destination As SecBuffer, ByRef Source As Integer, ByVal Length As Integer) Private Declare Sub CopyMemorySecPkgInfo Lib "kernel32" Alias "RtlMoveMemory" (ByRef Destination As SecPkgInfo, ByRef Source As Integer, ByVal Length As Integer) Private Declare Function NT4QuerySecurityPackageInfo Lib "security" Alias "QuerySecurityPackageInfoA" (ByVal PackageName As String, ByRef pPackageInfo As Integer) As Integer Private Declare Function QuerySecurityPackageInfo Lib "secur32" Alias "QuerySecurityPackageInfoA" (ByVal PackageName As String, ByRef pPackageInfo As Integer) As Integer Private Declare Function NT4FreeContextBuffer Lib "security" Alias "FreeContextBuffer" (ByVal pvContextBuffer As Integer) As Integer Private Declare Function FreeContextBuffer Lib "secur32" (ByVal pvContextBuffer As Integer) As Integer Private Declare Function NT4InitializeSecurityContext Lib "security" Alias "InitializeSecurityContextA" (ByRef phCredential As SecHandle, ByRef phContext As SecHandle, ByVal pszTargetName As Integer, ByVal fContextReq As Integer, ByVal Reserved1 As Integer, ByVal TargetDataRep As Integer, ByRef pInput As SecBufferDesc, ByVal Reserved2 As Integer, ByRef phNewContext As SecHandle, ByRef pOutput As SecBufferDesc, ByRef pfContextAttr As Integer, ByRef ptsExpiry As TimeStamp) As Integer Private Declare Function InitializeSecurityContext Lib "secur32" Alias "InitializeSecurityContextA" (ByRef phCredential As SecHandle, ByRef phContext As SecHandle, ByVal pszTargetName As Integer, ByVal fContextReq As Integer, ByVal Reserved1 As Integer, ByVal TargetDataRep As Integer, ByRef pInput As SecBufferDesc, ByVal Reserved2 As Integer, ByRef phNewContext As SecHandle, ByRef pOutput As SecBufferDesc, ByRef pfContextAttr As Integer, ByRef ptsExpiry As TimeStamp) As Integer Private Declare Function NT4InitializeSecurityContext2 Lib "security" Alias "InitializeSecurityContextA" (ByRef phCredential As SecHandle, ByVal phContext As Integer, ByVal pszTargetName As Integer, ByVal fContextReq As Integer, ByVal Reserved1 As Integer, ByVal TargetDataRep As Integer, ByVal pInput As Integer, ByVal Reserved2 As Integer, ByRef phNewContext As SecHandle, ByRef pOutput As SecBufferDesc, ByRef pfContextAttr As Integer, ByRef ptsExpiry As TimeStamp) As Integer Private Declare Function InitializeSecurityContext2 Lib "secur32" Alias "InitializeSecurityContextA" (ByRef phCredential As SecHandle, ByVal phContext As Integer, ByVal pszTargetName As Integer, ByVal fContextReq As Integer, ByVal Reserved1 As Integer, ByVal TargetDataRep As Integer, ByVal pInput As Integer, ByVal Reserved2 As Integer, ByRef phNewContext As SecHandle, ByRef pOutput As SecBufferDesc, ByRef pfContextAttr As Integer, ByRef ptsExpiry As TimeStamp) As Integer Private Declare Function NT4AcquireCredentialsHandle Lib "security" Alias "AcquireCredentialsHandleA" (ByVal pszPrincipal As Integer, ByVal pszPackage As String, ByVal fCredentialUse As Integer, ByVal pvLogonId As Integer, ByRef pAuthData As SEC_WINNT_AUTH_IDENTITY, ByVal pGetKeyFn As Integer, ByVal pvGetKeyArgument As Integer, ByRef phCredential As SecHandle, ByRef ptsExpiry As TimeStamp) As Integer Private Declare Function AcquireCredentialsHandle Lib "secur32" Alias "AcquireCredentialsHandleA" (ByVal pszPrincipal As Integer, ByVal pszPackage As String, ByVal fCredentialUse As Integer, ByVal pvLogonId As Integer, ByRef pAuthData As SEC_WINNT_AUTH_IDENTITY, ByVal pGetKeyFn As Integer, ByVal pvGetKeyArgument As Integer, ByRef phCredential As SecHandle, ByRef ptsExpiry As TimeStamp) As Integer Private Declare Function NT4AcquireCredentialsHandle2 Lib "security" Alias "AcquireCredentialsHandleA" (ByVal pszPrincipal As Integer, ByVal pszPackage As String, ByVal fCredentialUse As Integer, ByVal pvLogonId As Integer, ByVal pAuthData As Integer, ByVal pGetKeyFn As Integer, ByVal pvGetKeyArgument As Integer, ByRef phCredential As SecHandle, ByRef ptsExpiry As TimeStamp) As Integer Private Declare Function AcquireCredentialsHandle2 Lib "secur32" Alias "AcquireCredentialsHandleA" (ByVal pszPrincipal As Integer, ByVal pszPackage As String, ByVal fCredentialUse As Integer, ByVal pvLogonId As Integer, ByVal pAuthData As Integer, ByVal pGetKeyFn As Integer, ByVal pvGetKeyArgument As Integer, ByRef phCredential As SecHandle, ByRef ptsExpiry As TimeStamp) As Integer Private Declare Function NT4AcceptSecurityContext Lib "security" Alias "AcceptSecurityContext" (ByRef phCredential As SecHandle, ByRef phContext As SecHandle, ByRef pInput As SecBufferDesc, ByVal fContextReq As Integer, ByVal TargetDataRep As Integer, ByRef phNewContext As SecHandle, ByRef pOutput As SecBufferDesc, ByRef pfContextAttr As Integer, ByRef ptsExpiry As TimeStamp) As Integer Private Declare Function AcceptSecurityContext Lib "secur32" (ByRef phCredential As SecHandle, ByRef phContext As SecHandle, ByRef pInput As SecBufferDesc, ByVal fContextReq As Integer, ByVal TargetDataRep As Integer, ByRef phNewContext As SecHandle, ByRef pOutput As SecBufferDesc, ByRef pfContextAttr As Integer, ByRef ptsExpiry As TimeStamp) As Integer Private Declare Function NT4AcceptSecurityContext2 Lib "security" Alias "AcceptSecurityContext" (ByRef phCredential As SecHandle, ByVal phContext As Integer, ByRef pInput As SecBufferDesc, ByVal fContextReq As Integer, ByVal TargetDataRep As Integer, ByRef phNewContext As SecHandle, ByRef pOutput As SecBufferDesc, ByRef pfContextAttr As Integer, ByRef ptsExpiry As TimeStamp) As Integer
Hello henrycortezwu@gmail.com,
LogonUser on Windows 2000 is a highly privileged operation - which needs the privilege you talked about. This is fixed on XP and W2K3. --------------------------------------- Dominick Baier - DevelopMentor http://www.leastprivilege.com [quoted text, click to view] > Hi All > > I tried many times to convert the ff code to .NET but I fail to have > it converted. > > How To Validate User Credentials from Visual Basic by Using SSPI > http://support.microsoft.com/default.aspx?scid=kb;en-us;279815 > > I would like to use the above link to authenticate the current user of > the computer in a windows 2000 platform. > > I have a code that works with Windows XP using the Login API, but sad > to say, it fails at Windows 2000. > > LogonAPI for VB.NET example: > Works only for Windows XP > http://support.microsoft.com/default.aspx?scid=kb;en-us;841699 > Newsgroup said that giving the current user's rights set to > SE_TCB_NAME (Act As Part Of The Operating System), then the LogonAPI > VB.NET example will work under Windows 2000, but if that's the case, > then the use will have Admin rights, which in the company I work with > will not do. > > Anyone could help me on this dilema??? > > Does the above link actually work? > If the validating a user's Credentials using SSPI does work with > VB.NET, then my problems are solve. > And from what I've been reading, many other developers as well will > benefit from this effort. > > Thanks, Henry :) >
Hello henrycortezwu@gmail.com,
you'll find a fully functional library with source here: http://www.develop.com/technology/resourcedetail.aspx?id=ee929f0b-1f9d-4a2a-92a1-911706bd7b52 --------------------------------------- Dominick Baier - DevelopMentor http://www.leastprivilege.com [quoted text, click to view] > Here was my attempt to convert it to VB.NET.
> Just copy and paste the code below to a New Module. > How to use is easy. > > Just call the function SSPValidateUser("username", "domain", > "password") or > SSPValidateUser(System.Environment.UserName, > System.Environment.UserDomainName, "password") to not type in username > and domain anymore. > I encounter 2 problems, I made a comment in my code where the problem > lies. "Problem #1", "Probelm #2". > > 'PROBLEM #1 > ss = InitializeSecurityContext2(AuthSeq.hcred, 0, 0, > 0, > 0, SECURITY_NATIVE_DREP, 0, 0, AuthSeq.hctxt, sbdOut, fContextAttr, > tsExpiry) > > 'PROBLEM #2 > ss = AcceptSecurityContext2(AuthSeq.hcred, 0, sbdIn, > 0, > SECURITY_NATIVE_DREP, AuthSeq.hctxt, sbdOut, fContextAttr, tsExpiry) > The error message on both is : > An unhandled exception of type 'System.NullReferenceException' > occurred > in UserAuthentication.exe > Additional information: Object reference not set to an instance of an > object. > > '------------------ > Option Explicit On > Module modSSPI > > Private Declare Sub CopyMemoryInteger Lib "kernel32" Alias > "RtlMoveMemory" (ByRef Destination As Integer, ByRef Source As > SecBuffer, ByVal Length As Integer) > Private Declare Sub CopyMemorySecBuffer Lib "kernel32" Alias > "RtlMoveMemory" (ByRef Destination As SecBuffer, ByRef Source As > Integer, ByVal Length As Integer) > Private Declare Sub CopyMemorySecPkgInfo Lib "kernel32" Alias > "RtlMoveMemory" (ByRef Destination As SecPkgInfo, ByRef Source As > Integer, ByVal Length As Integer) > Private Declare Function NT4QuerySecurityPackageInfo Lib > "security" > Alias "QuerySecurityPackageInfoA" (ByVal PackageName As String, ByRef > pPackageInfo As Integer) As Integer > Private Declare Function QuerySecurityPackageInfo Lib "secur32" > Alias "QuerySecurityPackageInfoA" (ByVal PackageName As String, ByRef > pPackageInfo As Integer) As Integer > Private Declare Function NT4FreeContextBuffer Lib "security" Alias > "FreeContextBuffer" (ByVal pvContextBuffer As Integer) As Integer > Private Declare Function FreeContextBuffer Lib "secur32" (ByVal > pvContextBuffer As Integer) As Integer > Private Declare Function NT4InitializeSecurityContext Lib > "security" Alias "InitializeSecurityContextA" (ByRef phCredential As > SecHandle, ByRef phContext As SecHandle, ByVal pszTargetName As > Integer, ByVal fContextReq As Integer, ByVal Reserved1 As Integer, > ByVal TargetDataRep As Integer, ByRef pInput As SecBufferDesc, ByVal > Reserved2 As Integer, ByRef phNewContext As SecHandle, ByRef pOutput > As > SecBufferDesc, ByRef pfContextAttr As Integer, ByRef ptsExpiry As > TimeStamp) As Integer > Private Declare Function InitializeSecurityContext Lib "secur32" > Alias "InitializeSecurityContextA" (ByRef phCredential As SecHandle, > ByRef phContext As SecHandle, ByVal pszTargetName As Integer, ByVal > fContextReq As Integer, ByVal Reserved1 As Integer, ByVal > TargetDataRep > As Integer, ByRef pInput As SecBufferDesc, ByVal Reserved2 As Integer, > ByRef phNewContext As SecHandle, ByRef pOutput As SecBufferDesc, ByRef > pfContextAttr As Integer, ByRef ptsExpiry As TimeStamp) As Integer > Private Declare Function NT4InitializeSecurityContext2 Lib > "security" Alias "InitializeSecurityContextA" (ByRef phCredential As > SecHandle, ByVal phContext As Integer, ByVal pszTargetName As Integer, > ByVal fContextReq As Integer, ByVal Reserved1 As Integer, ByVal > TargetDataRep As Integer, ByVal pInput As Integer, ByVal Reserved2 As > Integer, ByRef phNewContext As SecHandle, ByRef pOutput As > SecBufferDesc, ByRef pfContextAttr As Integer, ByRef ptsExpiry As > TimeStamp) As Integer > Private Declare Function InitializeSecurityContext2 Lib "secur32" > Alias "InitializeSecurityContextA" (ByRef phCredential As SecHandle, > ByVal phContext As Integer, ByVal pszTargetName As Integer, ByVal > fContextReq As Integer, ByVal Reserved1 As Integer, ByVal > TargetDataRep > As Integer, ByVal pInput As Integer, ByVal Reserved2 As Integer, ByRef > phNewContext As SecHandle, ByRef pOutput As SecBufferDesc, ByRef > pfContextAttr As Integer, ByRef ptsExpiry As TimeStamp) As Integer > Private Declare Function NT4AcquireCredentialsHandle Lib > "security" > Alias "AcquireCredentialsHandleA" (ByVal pszPrincipal As Integer, > ByVal > pszPackage As String, ByVal fCredentialUse As Integer, ByVal pvLogonId > As Integer, ByRef pAuthData As SEC_WINNT_AUTH_IDENTITY, ByVal > pGetKeyFn > As Integer, ByVal pvGetKeyArgument As Integer, ByRef phCredential As > SecHandle, ByRef ptsExpiry As TimeStamp) As Integer > Private Declare Function AcquireCredentialsHandle Lib "secur32" > Alias "AcquireCredentialsHandleA" (ByVal pszPrincipal As Integer, > ByVal > pszPackage As String, ByVal fCredentialUse As Integer, ByVal pvLogonId > As Integer, ByRef pAuthData As SEC_WINNT_AUTH_IDENTITY, ByVal > pGetKeyFn > As Integer, ByVal pvGetKeyArgument As Integer, ByRef phCredential As > SecHandle, ByRef ptsExpiry As TimeStamp) As Integer > Private Declare Function NT4AcquireCredentialsHandle2 Lib > "security" Alias "AcquireCredentialsHandleA" (ByVal pszPrincipal As > Integer, ByVal pszPackage As String, ByVal fCredentialUse As Integer, > ByVal pvLogonId As Integer, ByVal pAuthData As Integer, ByVal > pGetKeyFn > As Integer, ByVal pvGetKeyArgument As Integer, ByRef phCredential As > SecHandle, ByRef ptsExpiry As TimeStamp) As Integer > Private Declare Function AcquireCredentialsHandle2 Lib "secur32" > Alias "AcquireCredentialsHandleA" (ByVal pszPrincipal As Integer, > ByVal > pszPackage As String, ByVal fCredentialUse As Integer, ByVal pvLogonId > As Integer, ByVal pAuthData As Integer, ByVal pGetKeyFn As Integer, > ByVal pvGetKeyArgument As Integer, ByRef phCredential As SecHandle, > ByRef ptsExpiry As TimeStamp) As Integer > Private Declare Function NT4AcceptSecurityContext Lib "security" > Alias "AcceptSecurityContext" (ByRef phCredential As SecHandle, ByRef > phContext As SecHandle, ByRef pInput As SecBufferDesc, ByVal > fContextReq As Integer, ByVal TargetDataRep As Integer, ByRef > phNewContext As SecHandle, ByRef pOutput As SecBufferDesc, ByRef > pfContextAttr As Integer, ByRef ptsExpiry As TimeStamp) As Integer > Private Declare Function AcceptSecurityContext Lib "secur32" > (ByRef > phCredential As SecHandle, ByRef phContext As SecHandle, ByRef pInput > As SecBufferDesc, ByVal fContextReq As Integer, ByVal TargetDataRep As > Integer, ByRef phNewContext As SecHandle, ByRef pOutput As > SecBufferDesc, ByRef pfContextAttr As Integer, ByRef ptsExpiry As > TimeStamp) As Integer
Don't see what you're looking for? Try a search.
|
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
| home · blog · groups | Questions? Comments? Contact the dn |