Can anyone tell me if it is possible for a VB program to interact with the Windows NT security table so that a user does not have to use multiple logins? If so, how is this accomplished? It seems that it would be nice to only have to login one time even though you have NT, VB, and Oracle interacting.

With SQL Server you can use NT Security without a problem, but I don't know about Oracle using NT security. Check with your documentation or your Oracle guru

Well the Oracle guy says its an NT thing and the NT guy says its a VB thing, etc.....
Its the interaction with all three that seems to count and no one knows enough about all of them :(

It's always like that. In the end the VB guy does it all by himselve.
Anyway, your not the first one who tried this. And I know of nobody who succeeded. The NT net api's can give some information about the user, but refuse to return a password.

[This message has been edited by Frans C (edited 01-05-2000).]

One thing you could do is keep a list of usernames who are allowed access to your VB App in the Registry or an Encrypted File, then you can check to see the the Currently Logged in Username is in the List, if it is, allow your App to Launch, otherwise stop it Launching.

As Frans suggested there are also some Net APIs for use with NT security, there are some for getting Groups that a User belongs to, maybe you can use this and add each user that can access your App to a Special Group, and use the Net APIs to check if the currently logged in user has membership to that group. I couldn't tell you how to use these APIs as I've never used them myself.

------------------
Aaron Young
Analyst Programmer
aarony@redwingsoftware.com
ajyoung@pressenter.com

Assuming that you are talking about obtaining the password from NT, I have seen instances where the password is intercepted at the time of change. i.e. When the user changes his/her password, the password is intercepted and checked for compliance to a policy. If the password can be intercepted then it can also be temporarily stored and used to update the Oracle. If you control the interface at password change then you will have all the information you need.

Maybe not what you wanted but hope it helps.

You can also set up MS Transaction Server as a middle tier to reuse database connections. NT Security can be enforced on components, and the components should use a single UID/PWD to Oracle so you can acheive the database connection pooling feature of MTS, along with its other benefits.

That way, you have NT security with an oracle database, plus a more scalable solution.

On the other hand, you need another NT server set up and need to learn how to properly write MTS COM components, but that may still be quicker than trying to figure out how to use the Net APIs to determine users, groups, and passwords.

Good luck!

Tom

Or you could just use SQL server, but that's probably not feasible in your current environment....

I appreciate all your input. It has at least given me someplace to start and some ideas to try.
Thanks :)