Authenticate users

[stm]

Hi,

How can I authenticate a Windows domain user a/c using vb.net?
User will input password, and this function will authenticate it against the NT domain.

Thx!

[killerbeam1]

have you 2 textboxes ?

[killerbeam1]

if you have 2 textboxes use this script then

VB Code:

Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        If TextBox1.Text = "killerbeam2" and textbox2 = "rre" Then
            MsgBox("password compleet", "do you realy wand use the script page ?", MsgBoxStyle.YesNo)
        ElseIf TextBox1.Text = "killerbeam3" and textbox2 = "rre" Then
            MsgBox("password compleet", "do you realy wand enter alfra glas windows?", MsgBoxStyle.YesNoCancel)
        ElseIf TextBox1.Text = "killerbeam4" and textbox2 = "rre" Then
            MsgBox("password compleet", "do you realy wand to use the database ?", MsgBoxStyle.YesNo)
        Else
            MsgBox("sorry bad password try it later again !")
            timer1.enabled = true
        End If
    End Sub

[killerbeam1]

or if you wand to use a database have i this script for you

VB Code:

Imports System.Data.OleDb

VB Code:

Dim mypath = Application.StartupPath & "\mydb.mdb"
    Dim mypassword = ""
    Dim conn As New OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & mypath & ";Jet OLEDB:Database Password=" & mypassword)
    Dim cmd As OleDbCommand

VB Code:

Private Sub Button5_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button5.Click
        Dim sql = "SELECT UserID ,PassID FROM MYTAB WHERE USERID='" & TextBox2.Text & "' AND PASSID='" & TextBox3.Text & "'"
 
        cmd = New OleDbCommand(sql, conn)
        conn.Open()
        Dim dr As OleDbDataReader = cmd.ExecuteReader
 
        Try
            If dr.Read = False Then
                MessageBox.Show("Authentication failed...")
                End
            Else
                MessageBox.Show("Login successfully...")
            End If
        Catch ex As Exception
            MsgBox(ex.Message)
        End Try
 
        TextBox3.Text = ""
        Label13.Text = TextBox2.Text
        Label14.Text = "tell not !!!"
 
 
    End Sub

[stm]

thx for ur reply, but this is not what I want.
I need to authenticate the password of a domain a/c.
i.e. the a/c u use to logon the NT domain (not local a/c)....any idea?

[Asgorath]

Hi stm
I use this piece of code on my frmlogin. On the button1_click event me.textbox1.text contains the user name, me.textbox2.text the password, and 'dinefer' is my windows domain name.

VB Code:

Imports System.Security.Principal
Imports System.Runtime.InteropServices
 
 
 
    Declare Function LogonUserA Lib "advapi32.dll" (ByVal lpszUsername As String, ByVal lpszDomain As String, ByVal lpszPassword As String, ByVal dwLogonType As Integer, ByVal dwLogonProvider As Integer, ByRef phToken As IntPtr) As Integer
    Declare Auto Function DuplicateToken Lib "advapi32.dll" (ByVal ExistingTokenHandle As IntPtr, ByVal ImpersonationLevel As Integer, ByRef DuplicateTokenHandle As IntPtr) As Integer
    Declare Auto Function RevertToSelf Lib "advapi32.dll" () As Long
    Declare Auto Function CloseHandle Lib "kernel32.dll" (ByVal handle As IntPtr) As Long
    Private LOGON32_LOGON_INTERACTIVE As Integer = 2
    Private LOGON32_PROVIDER_DEFAULT As Integer = 0
    Private impersonationContext As WindowsImpersonationContext
 
    Private Function impersonateValidUser(ByVal userName As String, ByVal domain As String, ByVal password As String) As Boolean
 
        Dim tempWindowsIdentity As WindowsIdentity
        Dim token As IntPtr = IntPtr.Zero
        Dim tokenDuplicate As IntPtr = IntPtr.Zero
        impersonateValidUser = False
 
        If RevertToSelf() Then
        If LogonUserA(userName, domain, password, LOGON32_LOGON_INTERACTIVE,LOGON32_PROVIDER_DEFAULT, token) <> 0 Then
                If DuplicateToken(token, 2, tokenDuplicate) <> 0 Then
                    tempWindowsIdentity = New WindowsIdentity(tokenDuplicate)
                    impersonationContext = tempWindowsIdentity.Impersonate()
                    If Not impersonationContext Is Nothing Then
                        impersonateValidUser = True
                    End If
                End If
            End If
        End If
        If Not tokenDuplicate.Equals(IntPtr.Zero) Then
            CloseHandle(tokenDuplicate)
        End If
        If Not token.Equals(IntPtr.Zero) Then
            CloseHandle(token)
        End If
    End Function
    Private Sub undoImpersonation()
        impersonationContext.Undo()
    End Sub
 
    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        If impersonateValidUser(Me.TextBox1.Text, "dinefer", Me.TextBox2.Text) Then
            MessageBox.Show("User authenticated sucessfully")
            'Insert your code that runs under the security context of a specific user here.
            undoImpersonation()
        Else
            MessageBox.Show("Invalid password or user")
            'Your impersonation failed. Therefore, include a fail-safe mechanism here.
        End If
 
    End Sub

Regards
Jorge

[killerbeam1]

ok sorry then that i not can help you

[stm]

Hi Asgorath,

Need my user have any special privileges in order to run this code?
They just authenticate themselves.....

Thx!

[stm]

Hi,

One more question...how can I get the domain and userID of current logon user?

Thx!

[Asgorath]

Hi
No the user doesn't any special priviledges to run the code, the user must be a domain user that's all.

Regards
Jorge

[Asgorath]

Hi
The domain name is

VB Code:

SystemInformation.UserDomainName()

The UserID is

VB Code:

System.Environment.UserName

Regards
Jorge

[stm]

Hi,

Thx a lot!