how to get user logged on to of a remote machine.
hooway
active directory installed, Win 2003 ) when get client's request to
find the user name that logon a remote machine through their IP
address.
Which functions should I use?
Can I search Active Directory to find who is logon through its IP
address?
Thanks
Skywing [MVP]
Terminal Server or Fast User Switching). Furthermore, there could be
multiple physical client machines masquerading behind one IP address
(consider NAT). Your approach is unworkable given these considerations.
--
Ken Johnson (Skywing)
Windows SDK MVP
http://www.nynaeve.net
"hooway" <lava...@lavasoftware.net> wrote in message
news:ke2vr2lmg0s8c7saa...@4ax.com...
hooway
<skywing_...@valhallalegends.com> wrote:
>There can be multiple users logged on to one physical machine (consider
>Terminal Server or Fast User Switching). Furthermore, there could be
>multiple physical client machines masquerading behind one IP address
>(consider NAT). Your approach is unworkable given these considerations.
It's in local network. No need to consider NAT. and only consider the
simple logon situation that the one client logon the computer within
the domain.
Or if there is no way to get who logon it,
Is there a way to authenticate the client identity with their logon
name and password?
As you know that, when logon user access shared resource, it will
check their privileges and may prompt a dialog for password.
How windows do that?
Can I use NetWkStaGetUserInfo() ?
Skywing [MVP]
multiple users logged on to the same physical machine and interactive
session.
The way it works for Windows and file shares is that there is an
authentication step involved where the local machines proves that it has the
credentials it says it has to the remote machine. This is how the remote
machine controls access (at least in the NT worked, ignoring share-level
access control in 9x).
Note that even in the "most basic" scenario, with no FUS, no TS, no NAT, no
RunAs, no services doing network access as different users, the
interactively logged on user *still* might not match that of the remote
authentication user (consider where the user types different credentials in
the net use dialog).
The best approach is to use something like a named pipe where the user
provides positive identification to the OS when it connects, which the OS
makes available to you (e.g. ImpersonateNamedPipeClient). I don't know if
this is really something you can do here though.
--
Ken Johnson (Skywing)
Windows SDK MVP
http://www.nynaeve.net
"hooway" <lava...@lavasoftware.net> wrote in message
news:vlb0s2tm1vrsn69kd...@4ax.com...
hooway
>The best approach is to use something like a named pipe where the user
>provides positive identification to the OS when it connects, which the OS
>makes available to you (e.g. ImpersonateNamedPipeClient). I don't know if
>this is really something you can do here though.
Thanks a lot!
It seems that I can not use Pipe.
My application is a proxy. The client run browser or other network
applications to access internet through the proxy.
The proxy need to do authentication before permit their internet
access.
So is there any API my proxy can call to invoke a authentication
dialog in client's Windows ? and how to verify their input is correct?
( Domain controler and Active Directory is installed together with the
proxy )
It seems that MS proxy could do that.
Regards,
Hooway
Arkady Frenkel
logged-in currently ( no names/passwords obviously :) ) , the list of all
users you can find with NetUserEnum()
Arkady
"hooway" <lava...@lavasoftware.net> wrote in message
news:vlb0s2tm1vrsn69kd...@4ax.com...