Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Verify User via NT security

Verify User via NT security

Verify User via NT security

I would like to be able to to verify a user by checking to determine whether they know their NT password.  Is there a way to say to the OS: "Here is a user ID and password.  Do they match?" ?

I'd also like to know whether my program can, if user is verified, then run with the privileges of that user.  In other words, can my program login as a different user?

Thanks, Phil

RE: Verify User via NT security

Here it is, but you should also visit my API site that is dedicated to API calls in either C, VB or Delphi.



Declare Function LogonUser _
    Lib "advapi32" _
    Alias "LogonUserA" ( _
    ByVal lpszUser As String, _
    ByVal lpszDomain As String, _
    ByVal lpszPass As String, _
    ByVal dwLogonType As Long, _
    ByVal dwLogonProvider As Long, _
    Handle As Long) As Long

Declare Function CloseHandle _
    Lib "kernel32" (Handle As Long) As Long
Global Const LOGON32_LOGON_NETWORK = 3
Global Const LOGON32_LOGON_BATCH = 4
Global Const LOGON32_LOGON_SERVICE = 5




    Const NERR_BASE = 2100
    Const MAX_NERR = NERR_BASE + 899 ' This is the last error in
                                     ' NERR   range.
Declare Function LoadLibraryEx _
    Lib "kernel32" _
    Alias "LoadLibraryExA" ( _
    ByVal lpLibFileName As String, _
    ByVal hFile As Long, _
    ByVal dwFlags As Long) As Long

Declare Function FreeLibrary Lib "kernel32" _
       (ByVal hLibModule As Long) As Long

Declare Function FormatMessage _
    Lib "Kernel32.dll" _
    Alias "FormatMessageA" ( _
    ByVal Flags As Long, _
    ByVal Source As Long, _
    ByVal MessageID As Long, _
    ByVal LanguageID As Long, _
    ByVal Buffer As String, _
    ByVal Size As Long, _
    args As Any) As Long

Declare Function LocalFree _
    Lib "Kernel32.dll" _
    ( _
    ByVal Handle As Long) As Long

Public Function Logon(strUser As String, _
    strDomain As String, _
    strPass As String, _
    strError As String) As Long
Dim lngError As Long
Dim lngHandle As Long

    lngError = LogonUser( _
        strUser, _
        strDomain, _
        strPass, _
    If lngError = 0 Then
        strError = ErrorMessage(Err.LastDllError)
        Logon = -1
        Logon = 0
        lngError = CloseHandle(lngHandle)
    End If
End Function

Function ErrorMessage(lCode As Long) As String

Dim lngError As Long
Dim ptrBuffer As Long
Dim strMessage As String
Dim hModule As Long
Dim lngFlags As Long
Dim str As String


         If (lCode >= NERR_BASE And lCode <= MAX_NERR) Then
            hModule = LoadLibraryEx("netmsg.dll", 0&, _
            If (hModule <> 0) Then
                lngFlags = lngFlags Or FORMAT_MESSAGE_FROM_HMODULE
    End If
            End If

    strMessage = Space$(256)
    lngError = FormatMessage( _
        lngFlags, _
        hModule, _
        lCode, _
        0&, _
        strMessage, _
        256, _
        If (hModule <> 0) Then
    lngError = FreeLibrary(hModule)

    End If
    ErrorMessage = strMessage

End Function

RE: Verify User via NT security

Thank you Paul, I will put your code to the test...

RE: Verify User via NT security

  I tried to run this code, but I got an error:
"A required privilege is not held by the client."
Looking around, I have found that this is due to my application not having the SE_TCB_NAME privilege, which is required for LogonUser to work.  Did you run your code as a service so that it had this privilege, or did you change its privileges programatically some how (AdjustTokenPrivileges??)?
  Any help would be greatly appreciated.

RE: Verify User via NT security

on NT there is a environement var that give the user name
try echo %USERNAME% in Command prompt


someone knowledge ends where
someone else knowledge starts

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close