Page 1 of 1
How to retrieve windows logged on username?
Posted: Sat Sep 02, 2006 6:37 pm
by b0necrack3r
Hello.
I ma fighting with one problem for about 2 weeks and cannot find any solvation.
I build a site which gonna run in a private ,domain based network, and I need a script in php which will retrieve the username of the corrent logged on to windows user.
Hope that you can help.
Thank you, sasha.
Posted: Sat Sep 02, 2006 7:12 pm
by volka
If the client does not send this information with the http request php (server-side) cannot retrieve it.
If not configured otherwise the internet explorer (afaik no other browser) sends such an ntlm authentication without asking the user.
Posted: Sat Sep 02, 2006 8:42 pm
by ambivalent
exec() +
psloggedon from sysinternals can do that for you. This assumes that all of the systems on your private network are running Windows since *nix systems don't use that naming convention. You also need the Remote Registry service running on the client machine. While this works well in an intranet environment where one has control over machines and browsers, it probably won't be reliable if the client machines on your private network are not under the direct control/administration of your company.
Posted: Sat Sep 02, 2006 9:02 pm
by sweatje
I don't use PHP on an IIS machine, but when I did ASP pages, you could just force directory authentication, and then use Request.ServerVariables("AUTH_USER")
Surly the SAPI for IIS does something similar?
must me some easier way!
Posted: Sun Sep 03, 2006 4:09 am
by b0necrack3r
can I somehow run msdos commands on the remote pc, so I can run 'nbtstat -a' and retrieve the username?
thnx.
Posted: Sun Sep 03, 2006 4:25 am
by volka
Not on just any pc. Would you want anybody to be able to run programs on your pc arbitrarily? I don't think so.
Please explain your scenario in more detail.
Posted: Sun Sep 03, 2006 5:24 am
by b0necrack3r
yeah.. you are right. it's not secure.
I dont have any ideas..
maybe there're any files on the pc which store the information about corrent logged user? and I can retrieve this info with php?
Posted: Sun Sep 03, 2006 5:44 am
by volka
Do you want everybody with a webserver to be able to read arbitrary files on your pc?
volka wrote:Please explain your scenario in more detail.
Posted: Sun Sep 03, 2006 5:50 am
by b0necrack3r
The site is gonna run in a local domain sphere..
I thought that maybe there are any modules for "trusted" and local sites..
Posted: Sun Sep 03, 2006 6:12 am
by volka
Yes, there are ...more or less.
volka wrote:If not configured otherwise the internet explorer (afaik no other browser) sends such an ntlm authentication without asking the user.
http://support.microsoft.com/kb/158229/ wrote:Unlike Basic authentication, NTLM authentication does not prompt users for their user name and password by default. The current Windows user account on the client machine is used for the NTLM authentication. Then, if this fails, it will prompt the user for the username and password to be used. If NTLM authentication succeeds, the requested application or resource is executed in the context of the specified user.
sweatje wrote:but when I did ASP pages, you could just force directory authentication, and then use Request.ServerVariables("AUTH_USER")