Windows 2000 Domain Authentication on IIS
Moderator: General Moderators
-
skatestreet540
- Forum Newbie
- Posts: 4
- Joined: Thu Feb 13, 2003 3:54 pm
- Contact:
Windows 2000 Domain Authentication on IIS
I need help authenticating a user on the windows domain. It has to be able to run on IIS and PHP 4.3. It doesn't have to really do anything but tell me if it is a valid username and password on the domain.
if you disable the anonymous login for that web-directory users must provide a valid login/password for that machine or the domain (depending on the configuration) to gain access to any content of the virtual directory.
You'll find this settings within the internet service manager or the mmc for IIS.
A brief overview can be found at http://www.trendmicro.fr/infoproduits/t ... sright.htm
You'll find this settings within the internet service manager or the mmc for IIS.
A brief overview can be found at http://www.trendmicro.fr/infoproduits/t ... sright.htm
-
skatestreet540
- Forum Newbie
- Posts: 4
- Joined: Thu Feb 13, 2003 3:54 pm
- Contact:
yes but could i get the user name from the browser so I can authenticate that user on my database just for priviledges. I already have a database, If i could verify that the user name and pass is correct then i can also match it with a username priv database. This code would have worked but not on 4.3.
<?
//Copyright 2002 Scott Dial
//scott@scottdial.com
//
//This code is free to modify, use, abuse, or whatever you like. It'd be interesting though to hear what you are using it for, so shoot me an email if you use this snippet.
//These values are pulled straight from winbase.h from the platform sdk
define("LOGON32_LOGON_INTERACTIVE", 2);
define("LOGON32_LOGON_NETWORK", 3);
define("LOGON32_LOGON_BATCH", 4);
define("LOGON32_LOGON_SERVICE", 5);
define("LOGON32_PROVIDER_DEFAULT", 0);
define("LOGON32_PROVIDER_WINNT35", 1);
define("LOGON32_PROVIDER_WINNT40", 2);
define("LOGON32_PROVIDER_WINNT50", 3);
//These aren't actually in winbase.h but are accurate
define("LOGON32_DOMAIN_LOCAL", ".");
define("LOGON32_DOMAIN_ALL", 0);
function NT_Validate_User($user, $domain, $pass)
{
w32api_register_function("kernel32.dll", "LocalAlloc", "long");
w32api_register_function("kernel32.dll", "LocalFree", "long");
w32api_register_function("kernel32.dll", "CloseHandle", "bool");
w32api_register_function("advapi32.dll", "LogonUserA", "bool");
$cleanup = w32api_register_function("deref.dll", "deref", "long");
$pHandle = LocalAlloc(0, 4); //Pointer to a HANDLE
$test = LogonUserA($user,
$domain,
$pass,
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
$pHandle);
if($test != 0)
{
return 1;
if($cleanup)
{
$handle = deref($pHandle);
CloseHandle($handle);
}
LocalFree($pHandle);
} else {
return 0;
}
}
<?
//Copyright 2002 Scott Dial
//scott@scottdial.com
//
//This code is free to modify, use, abuse, or whatever you like. It'd be interesting though to hear what you are using it for, so shoot me an email if you use this snippet.
//These values are pulled straight from winbase.h from the platform sdk
define("LOGON32_LOGON_INTERACTIVE", 2);
define("LOGON32_LOGON_NETWORK", 3);
define("LOGON32_LOGON_BATCH", 4);
define("LOGON32_LOGON_SERVICE", 5);
define("LOGON32_PROVIDER_DEFAULT", 0);
define("LOGON32_PROVIDER_WINNT35", 1);
define("LOGON32_PROVIDER_WINNT40", 2);
define("LOGON32_PROVIDER_WINNT50", 3);
//These aren't actually in winbase.h but are accurate
define("LOGON32_DOMAIN_LOCAL", ".");
define("LOGON32_DOMAIN_ALL", 0);
function NT_Validate_User($user, $domain, $pass)
{
w32api_register_function("kernel32.dll", "LocalAlloc", "long");
w32api_register_function("kernel32.dll", "LocalFree", "long");
w32api_register_function("kernel32.dll", "CloseHandle", "bool");
w32api_register_function("advapi32.dll", "LogonUserA", "bool");
$cleanup = w32api_register_function("deref.dll", "deref", "long");
$pHandle = LocalAlloc(0, 4); //Pointer to a HANDLE
$test = LogonUserA($user,
$domain,
$pass,
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
$pHandle);
if($test != 0)
{
return 1;
if($cleanup)
{
$handle = deref($pHandle);
CloseHandle($handle);
}
LocalFree($pHandle);
} else {
return 0;
}
}
should be working, maybe the answer is in viewtopic.php?t=511
But what kind of authentication do you want to perform, a domin login or a db-based login (refering to your pm)?
But what kind of authentication do you want to perform, a domin login or a db-based login (refering to your pm)?