Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion GroupsFormsForms ProgrammingQueriesModules / DAO / VBAReports / PrintingMacrosDatabase DesignSecurityConversionImporting / LinkingSQL Server / ADPMultiuser / NetworkingReplicationSetup / ConfigurationDeveloper ToolkitsActiveX ControlsNew UsersGeneral 1General 2
Access DirectoryToolsTutorialsUser Groups
Related Topics
SQL ServerOther DB ProductsMS OfficeMore Topics ...
MS Access Forum / Multiuser / Networking / August 2005

Tip: Looking for answers? Try searching our database.

Windows Logon

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
smortimore@hbf.com.au - 09 Aug 2005 02:31 GMT
Hello,

I have a form which I want to secure by asking the person to
authenticate using their Windows userid and password.

Any ideas how I can do this ??

I don't want to use Microsoft Access security...

Thanks in advance...

Steve
Reply to this Message
Rick Brandt - 09 Aug 2005 13:19 GMT
> Hello,
>
[quoted text clipped - 4 lines]
>
> I don't want to use Microsoft Access security...

You cannot.  It is trivial to retrieve the Windows UserName, but there is no way
to authenticate the password.

Signature

I don't check the Email account attached
to this message.     Send instead to...
RBrandt    at       Hunter      dot      com

Reply to this Message
Douglas J. Steele - 09 Aug 2005 22:45 GMT
This was asked (and answered) in another newsgroup.

It struck me that using the NT Challenge Process, as demonstrated by Randy
Birch at http://vbnet.mvps.org/code/network/acceptsecuritycontext.htm,
should suffice.

Signature

Doug Steele, Microsoft Access MVP
http://I.Am/DougSteele
(no e-mails, please!)

>> Hello,
>>
[quoted text clipped - 7 lines]
> You cannot.  It is trivial to retrieve the Windows UserName, but there is
> no way to authenticate the password.
Reply to this Message
Tony Toews - 10 Aug 2005 03:41 GMT
>It struck me that using the NT Challenge Process, as demonstrated by Randy
>Birch at http://vbnet.mvps.org/code/network/acceptsecuritycontext.htm,
>should suffice.

Very interesting.  Thanks for posting the URL.  I also found the
following paragraph to be very interesting and follows my philosophy
of just using the user id.

"And now a word from the System Admin (aka the BOFH): The process of
collecting credentials from a user-mode application can provide a
possible security hole in a network computing environment (as well as
being annoying to a user). The Unified Logon requirement (which
specifies that the user should only have to type his or her
credentials once, at the logon screen), was added to the Microsoft
BackOffice logo requirements for these reasons. It is important to
ascertain whether your application's design really must rely on asking
for a user's complete credentials, or whether a more secure method of
credential validation is not more appropriate, for example by
reconfirming just the user name as shown in Verifying a User Account
using LookupAccountName . Regardless of the validation, it is strongly
recommended that all developers consult both the local system
administrator as well as security documentation in the Platform SDK
for guidance.:"

Tony
Signature

Tony Toews, Microsoft Access MVP
  Please respond only in the newsgroups so that others can
read the entire thread of messages.
  Microsoft Access Links, Hints, Tips & Accounting Systems at
http://www.granite.ab.ca/accsmstr.htm

Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.