|
| |
|
|
ronritz
Posts: 28
Joined: 3/13/2003
From: Sunny Florida
Status: offline
 |
Windows Authentication - 6/3/2003 16:43:02
I am not getting the User_name field to populate with the windows login name of a user in my Access db. The Remote_comp info is entered but not the User_name. Is there some code that can be used to have this info populated? I am using Frontpage 2000, Access and Windows 2000.
_____________________________
Ron Ritz
|
|
|
|
BeTheBall
Posts: 6359
Joined: 6/21/2002
From: West Point Utah USA
Status: offline
|
RE: Windows Authentication - 6/3/2003 21:38:30
To capture the user' s login, the web must have NT authentication enabled, not anonymous access. Most webs are set up for anonymous access. You can set NT authentication via FrontPage by opening the web live on the server. Then click " Tools" , " Security" , " Permissions" and then the " Users" tab. Click the radio button that says " Only registered users have browse access." That should set NT authentication. Of course you need to set up your authorized users either one at a time via the Users tab or via NT groups via the Groups tab. NT authentication can also be set up through IIS.
< Message edited by betheball -- 6/3/2003 9:39:55 PM >
| |
|
|
|
ronritz
Posts: 28
Joined: 3/13/2003
From: Sunny Florida
Status: offline
|
RE: Windows Authentication - 6/5/2003 14:21:59
Can it be done with Anonymous access enabled?
| |
|
|
|
ronritz
Posts: 28
Joined: 3/13/2003
From: Sunny Florida
Status: offline
|
RE: Windows Authentication - 6/5/2003 15:37:48
Spooky, Is there any other way to pull this info out?? Some sort of script??
| |
|
|
|
ronritz
Posts: 28
Joined: 3/13/2003
From: Sunny Florida
Status: offline
|
RE: Windows Authentication - 6/5/2003 16:17:10
I have a section of a form that I would like to use like an electronic signature. If a person were to pull their name from a pull down menu and hit the submit button, the form would be able to post based on the windows login. The IT dept says we need to allow anonymous because we have salespeople logging in using VPN. Did I explain that well enough??
| |
|
|
|
BeTheBall
Posts: 6359
Joined: 6/21/2002
From: West Point Utah USA
Status: offline
|
RE: Windows Authentication - 6/5/2003 16:35:57
You either will need to use NT authentication or you could use some sort of login system. May I suggest the Spooky Login? Using Spooky login, your users could all create their own unique user name and password which you could then use to identify them automatically via cookies.
| |
|
|
|
Doug G
Posts: 1189
Joined: 12/29/2001
From: SoCal
Status: offline
|
RE: Windows Authentication - 6/5/2003 18:20:51
You should be able to remove the IUSR_computername user permissions from the folder/file (using windows explorer security tab). Assuming your server does allow authentication which it should by default, you can capture a windows user login name with request.servervariables(" LOGON_USER" )
You can do this with IIS anonymous access enabled.
< Message edited by Doug G -- 6/5/2003 6:22:48 PM >
_____________________________
======
Doug G
======
| |
|
|
|
ronritz
Posts: 28
Joined: 3/13/2003
From: Sunny Florida
Status: offline
|
RE: Windows Authentication - 6/6/2003 8:26:53
Thanks for the reply Doug. I created a page that pulls all the servervariables using this script:
<% For Each strKey In Request.ServerVariables %>
<TR>
<TD><%= strKey %></TD>
<TD><%= Request.ServerVariables(strKey) %></TD>
</TR>
<% Next %>
There is no information in any " user" field. You mention " You should be able to remove the IUSR_computername user permissions from the folder/file (using windows explorer security tab)." I am not sure how to do this, could you please explain?
| |
|
|
|
Doug G
Posts: 1189
Joined: 12/29/2001
From: SoCal
Status: offline
|
RE: Windows Authentication - 6/6/2003 19:21:50
You need to access the Windows filesystem to change these permissions. If you are on a hosted site, your host may need to make the changes for you, chmod doesn' t work on windows servers.
If you have admin access to your server, open windows explorer and navigate to the folder where you want to force a windows login. This could be the root folder of your web, or a subfolder with the remainder of the web open for anonymous users.
Open the properties page of Windows Explorer, click the security tab, and remove the IUSR_computername user account from the allowed user list. This assumes your web server is configured to use the IUSR_computername account for anonymous web surfers. This is the default mode for IIS, if you use a different user account for IIS anonymous use then remove the appropriate account from the security list.
Here' s how it works. IIS needs to operate in some Windows user account context. If anonymous browsing is allowed, the special " Internet Guest Account (IUSR_computername)" account is used by IIS.
If the web user browses to a folder or file that doesn' t allow the IUSER_nnn account in, IIS will present a network login prompt to your web user. The user can then enter their windows credentials. If they log on successfully, from that time until the browser is closed IIS will " impersonate" the login user account for all subsequent operations. This of course means that the login user must have permission to whatever files or folders they are trying to access, or there will be an error.
Once the user is logged in, the request.servervariables(" LOGON_USER" ) will (usually) be populated with the windows username. I don' t use this often, but I' ve heard there can be circumstances where the logon username still isn' t reliable. Not 100% on this.
One last note, if you have non-IE users you probably need to allow plain-text passwords in the IIS settings. Netscape et al doesn' t do Windows challenge-response authentication (or if they do it' s a recent addition).
< Message edited by Doug G -- 6/6/2003 7:22:30 PM >
_____________________________
======
Doug G
======
| |
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts
|
|
|
Printable Version 
k¥ 