Easy. If their are 2 identical usernames across 2 domains in your system e.g
 
domain1\taco
 
domain2\taco
 
then the CGI.AUTH_USER will return the full domain account as above. So just do some simple string manipulation to work out what domain they are in and then let your system do the rest.
 
Phil
"Taco Fleur" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]...
Phil thanks for that,
 
Can't believe I have overseen something this easy.
I think this will do exactly what we need it to do..
 
Now on to the next issue, which is the following. What if a duplicate user exists over two domains? How to identify to which domain they belong to?
 
 
Thanks again,
Taco Fleur
----- Original Message -----
Newsgroups: cfaussie
Sent: Sunday, March 16, 2003 11:19 AM
Subject: [cfaussie] Re: Intranet Authentication Via Username

Taco all you need to do is retrieve the CGI.AUTH_USER variable (could be CGI.REMOTE_USER I'll have to double check that), and in a domain environment like Active Directory it will always be populated with the user's domain user account.....e.g "domain\taco"
 
I am implementing a similiar system, and all we are doing is grabbing this cgi variable and comparing it to a security lookup table which maps these AD user accounts to our own custom security settings. As long as the user is logged into their machine this CGI.AUTH_USER var will be populated with their account name.
 
This should work fine for you in an AD enviroment. Oh and as far as I have seen this CGI var is left null if you log in to a standalone pc that isn't part of a doman. So it will only work in a doman environment,
 
Hope this helps,
 
Phil
"Taco Fleur" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]...
Hi,
 
I am currently working on a government Intranet project, I am looking to authenticate users with the username they are currently logged in with to their machine.
 
It was suggested to use NBSTAT to retrieve the required info, i.e. username etc.
I thought this would not be a fault proof and secure way of doing it, spoke with some security guys over there which confirmed that it might not always work as the users are located over multiple domains etc.
 
Has anyone ever implemented a similar system where you retrieve the username of the user currently logged in at the machine accessing the intranet, and authenticated this to a SQL db with customized permission for the Intranet app.?
 
They are using Active Directory, so I believe I can use CFLDAP, however not really sure how well it works with CF 4.5 and I believe it would mean they would still have to enter their username and password which is exactly what they do not want to do. The app needs to retrieve the username details automatically..
 
At the moment I have the permissions part of the app sussed out, just need a error proof way of getting the user details.
 
Anyone??
 
TIA
Taco Fleur
 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.449 / Virus Database: 251 - Release Date: 27/01/2003
---
You are currently subscribed to cfaussie as: [EMAIL PROTECTED]
To unsubscribe send a blank email to [EMAIL PROTECTED]

MX Downunder AsiaPac DevCon - http://mxdu.com/
---
You are currently subscribed to cfaussie as: [EMAIL PROTECTED]
To unsubscribe send a blank email to [EMAIL PROTECTED]

MX Downunder AsiaPac DevCon - http://mxdu.com/

Reply via email to