|
You got more info on NBSTAT? ie a URL? I've never
heard/come accross it until this thread, keen to see what potentials it has in
regards to securing apps.
Two things blow my hair back.
1. Application Security
2. Application Iface development...
Combination of two = uBER!
You are probably right Scott. The place I was
mentioning did not use IIS (but Netscape) and LDAP support in AD was not
reliable.
NBTSTAT is a (semi)
reliable way of doing what Taco wants - and is "portable" to some degree.
It is secure enough because the call to NBTSTAT does not rely on
information accessible by the Client unless they get right down into the guts
of the network protocols to play games at that level and you should be able to
lock machines down enough so the "average" user is not able to install
anything at that level.
The
problems with it are if NETBIOS support is not enabled on the network, if
there is an inconsistency in the way names are used (you cannot always rely on
the record type in NBTSTAT telling you which is the USERNAME - because
machines can also have user names - so you have to rely on a naming convention
of some sort). Stuff like that.
Gary Menzel IT Operations Brisbane -+- ABN AMRO Morgans
Limited Level 29, 123 Eagle Street BRISBANE QLD 4000 PH: 07 333 44 828
FX: 07 3834 0828
[EMAIL PROTECTED] wrote on 03/17/2003
09:34:11 AM:
> In truth, i think this relies on IIS anonymous access
turned off in order to > work? I don't have IIS to double check this,
but can anyone else shed some > light onto this theory of mine
:D > > Scott > > > > "Taco Fleur"
<[EMAIL PROTECTED]> wrote in message >
news:[EMAIL PROTECTED] > > > > OK, got to work today, had a
go at it with cgi.remote_user but can't find > > any docos on the
correct permissions needed for it to return the required > >
info. > > > > Anyone any ides on this? > > >
> TIA > > Taco > > > > > Taco all you need to
do is retrieve the CGI.AUTH_USER variable (could be > = > >
> CGI.REMOTE_USER I'll have to double check that), and in a domain
= > > > environment like Active Directory it will always be
populated with the = > > > user's domain user account.....e.g
"domain\taco" > > > > > > > >
--- > You are currently subscribed to cfaussie as:
[EMAIL PROTECTED] > To unsubscribe send a blank email to
[EMAIL PROTECTED] > > MX Downunder AsiaPac
DevCon - http://mxdu.com/ **************************************************************************** If this communication is not intended for you
and you are not an authorised recipient of this email you are prohibited by law from dealing with
or relying on the email or any
file attachments. This prohibition includes reading, printing, copying, re-transmitting,
disseminating, storing or in any other way dealing or acting in reliance on the information. If
you have received this email in
error, we request you contact ABN AMRO Morgans Limited immediately by returning the email to
[EMAIL PROTECTED] and
destroy the original. We will refund any reasonable costs
associated with notifying ABN
AMRO Morgans. This email is confidential and may contain privileged client information. ABN AMRO Morgans
has taken reasonable steps to
ensure the accuracy and integrity of all its communications,
including electronic
communications, but accepts no liability for materials transmitted. Materials may also be transmitted
without the knowledge of ABN AMRO Morgans. ABN AMRO Morgans Limited its directors and employees do
not accept liability for the
results of any actions taken or not on the basis of the information in this report. ABN AMRO Morgans
Limited and its associates hold
or may hold securities in the companies/trusts mentioned herein. Any recommendation is made on the basis
of our research of the investment and may not suit the specific requirements of
clients. Assessments of
suitability to an individual's portfolio can only be made after an examination of the particular client's
investments, financial circumstances and requirements. ****************************************************************************
---
You are currently subscribed to cfaussie as: [EMAIL PROTECTED]
To unsubscribe send a blank email to [EMAIL PROTECTED]
MX Downunder AsiaPac DevCon - http://mxdu.com/
|