|
Home > Archive > MS Access Multiuser > August 2005 > Windows Logon
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| smortimore@hbf.com.au 2005-08-09, 3:25 am |
| Hello,
I have a form which I want to secure by asking the person to
authenticate using their Windows userid and password.
Any ideas how I can do this ??
I don't want to use Microsoft Access security...
Thanks in advance...
Steve
| |
| Rick Brandt 2005-08-09, 7:24 am |
| smortimore@hbf.com.au wrote:
> Hello,
>
> I have a form which I want to secure by asking the person to
> authenticate using their Windows userid and password.
>
> Any ideas how I can do this ??
>
> I don't want to use Microsoft Access security...
You cannot. It is trivial to retrieve the Windows UserName, but there is no way
to authenticate the password.
--
I don't check the Email account attached
to this message. Send instead to...
RBrandt at Hunter dot com
| |
| Douglas J. Steele 2005-08-09, 8:27 pm |
| This was asked (and answered) in another newsgroup.
It struck me that using the NT Challenge Process, as demonstrated by Randy
Birch at http://vbnet.mvps.org/code/network/...ex
t.htm,
should suffice.
--
Doug Steele, Microsoft Access MVP
http://I.Am/DougSteele
(no e-mails, please!)
"Rick Brandt" <rickbrandt2@hotmail.com> wrote in message
news:9b1Ke.221$SR5.143@newssvr22.news.prodigy.net...
> smortimore@hbf.com.au wrote:
>
> You cannot. It is trivial to retrieve the Windows UserName, but there is
> no way to authenticate the password.
>
> --
> I don't check the Email account attached
> to this message. Send instead to...
> RBrandt at Hunter dot com
>
| |
| Tony Toews 2005-08-10, 3:25 am |
| "Douglas J. Steele" < NOSPAM_djsteele@NOSP
AM_canada.com> wrote:
>It struck me that using the NT Challenge Process, as demonstrated by Randy
>Birch at http://vbnet.mvps.org/code/network/...ex
t.htm,
>should suffice.
Very interesting. Thanks for posting the URL. I also found the
following paragraph to be very interesting and follows my philosophy
of just using the user id.
"And now a word from the System Admin (aka the BOFH): The process of
collecting credentials from a user-mode application can provide a
possible security hole in a network computing environment (as well as
being annoying to a user). The Unified Logon requirement (which
specifies that the user should only have to type his or her
credentials once, at the logon screen), was added to the Microsoft
BackOffice logo requirements for these reasons. It is important to
ascertain whether your application's design really must rely on asking
for a user's complete credentials, or whether a more secure method of
credential validation is not more appropriate, for example by
reconfirming just the user name as shown in Verifying a User Account
using LookupAccountName . Regardless of the validation, it is strongly
recommended that all developers consult both the local system
administrator as well as security documentation in the Platform SDK
for guidance.:"
Tony
--
Tony Toews, Microsoft Access MVP
Please respond only in the newsgroups so that others can
read the entire thread of messages.
Microsoft Access Links, Hints, Tips & Accounting Systems at
http://www.granite.ab.ca/accsmstr.htm
|
|
|
|
|