Clicky

I would like to simply prompt a user for a password to authenticate them against a specific AD account but I do not need to create a process using the returned handle. This is essentially a checkpoint before allowing an Access 2003 form to launch.

My concern is that repeated use of this will yield a collection of unused handles and lead to unintended consequences.

If I make a call to LogonUser, grab the returned value to set a temporaryflag, and then call CloseHandle with the newly created handle, can I use this without causing any system issues? I

asked 12/08/2011 03:19

kkamm's gravatar image

kkamm ♦♦


4 Answers:
Here is the code ou need to do Windows Authentication...

 
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
Private Declare Function LogonUser Lib "Advapi32" Alias "LogonUserA" (ByVal _
    lpszUserName As String, ByVal lpszDomain As String, _
    ByVal lpszPassword As String, ByVal dwLogonType As Long, _
    ByVal dwLogonProvider As Long, phToken As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As _
    Long
Const LOGON32_PROVIDER_DEFAULT = 0&
Const LOGON32_LOGON_NETWORK = 3&

' Check whether a username/password pair is correct
'
' if DOMAIN is omitted, it uses the local account database
' and then asks trusted domains to search their account databases
' until it finds the account or the search is exhausted
' use DOMAIN="." to search only the local account database
'
'  IMPORTANT: works only under Windows NT and 2000 and XP

Dim mod_PasswordFailure As Long

Private Function CheckWindowsUser(ByVal UserName As String, _
    ByVal Password As String, Optional ByVal Domain As String) As Boolean
    Dim hToken As Long, ret As Long

    ' provide a default for the Domain name
    If Len(Domain) = 0 Then Domain = vbNullString
    ' check the username/password pair
    ' using LOGON32_LOGON_NETWORK delivers the best performance
    ret = LogonUser(UserName, Domain, Password, LOGON32_LOGON_NETWORK, _
        LOGON32_PROVIDER_DEFAULT, hToken)
    
    ' a non-zero value means success
    If ret Then
        CheckWindowsUser = True
        CloseHandle hToken
    End If

End Function


Private Sub btnCancel_Click()
    chkResult = False
    Me.Visible = False
End Sub

Private Sub btnSubmit_Click()
    txtPassword.SetFocus
    ToggleButtons False
    If Trim(txtLANID) & "" = "" Then
        MsgBox "Please enter your user ID", , Me.Caption
        ToggleButtons True
        Exit Sub
    ElseIf Trim(txtPassword) & "" = "" Then
        MsgBox "Please enter your password", , Me.Caption
        ToggleButtons True
        Exit Sub
    End If
    chkResult = CheckWindowsUser(Trim(txtLANID), Trim(txtPassword))
    If chkResult = False Then
        mod_PasswordFailure = mod_PasswordFailure + 1
        If mod_PasswordFailure = 3 Then
            chkResult = False
            Me.Visible = False
        Else
            MsgBox "User Name or Password error. Please try again."
            ToggleButtons True
            Exit Sub
        End If
    End If
    Me.Visible = False
End Sub

Private Sub ToggleButtons(boolEnable As Boolean)
    btnCancel.Enabled = boolEnable
    btnSubmit.Enabled = boolEnable
End Sub


Private Sub Form_Load()
    mod_PasswordFailure = 0
    If OpenArgs > "" Then
        lblLoginMessage.Caption = OpenArgs
    End If
End Sub


This code resides in a form which had 5 controls on it
A textbox called txtLANID
Another called txtPassword
A checkbox called chkResult, which is invisible
And two command buttons: btnSubmit and btnCancel

The form is opend by a public function in a standard module...

 
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
Function strWindowsAuthentication(Optional ByVal strMessage As String = "") As String
'---------------------------------------------------------------------------------------
' Procedure : strWindowsAuthentication
' Purpose   : Uses Windows Authentication to validate the user. Asks for LAN ID and password
' Returns   : The LANID that the user entered and validated with a password. On validation
'           : failure returns an empty string.
' Usage example :
'   Dim strReturn as String
'       strReturn = UCase(strWindowsAuthentication("Please enter your Windows Login Credentials"))
'       If strReturn <> "" Then
'          if strReturn <> UCase(fOsUserName()) Then
'                   ' Some other user ID was used
'               Else
'                   ' use is authenticated
'          End If
'       Else
'           ' User did not authenticate
'       End If
'---------------------------------------------------------------------------------------
'
Dim boolCancelled As Boolean
    DoCmd.OpenForm "WindowsAuthentication_frm", , , , , acDialog, Trim(strMessage)
    If Forms("WindowsAuthentication_frm").chkResult = False Then
        strWindowsAuthentication = ""
    Else
        strWindowsAuthentication = Forms("WindowsAuthentication_frm").txtLANID
    End If
    DoCmd.Close acForm, "WindowsAuthentication_frm"
End Function


The function either returns an empty string, indicating FAILURE to authenticate, or else it returns the LAN ID that successsfully authenticated.
link

answered

LambertHeenan's gravatar image

LambertHeenan

This is very similiar to what I was using except I was not using the CloseHandle call, which I have now included.

Are there any other items that LogonUser creates that need to be cleaned up, or will CloseHandle suffice? This code will be run on XP SP3.
link

answered 2011-12-09 at 08:02:34

kkamm's gravatar image

kkamm

Are there any other items that LogonUser creates that need to be cleaned up,

I do not believe so. I have used this code for some time now (on XP SP3) with no problems.
link

answered 2011-12-09 at 09:10:41

LambertHeenan's gravatar image

LambertHeenan

Great. That's what I needed to know. Thanks for the assist.
link

answered 2011-12-09 at 10:03:40

kkamm's gravatar image

kkamm

Your answer
[hide preview]

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Tags:

×39
×1
×48

Asked: 12/08/2011 03:19

Seen: 205 times

Last updated: 12/09/2011 04:13