capturing username

[Brent Burkart]

I am trying to capture the Windows Authenticated username, but I want to be
able to capture the login name that exists in IIS, not Windows. In order to
enter my company's intranet through the internet, they have to login. I want
to be able to capture that login versus their Windows login because I need
to know who they are from any computer rather than only their computer. Any
ideas?

Thanks

 

[Jim Cheshire [MSFT]]

Brent,

If you check HttpContext.Current.User.Identity, it will be the identity of
the user who is authenticated to the Web application. Is that what you
need?

Jim Cheshire, MCSE, MCSD [MSFT]
Microsoft Developer Support
ASP.NET
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.


--------------------

 

[Carl Prothman [MVP]]

I am trying to capture the Windows Authenticated username, but I want
to be able to capture the login name that exists in IIS, not Windows.
In order to enter my company's intranet through the internet, they
have to login. I want to be able to capture that login versus their
Windows login because I need to know who they are from any computer
rather than only their computer. Any ideas?

Brent,
I would use System.Security.Principal.WindowsIdentity.GetCurrent().Name

Watch out when using HttpContext.Current.User.Identity.Name. Depending
on the IIS / web.config file settings, User.Identity.Name will not give you the
correct result (for Windows authentication mode).

e.g.
On a Windows Server 2003 box where I'm logged in as Administrator:

- With Identity Impersonate= false and IIS Anonymous Access enabled / NTLM enabled
=> WindowsIdentity.GetCurrent().Name = "NT AUTHORITY\NETWORK SERVICE"
=> User.Identity.Name = ""

- With Identity Impersonate= false and IIS Anonymous Access disabled / NTLM enabled
=> WindowsIdentity.GetCurrent().Name = "NT AUTHORITY\NETWORK SERVICE"
=> User.Identity.Name = "CARL20\Administrator"


- With Identity Impersonate= true and IIS Anonymous Access enabled / NTLM enabled
=> WindowsIdentity.GetCurrent().Name = "CARL20\IUSR_CARL20"
=> User.Identity.Name = ""

- With Identity Impersonate= true and IIS Anonymous Access disabled / NTLM enabled
=> WindowsIdentity.GetCurrent().Name = "CARL20\Administrator"
=> User.Identity.Name = "CARL20\Administrator"

 

[Brent Burkart]

Thanks Carl,

I have Identity Impersonate = True and IIS Anonymous Access enabled and I am
not sure what NTLM is.

I still get the username of the machine login rather than the intranet
login.

Any ideas?

 

[Jim Cheshire [MSFT]]

Carl,

You are correct as long as we're relying on Windows Authentication or Basic
Authentication in IIS. (In other words, the authentication mode for the
application needs to be Windows.) I missed the "capture the Windows
Authenticated username" part of Brent's message initially due to
multi-tasking . As long as the above is correct, WindowsIdentity will
return the correct user as long as impersonation is enabled.

Jim Cheshire, MCSE, MCSD [MSFT]
Microsoft Developer Support
ASP.NET
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------

 

[Carl Prothman [MVP]]

I have Identity Impersonate = True and IIS Anonymous Access enabled
and I am not sure what NTLM is.
I still get the username of the machine login rather than the intranet
login.

Brent,
There can be only three possiable accounts you can get when using
Windows authentication mode with the default settings in machine.config:
1) MachineName\ASPNET (Windows XP - IIS 5.x)
or NT AUTHORITY\NETWORK SERVICE (Windows Server 2003 - IIS 6.0)
2) MachineName\ISUR_MachineName
3) DomainName\Username

Which one are you trying to get?

Here are the configurations in IIS and web.config which will result in obtaining
the above account: (note NTLM = Integrated Windows Authentication in IIS)

- With Identity Impersonate= false and IIS Anonymous Access enabled / NTLM enabled
=> WindowsIdentity.GetCurrent().Name = "NT AUTHORITY\NETWORK SERVICE"
=> User.Identity.Name = ""

- With Identity Impersonate= false and IIS Anonymous Access disabled / NTLM enabled
=> WindowsIdentity.GetCurrent().Name = "NT AUTHORITY\NETWORK SERVICE"
=> User.Identity.Name = "CARL20\Administrator"


- With Identity Impersonate= true and IIS Anonymous Access enabled / NTLM enabled
=> WindowsIdentity.GetCurrent().Name = "CARL20\IUSR_CARL20"
=> User.Identity.Name = ""

- With Identity Impersonate= true and IIS Anonymous Access disabled / NTLM enabled
=> WindowsIdentity.GetCurrent().Name = "CARL20\Administrator"
=> User.Identity.Name = "CARL20\Administrator"

 

[Carl Prothman [MVP]]

You are correct as long as we're relying on Windows Authentication or
Basic Authentication in IIS. (In other words, the authentication
mode for the application needs to be Windows.) I missed the "capture
the Windows Authenticated username" part of Brent's message initially
due to multi-tasking . As long as the above is correct,
WindowsIdentity will return the correct user as long as impersonation
is enabled.

Right. It was the "capture the login name that exists in IIS, not Windows"
comment that caught my eye. Hence my warning for User.Identity.Name
e.g.
- With Identity Impersonate= false and IIS Anonymous Access enabled / NTLM enabled
=> WindowsIdentity.GetCurrent().Name = "NT AUTHORITY\NETWORK SERVICE"
=> User.Identity.Name = ""
Note User.Identity.Name is blank.

I guess will find out exactly what Brent meant when he replys to my question in my last post... ;-)

 

[Brent Burkart]

Carl, thanks so much for your help.

I am trying to capture DomainName\Username. I don't care who logged into
the machine they are using. I only care who logged into the intranet site.
I have tried all of the combinations and I still can't seem to capture the
domainName\Username.

Thanks again

 

[Jim Cheshire [MSFT]]

Brent,

If you're using Windows Integrated authentication, they will be one and the
same in almost all cases.

If you're using Basic authentication, the user will be forced to enter a
username and password, but again, in almost all cases, they will use their
domain UN/PW to access the site.

I'm curious as to exactly what you're doing here. Can you elaborate any?

Jim Cheshire, MCSE, MCSD [MSFT]
Microsoft Developer Support
ASP.NET
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------

From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>

<[email protected]>

 

[Brent Burkart]

Thanks for replying.

We currently have a company intranet. To access this intranet, they must
login no matter what machine they are using. I am adding an application to
the intranet where it is neccessary that I know who is using it and instead
of managing usernames and passwords in a database, I will enter the user
automatically into my database the first time they use the application and I
will track their info based on their username.

Does that clarify?

Thanks for your help.

Brent,

If you're using Windows Integrated authentication, they will be one and the
same in almost all cases.

If you're using Basic authentication, the user will be forced to enter a
username and password, but again, in almost all cases, they will use their
domain UN/PW to access the site.

I'm curious as to exactly what you're doing here. Can you elaborate any?

Jim Cheshire, MCSE, MCSD [MSFT]
Microsoft Developer Support
ASP.NET
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------

From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>

<[email protected]>

Subject: Re: capturing username
Date: Fri, 2 Jan 2004 13:42:15 -0700
Lines: 71
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <[email protected]>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: te-64-146-67-30.transedge.com 64.146.67.30
Path:

cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP08

phx.gbl!TK2MSFTNGP10.phx.gbl
Xref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.framework.aspnet:199428
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Carl, thanks so much for your help.

I am trying to capture DomainName\Username. I don't care who logged into
the machine they are using. I only care who logged into the intranet site.
I have tried all of the combinations and I still can't seem to capture the
domainName\Username.

Thanks again
NTLM NTLM
enabled NTLM

 

[Jim Cheshire [MSFT]]

Brent,

You say "to access this intranet, they must login." How do you implement
that? What kind of authentication on the Web site in IIS?

Jim Cheshire, MCSE, MCSD [MSFT]
ASP.NET
Developer Support
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------

From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>

<[email protected]>
<eBakm8#[email protected]>
<[email protected]>

Subject: Re: capturing username
Date: Fri, 2 Jan 2004 17:11:04 -0700
Lines: 141
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <#[email protected]>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: te-64-146-67-30.transedge.com 64.146.67.30
Path: cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP08
..phx.gbl!TK2MSFTNGP12.phx.gbl
Xref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.framework.aspnet:199454
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Thanks for replying.

We currently have a company intranet. To access this intranet, they must
login no matter what machine they are using. I am adding an application to
the intranet where it is neccessary that I know who is using it and instead
of managing usernames and passwords in a database, I will enter the user
automatically into my database the first time they use the application and I
will track their info based on their username.

Does that clarify?

Thanks for your help.

Brent,

If you're using Windows Integrated authentication, they will be one and the
same in almost all cases.

If you're using Basic authentication, the user will be forced to enter a
username and password, but again, in almost all cases, they will use their
domain UN/PW to access the site.

I'm curious as to exactly what you're doing here. Can you elaborate any?

Jim Cheshire, MCSE, MCSD [MSFT]
Microsoft Developer Support
ASP.NET
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------

From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>

<[email protected]>

Subject: Re: capturing username
Date: Fri, 2 Jan 2004 13:42:15 -0700
Lines: 71
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <[email protected]>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: te-64-146-67-30.transedge.com 64.146.67.30
Path:

cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP0 8

phx.gbl!TK2MSFTNGP10.phx.gbl
Xref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.framework.aspnet:199428
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Carl, thanks so much for your help.

I am trying to capture DomainName\Username. I don't care who logged into
the machine they are using. I only care who logged into the intranet site.
I have tried all of the combinations and I still can't seem to capture the
domainName\Username.

Thanks again
Brent Burkart wrote:
Brent Burkart wrote:
I am trying to capture the Windows Authenticated username, but I
want to be able to capture the login name that exists in IIS, not
Windows. In order to enter my company's intranet through the
internet, they have to login. I want to be able to capture that
login versus their Windows login because I need to know who they
are from any computer rather than only their computer. Any ideas?

I have Identity Impersonate = True and IIS Anonymous Access enabled
and I am not sure what NTLM is.
I still get the username of the machine login rather than the intranet
login.


Brent,
There can be only three possiable accounts you can get when using
Windows authentication mode with the default settings in machine.config:
1) MachineName\ASPNET (Windows XP - IIS 5.x)
or NT AUTHORITY\NETWORK SERVICE (Windows Server 2003 - IIS 6.0)
2) MachineName\ISUR_MachineName
3) DomainName\Username

Which one are you trying to get?

Here are the configurations in IIS and web.config which will result in
obtaining
the above account: (note NTLM = Integrated Windows Authentication in
IIS)

- With Identity Impersonate= false and IIS Anonymous Access enabled / NTLM
enabled
=> WindowsIdentity.GetCurrent().Name = "NT AUTHORITY\NETWORK SERVICE"
=> User.Identity.Name = ""

- With Identity Impersonate= false and IIS Anonymous Access disabled /
NTLM enabled
=> WindowsIdentity.GetCurrent().Name = "NT AUTHORITY\NETWORK SERVICE"
=> User.Identity.Name = "CARL20\Administrator"


- With Identity Impersonate= true and IIS Anonymous Access enabled / NTLM
enabled
=> WindowsIdentity.GetCurrent().Name = "CARL20\IUSR_CARL20"
=> User.Identity.Name = ""

- With Identity Impersonate= true and IIS Anonymous Access disabled / NTLM
enabled
=> WindowsIdentity.GetCurrent().Name = "CARL20\Administrator"
=> User.Identity.Name = "CARL20\Administrator"

--

Thanks,
Carl Prothman
Microsoft ASP.NET MVP

 

[Brent Burkart]

Well, I didn't implement it, but I was assuming that IIS simply pops up a
login when someone hits the intranet. IIS is using "Basic Authentication".

Am I answering what you are asking?

Thanks for your help
Brent

Brent,

You say "to access this intranet, they must login." How do you implement
that? What kind of authentication on the Web site in IIS?

Jim Cheshire, MCSE, MCSD [MSFT]
ASP.NET
Developer Support
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------

From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>

<[email protected]>
<eBakm8#[email protected]>
<[email protected]>

Subject: Re: capturing username
Date: Fri, 2 Jan 2004 17:11:04 -0700
Lines: 141
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <#[email protected]>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: te-64-146-67-30.transedge.com 64.146.67.30
Path:

cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP08

phx.gbl!TK2MSFTNGP12.phx.gbl
Xref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.framework.aspnet:199454
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Thanks for replying.

We currently have a company intranet. To access this intranet, they must
login no matter what machine they are using. I am adding an application to
the intranet where it is neccessary that I know who is using it and instead
of managing usernames and passwords in a database, I will enter the user
automatically into my database the first time they use the application

and

I
will track their info based on their username.

Does that clarify?

Thanks for your help.

Brent,

If you're using Windows Integrated authentication, they will be one and the
same in almost all cases.

If you're using Basic authentication, the user will be forced to enter a
username and password, but again, in almost all cases, they will use their
domain UN/PW to access the site.

I'm curious as to exactly what you're doing here. Can you elaborate any?

Jim Cheshire, MCSE, MCSD [MSFT]
Microsoft Developer Support
ASP.NET
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------
From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>
<[email protected]>
<eBakm8#[email protected]>
<[email protected]>
Subject: Re: capturing username
Date: Fri, 2 Jan 2004 13:42:15 -0700
Lines: 71
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <[email protected]>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: te-64-146-67-30.transedge.com 64.146.67.30
Path:

cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP0
8

phx.gbl!TK2MSFTNGP10.phx.gbl
Xref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.framework.aspnet:199428
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Carl, thanks so much for your help.

I am trying to capture DomainName\Username. I don't care who logged into
the machine they are using. I only care who logged into the intranet site.
I have tried all of the combinations and I still can't seem to capture the
domainName\Username.

Thanks again
Brent Burkart wrote:
Brent Burkart wrote:
I am trying to capture the Windows Authenticated username, but I
want to be able to capture the login name that exists in IIS, not
Windows. In order to enter my company's intranet through the
internet, they have to login. I want to be able to capture that
login versus their Windows login because I need to know who they
are from any computer rather than only their computer. Any ideas?

I have Identity Impersonate = True and IIS Anonymous Access enabled
and I am not sure what NTLM is.
I still get the username of the machine login rather than the intranet
login.


Brent,
There can be only three possiable accounts you can get when using
Windows authentication mode with the default settings in machine.config:
1) MachineName\ASPNET (Windows XP - IIS 5.x)
or NT AUTHORITY\NETWORK SERVICE (Windows Server 2003 - IIS 6.0)
2) MachineName\ISUR_MachineName
3) DomainName\Username

Which one are you trying to get?

Here are the configurations in IIS and web.config which will result in
obtaining
the above account: (note NTLM = Integrated Windows Authentication in
IIS)

- With Identity Impersonate= false and IIS Anonymous Access enabled /
NTLM
enabled
=> WindowsIdentity.GetCurrent().Name = "NT AUTHORITY\NETWORK SERVICE"
=> User.Identity.Name = ""

- With Identity Impersonate= false and IIS Anonymous Access disabled /
NTLM enabled
=> WindowsIdentity.GetCurrent().Name = "NT AUTHORITY\NETWORK SERVICE"
=> User.Identity.Name = "CARL20\Administrator"


- With Identity Impersonate= true and IIS Anonymous Access enabled / NTLM
enabled
=> WindowsIdentity.GetCurrent().Name = "CARL20\IUSR_CARL20"
=> User.Identity.Name = ""

- With Identity Impersonate= true and IIS Anonymous Access disabled /
NTLM
enabled
=> WindowsIdentity.GetCurrent().Name = "CARL20\Administrator"
=> User.Identity.Name = "CARL20\Administrator"

--

Thanks,
Carl Prothman
Microsoft ASP.NET MVP

 

[Jim Cheshire [MSFT]]

Hi Brent,

As long as the following conditions are met, the username that you get from
WindowsIdentity.GetCurrent().Name will be the user who logs into the Web
site, not the username that was used when you logged into Windows:

1. Anonymous authentication is NOT enabled in IIS.
2. Basic is enabled in IIS.
3. Windows Integrated authentication is NOT enabled in IIS.
4. You have either turned on non-user specific impersonation in the
web.config or machine.config. (i.e. <identity impersonate = "true" />).

Given all of those, you will get the username that was entered into the
challenge box that the browser presented.

Jim Cheshire, MCSE, MCSD [MSFT]
ASP.NET
Developer Support
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------

From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>

<[email protected]>
<eBakm8#[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>

Subject: Re: capturing username
Date: Mon, 5 Jan 2004 08:52:02 -0700
Lines: 210
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <[email protected]>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: te-64-146-67-30.transedge.com 64.146.67.30
Path: cpmsftngxa07.phx.gbl!cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.
phx.gbl
Xref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.framework.aspnet:199736
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Well, I didn't implement it, but I was assuming that IIS simply pops up a
login when someone hits the intranet. IIS is using "Basic Authentication".

Am I answering what you are asking?

Thanks for your help
Brent

Brent,

You say "to access this intranet, they must login." How do you implement
that? What kind of authentication on the Web site in IIS?

Jim Cheshire, MCSE, MCSD [MSFT]
ASP.NET
Developer Support
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------

From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>

<[email protected]>
<eBakm8#[email protected]>
<[email protected]>

Subject: Re: capturing username
Date: Fri, 2 Jan 2004 17:11:04 -0700
Lines: 141
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <#[email protected]>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: te-64-146-67-30.transedge.com 64.146.67.30
Path:

cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP0 8

phx.gbl!TK2MSFTNGP12.phx.gbl
Xref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.framework.aspnet:199454
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Thanks for replying.

We currently have a company intranet. To access this intranet, they must
login no matter what machine they are using. I am adding an application to
the intranet where it is neccessary that I know who is using it and instead
of managing usernames and passwords in a database, I will enter the user
automatically into my database the first time they use the application

and

I
will track their info based on their username.

Does that clarify?

Thanks for your help.
Brent,

If you're using Windows Integrated authentication, they will be one and
the
same in almost all cases.

If you're using Basic authentication, the user will be forced to enter a
username and password, but again, in almost all cases, they will use their
domain UN/PW to access the site.

I'm curious as to exactly what you're doing here. Can you elaborate any?

Jim Cheshire, MCSE, MCSD [MSFT]
Microsoft Developer Support
ASP.NET
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------
From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>
<[email protected]>
<eBakm8#[email protected]>
<[email protected]>
Subject: Re: capturing username
Date: Fri, 2 Jan 2004 13:42:15 -0700
Lines: 71
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <[email protected]>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: te-64-146-67-30.transedge.com 64.146.67.30
Path:

cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP 0
8

phx.gbl!TK2MSFTNGP10.phx.gbl
Xref: cpmsftngxa07.phx.gbl
microsoft.public.dotnet.framework.aspnet:199428
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Carl, thanks so much for your help.

I am trying to capture DomainName\Username. I don't care who logged into
the machine they are using. I only care who logged into the intranet
site.
I have tried all of the combinations and I still can't seem to capture
the
domainName\Username.

Thanks again
Brent Burkart wrote:
Brent Burkart wrote:
I am trying to capture the Windows Authenticated username, but I
want to be able to capture the login name that exists in IIS, not
Windows. In order to enter my company's intranet through the
internet, they have to login. I want to be able to capture that
login versus their Windows login because I need to know who they
are from any computer rather than only their computer. Any ideas?

I have Identity Impersonate = True and IIS Anonymous Access enabled
and I am not sure what NTLM is.
I still get the username of the machine login rather than the
intranet
login.


Brent,
There can be only three possiable accounts you can get when using
Windows authentication mode with the default settings in
machine.config:
1) MachineName\ASPNET (Windows XP - IIS 5.x)
or NT AUTHORITY\NETWORK SERVICE (Windows Server 2003 - IIS 6.0)
2) MachineName\ISUR_MachineName
3) DomainName\Username

Which one are you trying to get?

Here are the configurations in IIS and web.config which will result in
obtaining
the above account: (note NTLM = Integrated Windows Authentication in
IIS)

- With Identity Impersonate= false and IIS Anonymous Access enabled /
NTLM
enabled
=> WindowsIdentity.GetCurrent().Name = "NT AUTHORITY\NETWORK
SERVICE"
=> User.Identity.Name = ""

- With Identity Impersonate= false and IIS Anonymous Access

disabled

/

 

[sandeep]

bvcgcgfc

Brent,

You say "to access this intranet, they must login." How do you implement
that? What kind of authentication on the Web site in IIS?

Jim Cheshire, MCSE, MCSD [MSFT]
ASP.NET
Developer Support
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------

From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>

<[email protected]>
<eBakm8#[email protected]>
<[email protected]>

Subject: Re: capturing username
Date: Fri, 2 Jan 2004 17:11:04 -0700
Lines: 141
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <#[email protected]>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: te-64-146-67-30.transedge.com 64.146.67.30
Path: cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP08
phx.gbl!TK2MSFTNGP12.phx.gbl
Xref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.framework.aspnet:199454
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Thanks for replying.

We currently have a company intranet. To access this intranet, they must
login no matter what machine they are using. I am adding an application to
the intranet where it is neccessary that I know who is using it and instead
of managing usernames and passwords in a database, I will enter the user
automatically into my database the first time they use the application and I
will track their info based on their username.

Does that clarify?

Thanks for your help.

Brent,

If you're using Windows Integrated authentication, they will be one and the
same in almost all cases.

If you're using Basic authentication, the user will be forced to enter a
username and password, but again, in almost all cases, they will use their
domain UN/PW to access the site.

I'm curious as to exactly what you're doing here. Can you elaborate any?

Jim Cheshire, MCSE, MCSD [MSFT]
Microsoft Developer Support
ASP.NET
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------
From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>
<[email protected]>
<eBakm8#[email protected]>
<[email protected]>
Subject: Re: capturing username
Date: Fri, 2 Jan 2004 13:42:15 -0700
Lines: 71
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <[email protected]>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: te-64-146-67-30.transedge.com 64.146.67.30
Path:
cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP0

8

phx.gbl!TK2MSFTNGP10.phx.gbl
Xref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.framework.aspnet:199428
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Carl, thanks so much for your help.

I am trying to capture DomainName\Username. I don't care who logged into
the machine they are using. I only care who logged into the intranet site.
I have tried all of the combinations and I still can't seem to capture the
domainName\Username.

Thanks again
Brent Burkart wrote:
Brent Burkart wrote:
I am trying to capture the Windows Authenticated username, but I
want to be able to capture the login name that exists in IIS, not
Windows. In order to enter my company's intranet through the
internet, they have to login. I want to be able to capture that
login versus their Windows login because I need to know who they
are from any computer rather than only their computer. Any ideas?

I have Identity Impersonate = True and IIS Anonymous Access enabled
and I am not sure what NTLM is.
I still get the username of the machine login rather than the intranet
login.


Brent,
There can be only three possiable accounts you can get when using
Windows authentication mode with the default settings in machine.config:
1) MachineName\ASPNET (Windows XP - IIS 5.x)
or NT AUTHORITY\NETWORK SERVICE (Windows Server 2003 - IIS 6.0)
2) MachineName\ISUR_MachineName
3) DomainName\Username

Which one are you trying to get?

Here are the configurations in IIS and web.config which will result in
obtaining
the above account: (note NTLM = Integrated Windows Authentication in
IIS)

- With Identity Impersonate= false and IIS Anonymous Access enabled /
NTLM
enabled
=> WindowsIdentity.GetCurrent().Name = "NT AUTHORITY\NETWORK SERVICE"
=> User.Identity.Name = ""

- With Identity Impersonate= false and IIS Anonymous Access disabled /
NTLM enabled
=> WindowsIdentity.GetCurrent().Name = "NT AUTHORITY\NETWORK SERVICE"
=> User.Identity.Name = "CARL20\Administrator"


- With Identity Impersonate= true and IIS Anonymous Access enabled / NTLM
enabled
=> WindowsIdentity.GetCurrent().Name = "CARL20\IUSR_CARL20"
=> User.Identity.Name = ""

- With Identity Impersonate= true and IIS Anonymous Access disabled /
NTLM
enabled
=> WindowsIdentity.GetCurrent().Name = "CARL20\Administrator"
=> User.Identity.Name = "CARL20\Administrator"

--

Thanks,
Carl Prothman
Microsoft ASP.NET MVP

 

[Brent Burkart]

Jim,

I think I have it working. I will get back to you on my solutions.

Thanks

Hi Brent,

As long as the following conditions are met, the username that you get from
WindowsIdentity.GetCurrent().Name will be the user who logs into the Web
site, not the username that was used when you logged into Windows:

1. Anonymous authentication is NOT enabled in IIS.
2. Basic is enabled in IIS.
3. Windows Integrated authentication is NOT enabled in IIS.
4. You have either turned on non-user specific impersonation in the
web.config or machine.config. (i.e. <identity impersonate = "true" />).

Given all of those, you will get the username that was entered into the
challenge box that the browser presented.

Jim Cheshire, MCSE, MCSD [MSFT]
ASP.NET
Developer Support
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------

From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>

<[email protected]>
<eBakm8#[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>

Subject: Re: capturing username
Date: Mon, 5 Jan 2004 08:52:02 -0700
Lines: 210
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <[email protected]>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: te-64-146-67-30.transedge.com 64.146.67.30
Path:

cpmsftngxa07.phx.gbl!cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.

phx.gbl
Xref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.framework.aspnet:199736
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Well, I didn't implement it, but I was assuming that IIS simply pops up a
login when someone hits the intranet. IIS is using "Basic Authentication".

Am I answering what you are asking?

Thanks for your help
Brent

Brent,

You say "to access this intranet, they must login." How do you implement
that? What kind of authentication on the Web site in IIS?

Jim Cheshire, MCSE, MCSD [MSFT]
ASP.NET
Developer Support
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------
From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>
<[email protected]>
<eBakm8#[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
Subject: Re: capturing username
Date: Fri, 2 Jan 2004 17:11:04 -0700
Lines: 141
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <#[email protected]>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: te-64-146-67-30.transedge.com 64.146.67.30
Path:

cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP0
8

phx.gbl!TK2MSFTNGP12.phx.gbl
Xref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.framework.aspnet:199454
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Thanks for replying.

We currently have a company intranet. To access this intranet, they must
login no matter what machine they are using. I am adding an

application
to

the intranet where it is neccessary that I know who is using it and instead
of managing usernames and passwords in a database, I will enter the user
automatically into my database the first time they use the application and
I
will track their info based on their username.

Does that clarify?

Thanks for your help.
Brent,

If you're using Windows Integrated authentication, they will be one and
the
same in almost all cases.

If you're using Basic authentication, the user will be forced to

enter
a

username and password, but again, in almost all cases, they will use
their
domain UN/PW to access the site.

I'm curious as to exactly what you're doing here. Can you elaborate any?

Jim Cheshire, MCSE, MCSD [MSFT]
Microsoft Developer Support
ASP.NET
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------
From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>
<[email protected]>
<eBakm8#[email protected]>
<[email protected]>
Subject: Re: capturing username
Date: Fri, 2 Jan 2004 13:42:15 -0700
Lines: 71
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <[email protected]>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: te-64-146-67-30.transedge.com 64.146.67.30
Path:

cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP

0

8
phx.gbl!TK2MSFTNGP10.phx.gbl
Xref: cpmsftngxa07.phx.gbl
microsoft.public.dotnet.framework.aspnet:199428
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Carl, thanks so much for your help.

I am trying to capture DomainName\Username. I don't care who logged
into
the machine they are using. I only care who logged into the intranet
site.
I have tried all of the combinations and I still can't seem to capture
the
domainName\Username.

Thanks again
Brent Burkart wrote:
Brent Burkart wrote:
I am trying to capture the Windows Authenticated username,

but

I result
in Authentication
in enabled
/ disabled

enabled

/ disabled
/

 

[GertJan]

Hi Jim, Brent

I'm following this discussion a while and have question.

I have implemented all these steps and work fine, but I
also want to trace the original login which the user used
to login at his own domain.

I have tried to use scripting to get this username
userdomain and machine name (the one you see when typing
SET in dos-box).

I used the following code, but it does not work
(errormessage unabled to create activeX object WScript.Shell)



Could you help me on this, or are there other ways to find
this information?



Best regards and thanks in advance!



Gert Jan

<script language="vbscript">
Set Shell = CreateObject("WScript.Shell")
CompName = Shell.ExpandEnvironmentStrings("%COMPUTERNAME%")
Document.writeln(CompName)
MsgBox(CompName)
</script>






=====

-----Original Message-----
Hi Brent,

As long as the following conditions are met, the username that you get from
WindowsIdentity.GetCurrent().Name will be the user who logs into the Web
site, not the username that was used when you logged into Windows:

1. Anonymous authentication is NOT enabled in IIS.
2. Basic is enabled in IIS.
3. Windows Integrated authentication is NOT enabled in IIS.
4. You have either turned on non-user specific impersonation in the
web.config or machine.config. (i.e. <identity impersonate = "true" />).

Given all of those, you will get the username that was entered into the
challenge box that the browser presented.

Jim Cheshire, MCSE, MCSD [MSFT]
ASP.NET
Developer Support
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------

From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>

<[email protected]>
<eBakm8#[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>

Subject: Re: capturing username
Date: Mon, 5 Jan 2004 08:52:02 -0700
Lines: 210
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <[email protected]>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: te-64-146-67-30.transedge.com 64.146.67.30
Path: cpmsftngxa07.phx.gbl!cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.
phx.gbl
Xref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.framework.aspnet:199736
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Well, I didn't implement it, but I was assuming that IIS simply pops up a
login when someone hits the intranet. IIS is using "Basic Authentication".

Am I answering what you are asking?

Thanks for your help
Brent

Brent,

You say "to access this intranet, they must login." How do you implement
that? What kind of authentication on the Web site in IIS?

Jim Cheshire, MCSE, MCSD [MSFT]
ASP.NET
Developer Support
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------
From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>
<[email protected]>
<eBakm8#[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
Subject: Re: capturing username
Date: Fri, 2 Jan 2004 17:11:04 -0700
Lines: 141
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <#[email protected]>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: te-64-146-67-30.transedge.com 64.146.67.30
Path:
cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP0

8

phx.gbl!TK2MSFTNGP12.phx.gbl
Xref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.framework.aspnet:199454
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Thanks for replying.

We currently have a company intranet. To access this

intranet, they
must

adding an application
to using it and
instead

will enter the
user

the application
and

they will be one
and

the
same in almost all cases.

If you're using Basic authentication, the user will

be forced to enter
a

username and password, but again, in almost all cases, they will use
their
domain UN/PW to access the site.

I'm curious as to exactly what you're doing here.

Can you elaborate
any?

Jim Cheshire, MCSE, MCSD [MSFT]
Microsoft Developer Support
ASP.NET
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------
From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>
<[email protected]>
<eBakm8#[email protected]>
<[email protected]>
Subject: Re: capturing username
Date: Fri, 2 Jan 2004 13:42:15 -0700
Lines: 71
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <[email protected]>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: te-64-146-67-30.transedge.com 64.146.67.30
Path:


cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP 0
8
phx.gbl!TK2MSFTNGP10.phx.gbl
Xref: cpmsftngxa07.phx.gbl
microsoft.public.dotnet.framework.aspnet:199428
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Carl, thanks so much for your help.

I am trying to capture DomainName\Username. I don't care who logged
into
the machine they are using. I only care who logged into the intranet
site.
I have tried all of the combinations and I still

can't seem to
capture Authenticated username, but
I

that exists in IIS,
not

need to know who
they

computer. Any
ideas? Anonymous Access
enabled which will result
in Windows Authentication
in Anonymous Access enabled
/

Anonymous Access
disabled

/

Anonymous Access enabled
/

Anonymous Access disabled
/

.

 

[Jim Cheshire [MSFT]]

Gert,

I'm not sure how you can do that. You've authenticated the user already as
someone else to the Web application because of Basic authentication.
Perhaps someone else here will have other ideas.

Jim Cheshire, MCSE, MCSD [MSFT]
ASP.NET
Developer Support
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------

Content-Class: urn:content-classes:message
From: "GertJan" <[email protected]>
Sender: "GertJan" <[email protected]>
References: <e#[email protected]>

<[email protected]>
<eBakm8#[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
<#[email protected]>
<[email protected]>

Subject: Re: capturing username
Date: Tue, 13 Jan 2004 02:30:42 -0800
Lines: 372
Message-ID: <[email protected]>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Newsreader: Microsoft CDO for Windows 2000
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
Thread-Index: AcPZwEuPyXEvMlJ6QreMe3vVQ0vshA==
Newsgroups: microsoft.public.dotnet.framework.aspnet
Path: cpmsftngxa07.phx.gbl
Xref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.framework.aspnet:201702
NNTP-Posting-Host: tk2msftngxa12.phx.gbl 10.40.1.164
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Hi Jim, Brent
I'm following this discussion a while and have question.
I have implemented all these steps and work fine, but I
also want to trace the original login which the user used
to login at his own domain.
I have tried to use scripting to get this username
userdomain and machine name (the one you see when typing
SET in dos-box).
I used the following code, but it does not work
(errormessage unabled to create activeX object WScript.Shell)

Could you help me on this, or are there other ways to find
this information?

Best regards and thanks in advance!

Gert Jan
<script language="vbscript">
Set Shell = CreateObject("WScript.Shell")
CompName = Shell.ExpandEnvironmentStrings("%COMPUTERNAME%")
Document.writeln(CompName)
MsgBox(CompName)
</script>



=====

-----Original Message-----
Hi Brent,

As long as the following conditions are met, the username that you get from
WindowsIdentity.GetCurrent().Name will be the user who logs into the Web
site, not the username that was used when you logged into Windows:

1. Anonymous authentication is NOT enabled in IIS.
2. Basic is enabled in IIS.
3. Windows Integrated authentication is NOT enabled in IIS.
4. You have either turned on non-user specific impersonation in the
web.config or machine.config. (i.e. <identity impersonate = "true" />).

Given all of those, you will get the username that was entered into the
challenge box that the browser presented.

Jim Cheshire, MCSE, MCSD [MSFT]
ASP.NET
Developer Support
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------

From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>

<[email protected]>
<eBakm8#[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>

Subject: Re: capturing username
Date: Mon, 5 Jan 2004 08:52:02 -0700
Lines: 210
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <[email protected]>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: te-64-146-67-30.transedge.com 64.146.67.30
Path:

cpmsftngxa07.phx.gbl!cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP1 0.
phx.gbl

Xref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.framework.aspnet:199736
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Well, I didn't implement it, but I was assuming that IIS simply pops up a
login when someone hits the intranet. IIS is using "Basic Authentication".

Am I answering what you are asking?

Thanks for your help
Brent
Brent,

You say "to access this intranet, they must login." How do you implement
that? What kind of authentication on the Web site in IIS?

Jim Cheshire, MCSE, MCSD [MSFT]
ASP.NET
Developer Support
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------
From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>
<[email protected]>
<eBakm8#[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
Subject: Re: capturing username
Date: Fri, 2 Jan 2004 17:11:04 -0700
Lines: 141
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <#[email protected]>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: te-64-146-67-30.transedge.com 64.146.67.30
Path:

cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNG

P0
8

phx.gbl!TK2MSFTNGP12.phx.gbl
Xref: cpmsftngxa07.phx.gbl
microsoft.public.dotnet.framework.aspnet:199454
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Thanks for replying.

We currently have a company intranet. To access this

intranet, they
must

login no matter what machine they are using. I am adding an application
to
the intranet where it is neccessary that I know who is using it and
instead
of managing usernames and passwords in a database, I

will enter the
user

automatically into my database the first time they use the application
and
I
will track their info based on their username.

Does that clarify?

Thanks for your help.
Brent,

If you're using Windows Integrated authentication,

they will be one
and

the
same in almost all cases.

If you're using Basic authentication, the user will be forced to enter
a
username and password, but again, in almost all cases, they will use
their
domain UN/PW to access the site.

I'm curious as to exactly what you're doing here. Can you elaborate
any?

Jim Cheshire, MCSE, MCSD [MSFT]
Microsoft Developer Support
ASP.NET
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.

--------------------
From: "Brent Burkart" <[email protected]>
References: <e#[email protected]>
<[email protected]>
<eBakm8#[email protected]>
<[email protected]>
Subject: Re: capturing username
Date: Fri, 2 Jan 2004 13:42:15 -0700
Lines: 71
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <[email protected]>
Newsgroups: microsoft.public.dotnet.framework.aspnet
NNTP-Posting-Host: te-64-146-67-30.transedge.com 64.146.67.30
Path:


cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTN

GP
0

8
phx.gbl!TK2MSFTNGP10.phx.gbl
Xref: cpmsftngxa07.phx.gbl
microsoft.public.dotnet.framework.aspnet:199428
X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet

Carl, thanks so much for your help.

I am trying to capture DomainName\Username. I don't care who logged
into
the machine they are using. I only care who logged into the intranet
site.
I have tried all of the combinations and I still

can't seem to
capture

the
domainName\Username.

Thanks again
Brent Burkart wrote:
Brent Burkart wrote:
I am trying to capture the Windows

Authenticated username, but
I

want to be able to capture the login name that exists in IIS,
not
Windows. In order to enter my company's intranet through the
internet, they have to login. I want to be able to capture that
login versus their Windows login because I

need to know who
they

are from any computer rather than only their computer. Any
ideas?

I have Identity Impersonate = True and IIS Anonymous Access
enabled
and I am not sure what NTLM is.
I still get the username of the machine login rather than the
intranet
login.


Brent,
There can be only three possiable accounts you can get when using
Windows authentication mode with the default settings in
machine.config:
1) MachineName\ASPNET (Windows XP - IIS 5.x)
or NT AUTHORITY\NETWORK SERVICE (Windows Server 2003 - IIS 6.0)
2) MachineName\ISUR_MachineName
3) DomainName\Username

Which one are you trying to get?

Here are the configurations in IIS and web.config which will result
in
obtaining
the above account: (note NTLM = Integrated Windows Authentication
in
IIS)

- With Identity Impersonate= false and IIS Anonymous Access enabled
/
NTLM
enabled
=> WindowsIdentity.GetCurrent().Name = "NT AUTHORITY\NETWORK
SERVICE"
=> User.Identity.Name = ""

- With Identity Impersonate= false and IIS

Anonymous Access
disabled

/
NTLM enabled
=> WindowsIdentity.GetCurrent().Name = "NT AUTHORITY\NETWORK
SERVICE"
=> User.Identity.Name = "CARL20\Administrator"


- With Identity Impersonate= true and IIS

Anonymous Access enabled
/

NTLM
enabled
=> WindowsIdentity.GetCurrent().Name = "CARL20\IUSR_CARL20"
=> User.Identity.Name = ""

- With Identity Impersonate= true and IIS Anonymous Access disabled
/
NTLM
enabled
=> WindowsIdentity.GetCurrent().Name = "CARL20\Administrator"
=> User.Identity.Name = "CARL20\Administrator"

--

Thanks,
Carl Prothman
Microsoft ASP.NET MVP

.