how to verify user id and password in win2000 AD

  • Thread starter Thread starter Kals
  • Start date Start date
K

Kals

Hi,
I need a program to verfiy userid/password and he's
informations in a
window 2000 AD,

I call win32 api LookupAccountName() to verify if the
userid exists,
and NetUserGetInfo() to retrive he's password,
but,by MSDN,for security resons,NetUserGetInfo() always
returns NULL for the password section.

so,is there any other way to retrive user's password ?

thanks very much :-)
 
A Microsoft public newsgroup is not the best place to ask for information on
bypassing Windows security.
 
Kals said:
Hi,
I need a program to verfiy userid/password and he's
informations in a
window 2000 AD,

I call win32 api LookupAccountName() to verify if the
userid exists,
and NetUserGetInfo() to retrive he's password,
but,by MSDN,for security resons,NetUserGetInfo() always
returns NULL for the password section.

so,is there any other way to retrive user's password ?

thanks very much :-)
Click to expand...

If you just want to authenticate against the AD then you should call
either AdsOpenObject or LogonUser. You as the programmer do not need
to know the user's password (they are one-way encrypted anyways). The
Windows security model is based on impersonation, so the way to verify
a user's username/password is to call LogonUser with the user's
creditenials and if it returns success, you know you have a valid
user.
 
No you can not retrieve the password, you must try to authenticate the user against the domain with various programmatic
methods such as wnetaddconnection2 or logonuser or an ldap bind of some sort.
 
Back
Top