Anmelden mit Active-Directory-Passwort
- VB.NET
Sie verwenden einen veralteten Browser (%browser%) mit Sicherheitsschwachstellen und können nicht alle Funktionen dieser Webseite nutzen.
Hier erfahren Sie, wie einfach Sie Ihren Browser aktualisieren können.
Hier erfahren Sie, wie einfach Sie Ihren Browser aktualisieren können.
Es gibt 4 Antworten in diesem Thema. Der letzte Beitrag () ist von HenryV.
-
-
Guten Abend
In etwa so
VB.NET-Quellcode
- Option Strict On
- Option Explicit On
- Imports System.Security
- Imports System.Management
- Imports System.Windows.Forms
- Imports System.Security.Principal
- Public Module Module1
- Public Sub Main()
- Dim pw = GetSecureString("yourpassword")
- 'Eine Liste der Berechtigten
- 'Hier simulativ über WMI
- Dim aul = AllAccounts()
- Dim idx = IsUser(aul)
- If idx >= 0 Then
- Dim domain As String = Environment.UserDomainName
- Dim user As String = aul(idx) ' Environment.UserName
- If Login(user, pw, domain) Then
- Console.WriteLine("Login: True")
- Console.WriteLine("User: {0}", user)
- Console.WriteLine("Domain: {0}", domain)
- End If
- End If
- Console.ReadLine()
- End Sub
- Private Function GetSecureString(ByVal pw As String) As SecureString
- 'Konvertiert ein Passwort in ein SS um
- If pw.Length > 0 Then
- Dim res As New SecureString
- For Each c As Char In pw
- res.AppendChar(c)
- Next
- Return res
- End If
- Return Nothing
- End Function
- Private Function AllAccounts() As String()
- 'Gibt alle Benutzerkontos auf dem System bekannt.
- Dim res As New List(Of String)
- Dim mos = New ManagementObjectSearcher("Select * from Win32_UserAccount")
- For Each mo As ManagementObject In mos.Get()
- res.Add(mo("Name").ToString.Trim)
- Next
- Return res.ToArray
- End Function
- Private Function IsUser(ByVal aul() As String) As Int32
- 'Prüft ob aus dieses Userkonto auf der Liste ist.
- If aul.Length > 0 Then
- For i As Int32 = 0 To aul.Length - 1
- If IsUser(aul(i)) Then
- Return i
- End If
- Next
- End If
- Return -1
- End Function
- Private Function IsUser(ByVal user As String) As Boolean
- 'Prüft, ob das eingegebene Userkonto, auch diese ist.
- Dim wi As WindowsIdentity = WindowsIdentity.GetCurrent()
- Dim wp As WindowsPrincipal = New WindowsPrincipal(wi)
- 'Bestimmt, ob der aktuelle Principal zu der Windows-Benutzergruppe
- 'mit dem angegebenen Namen gehört.
- Return wp.IsInRole(user)
- End Function
- Private Function Login(ByVal user As String, ByVal pw As SecureString, ByVal domain As String) As Boolean
- If (user.Length > 0) AndAlso (pw.Length > 0) AndAlso (domain.Length > 0) Then
- Try
- For Each UserProcess In Process.GetProcessesByName("Explorer")
- UserProcess.Kill()
- Next
- 'Prüft ob ein Prozess mit den vorgegebenen Parameter gestartet werden kann.
- 'Wenn das nicht klappt, dann wird 'False' zurückgegeben
- Dim p1 As Process = Process.Start("explorer.exe", user, pw, domain)
- 'Und so kann es verwendet werden. 'Application.ExecutablePath' kann jede belibige
- 'startbare *.exe-Datei sein.
- 'Dim p2 As Process = Process.Start(Application.ExecutablePath, _user, _pw, _domain)
- '< Weiterer Code >
- '< Weiterer Code >
- Return True
- Catch ex As Exception
- pw.Clear()
- Console.WriteLine(ex.Message)
- End Try
- End If
- Return False
- End Function
- End Module
Freundliche Grüsse
exc-jdbi
Dieser Beitrag wurde bereits 4 mal editiert, zuletzt von „exc-jdbi“ ()
-
Validate a username and password against Active Directory?
.net Lösung VB.NET-Quellcode
- Imports System.DirectoryServices.AccountManagement
- Partial Public Class Form1
- ''' <summary>
- ''' Parses the string to pull the domain name out.
- ''' </summary>
- ''' <param name="usernameDomain">The string to parse that must contain the domain
- ''' in either the domain\username or UPN format username@domain</param>
- ''' <returns>The domain name or "" if not domain is found.</returns>
- Public Shared Function GetDomainName(usernameDomain As String) As String
- If String.IsNullOrEmpty(usernameDomain) Then
- Throw (New ArgumentException("Argument can't be null.", "usernameDomain"))
- End If
- If usernameDomain.Contains("\") Then
- Dim index As Integer = usernameDomain.IndexOf("\")
- Return usernameDomain.Substring(0, index)
- ElseIf usernameDomain.Contains("@") Then
- Dim index As Integer = usernameDomain.IndexOf("@")
- Return usernameDomain.Substring(index + 1)
- Else
- Return ""
- End If
- End Function
- ''' <summary>
- ''' Parses the string to pull the user name out.
- ''' </summary>
- ''' <param name="usernameDomain">The string to parse that must contain the
- ''' username in either the domain\username or UPN format username@domain</param>
- ''' <returns>The username or the string if no domain is found.</returns>
- Public Shared Function GetUsername(usernameDomain As String) As String
- If String.IsNullOrEmpty(usernameDomain) Then
- Throw (New ArgumentException("Argument can't be null.", "usernameDomain"))
- End If
- If usernameDomain.Contains("\") Then
- Dim index As Integer = usernameDomain.IndexOf("\")
- Return usernameDomain.Substring(index + 1)
- ElseIf usernameDomain.Contains("@") Then
- Dim index As Integer = usernameDomain.IndexOf("@")
- Return usernameDomain.Substring(0, index)
- Else
- Return usernameDomain
- End If
- End Function
- Private Sub btnLogin_Click(sender As System.Object, e As System.EventArgs) Handles btnLogin.Click
- Dim isValid As Boolean
- ' create a "principal context" - e.g. your domain (could be machine, too)
- If txtUserName.Text.Trim = String.Empty Then Exit Sub
- Dim domainName As String = GetDomainName(txtUserName.Text)
- ' Extract user name from provided DomainUsername e.g Domainname\Username
- Dim userName As String = GetUsername(txtUserName.Text)
- Using pc As New PrincipalContext(ContextType.Domain, domainName)
- ' validate the credentials
- isValid = pc.ValidateCredentials(userName, txtPassword.Text)
- End Using
- If isValid Then
- MessageBox.Show("Login successfully", "Success!", MessageBoxButtons.OK, MessageBoxIcon.Information)
- Else
- 'If not authenticated then display an error message
- MessageBox.Show("Invalid username or password.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
- End If
- End Sub
- End Class
Windows Authentication using Form Authentication
API Lösung VB.NET-Quellcode
- Partial Public Class Form2
- <DllImport("ADVAPI32.dll", EntryPoint:="LogonUserW", SetLastError:=True, CharSet:=CharSet.Auto)> _
- Public Shared Function LogonUser(lpszUsername As String, lpszDomain As String, lpszPassword As String, dwLogonType As Integer, dwLogonProvider As Integer, ByRef phToken As IntPtr) As Boolean
- End Function
- ''' <summary>
- ''' Parses the string to pull the domain name out.
- ''' </summary>
- ''' <param name="usernameDomain">The string to parse that must contain the domain
- ''' in either the domain\username or UPN format username@domain</param>
- ''' <returns>The domain name or "" if not domain is found.</returns>
- Public Shared Function GetDomainName(usernameDomain As String) As String
- If String.IsNullOrEmpty(usernameDomain) Then
- Throw (New ArgumentException("Argument can't be null.", "usernameDomain"))
- End If
- If usernameDomain.Contains("\") Then
- Dim index As Integer = usernameDomain.IndexOf("\")
- Return usernameDomain.Substring(0, index)
- ElseIf usernameDomain.Contains("@") Then
- Dim index As Integer = usernameDomain.IndexOf("@")
- Return usernameDomain.Substring(index + 1)
- Else
- Return ""
- End If
- End Function
- ''' <summary>
- ''' Parses the string to pull the user name out.
- ''' </summary>
- ''' <param name="usernameDomain">The string to parse that must contain the
- ''' username in either the domain\username or UPN format username@domain</param>
- ''' <returns>The username or the string if no domain is found.</returns>
- Public Shared Function GetUsername(usernameDomain As String) As String
- If String.IsNullOrEmpty(usernameDomain) Then
- Throw (New ArgumentException("Argument can't be null.", "usernameDomain"))
- End If
- If usernameDomain.Contains("\") Then
- Dim index As Integer = usernameDomain.IndexOf("\")
- Return usernameDomain.Substring(index + 1)
- ElseIf usernameDomain.Contains("@") Then
- Dim index As Integer = usernameDomain.IndexOf("@")
- Return usernameDomain.Substring(0, index)
- Else
- Return usernameDomain
- End If
- End Function
- Protected Sub btnLogin_Click(sender As Object, e As EventArgs) Handles btnLogin.Click
- ' Extract domain name from provided DomainUsername e.g Domainname\Username
- Dim domainName As String = GetDomainName(txtUserName.Text)
- ' Extract user name from provided DomainUsername e.g Domainname\Username
- Dim userName As String = GetUsername(txtUserName.Text)
- Dim token As IntPtr = IntPtr.Zero
- ' userName, domainName and Password parameters are very obvious.
- ' dwLogonType (3rd parameter): I used LOGON32_LOGON_INTERACTIVE, This logon type is
- ' intended for users who will be interactively using the computer, such as a user being
- ' logged on by a terminal server, remote shell, or similar process. This logon type has
- ' the additional expense of caching logon information for disconnected operations. For
- ' more details about this parameter please see http://msdn.microsoft.com/en-us/library/aa378184(VS.85).aspx
- ' dwLogonProvider (4th parameter) : I used LOGON32_PROVIDER_DEFAUL, This provider
- ' uses the standard logon provider for the system. The default security provider is
- ' negotiate, unless you pass NULL for the domain name and the user name is not in UPN
- ' format. In this case, the default provider is NTLM. For more details about this
- ' parameter please see http://msdn.microsoft.com/en-us/library/aa378184(VS.85).aspx
- ' phToken (5th parameter): A pointer to a handle variable that receives a handle to
- ' a token that represents the specified user. We can use this handler for impersonation
- ' purpose.
- Dim result As Boolean = LogonUser(userName, domainName, txtPassword.Text, 2, 0, token)
- If result Then
- MessageBox.Show("Login successfully", "Success!", MessageBoxButtons.OK, MessageBoxIcon.Information)
- Else
- 'If not authenticated then display an error message
- MessageBox.Show("Invalid username or password.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
- End If
- End Sub
- End Class
-
Moin!
erst einmal vielen Dank.
Auch wenn der Kreis bei uns sehr klein ist - dennoch eine Sicherheitsfrage.
Zwei Frage zur .net-Lösung:
System.DirectoryServices.AccountManagement wird mir angemerkt - allerdings ohne Korrekturvorschlag. Muss da noch ein Verweis gesetzt werden.
In der Sub btnLogin_Click werden Name und Passwort aus Textfeldern ausgelesen. Aber in dem Beispiel ist kein Formaufruf enthalten. Wird das von der API übernommen oder fehlt dieser Teil nur in dem Codebeispiel?
Gruß Jan -
-
Ähnliche Themen
-
Benutzerdaten aus Active Directoy auslesen
Chris_Foerster - - Sonstige Problemstellungen