Snitz Forums 2000 - Admin Logon & NT Authentication

Snitz Forums 2000

Username:	Password:
Save Password
Forgot your Password?

All Forums

Help Groups for Snitz Forums 2000 Users

Help: Authentication: NT

Admin Logon & NT Authentication

New Topic

Topic Locked

Printer Friendly

Author

Topic

(.)z
New Member

United Kingdom
85 Posts

Posted - 15 January 2002 : 05:19:11

Snitz 3.3 + Win2k + mySQL

Using NT Groups = NO
Using NT AutoLogon = NO

My NT userid is associated with the forum Admin user. When I logon to the forums, I am shown as user Admin (adf) and I am shown the Admin options.

When I click Admin, I am taken to the Admin logon screen. The logon credentials I have to type here do not relate in any way to my NT account. Specifically, I have to type Admin and enter a blank password.

Now that I know this, I can do admin, but it was not obvious this was the case, nor does it make sense.

The admin_logon.asp does not seem to have any NT Authentication logic in it.

Regards -

z - The Richtext Editor - http://richtext.cs.ramesys.com/

earlclaus
Starting Member

30 Posts

Posted - 17 January 2002 : 02:21:33

You should add a hack to the top of the admin_*.asp pages to validate that the logged-on user is in the Domain Administrators group (or whatever group your forum administrators are in).
Then change ...
Using NT Groups = YES
Using NT AutoLogon = YES

This should restrict access well enough to make any computer security person feel more comfortable.

Earl Claus, Web Master
http://www.InternetRemoteBase.com

Edited by - earlclaus on 17 January 2002 02:24:47

Topic

New Topic

Topic Locked

Printer Friendly

Jump To:

Snitz Forums 2000

This page was generated in 0.12 seconds.