Snitz Forums 2000 - Using NT Authentication

Snitz Forums 2000

Username:	Password:
Save Password
Forgot your Password?

All Forums

Help Groups for Snitz Forums 2000 Users

Help: Authentication: NT

Using NT Authentication

New Topic

Topic Locked

Printer Friendly

Author

Topic

cory_booth
Starting Member

Bhutan
13 Posts

Posted - 28 November 2005 : 19:08:37

Hello, I love this forum script. I am curious with the NT Authentication Process....

Is there a mod to use a seperate LDAP server? I usually authenticate my pages off a LDAP server. I am able to pull any value
from this server to populate the required fields - i.e. email address and full name...

Is there a way to use NT Authentication to do this?

I would like to build my own authentication page and provide the
session varibles or write the cookie for the forum to use and mark the user as "logged in",

AnonJr
Moderator

United States
5768 Posts

Posted - 28 November 2005 : 21:44:09

To the best of my knowledge, there is some code floating around in the archives to check with an LDAP server. As to how well it works, I can't say - we are still using NT4 authentication where I work.

{sigh}

pdrg
Support Moderator

United Kingdom
2897 Posts

Posted - 29 November 2005 : 05:35:22

AnonJr - are you saying you're still running NT4? Beware it is basically out-of-support now http://support.microsoft.com/gp/lifean3 if you hit issues, you're on your own, in other words :(

cory_booth
Starting Member

Bhutan
13 Posts

Posted - 29 November 2005 : 06:48:38

Thanks for the replies. I think I saw a bit on LDAP authentication, but it didn't address the issues I am faced with.

I am able to do the LDAP authentication. I am doing it already.
I take the user name and password and ping it off our LDAP server than depending on the error returned I know if the user is "authenticated" or not. Then using an Admin account I can take the user's name and Get some varibles from the LDAP server - such as email address, full name, first name, etc....

I am looking to see what routine I would need to modify in Snitz to basically take over the authentication function so my values from the LDAP server become the values used throughout the forum.

I figure that the NT authentication routine does a piece of what I need - which is: Obtain authentication from a "non-Snitz" source, but ping the Snitz database to find the user's level.

I can write the user / password authentication routine, I just need to know where the NT authnetication begins and how to modify it so the user is still prompted for a login and password, but that values are passed to an LDAP server rather than the Snitz database and then Snitz uses NT authentication to continue...

quote:
why did you not post this at Snitz?

The main reasons why this was not posted at Snitz and why I might not post the bugs I find
directly at Snitz anymore are the ways "ruirib and HuwR" take pleasure to criticize just about
anything I post and seem to resent the fact that I want to improve and correct Snitz which, I agree,
serve as the original base for my own Forum.

These are some of the actions I find unacceptable:
ruirib and HuwR take fun to Delete some of my topics, of my replies, locked or move my topic.

A topic posted last week from me to Davio in "Help: MOD Implementation" Forum as been deleted.

Two replies in my topic as been deleted about a bug on snitz topic page:
http://forum.snitz.com/forum/topic.asp?whichpage=5.96&TOPIC_ID=44136#372029

A Fix to texanman as been deleted (first reply to texanman subject):
http://forum.snitz.com/forum/topic.asp?TOPIC_ID=66162

One of my Multi-Language Topic on Snitz has disappeared last night
Multi-Language and Multi-Language Skin3D
http://forum.snitz.com/forum/topic.asp?TOPIC_ID=40765

etc...

3 times I changed my password and the day after the same game start.

Since I send to HuwR a donation of $200 on December 22, 2006
this guy HuwR has never stop to pick on every thing I post on the Snitz Forum.

I have even received from HuwR and ruirib an e-mail threatening to ban me from Snitz Forum :

Hello

You received the following message from: ruirib (ruirib@ruirib.net)

At: http://forum.snitz.com/forum/

It was a pleasure to have you there, hope you enjoyed the ride ;).
And don't try to sneak in...

Goodbye ;).

Hey as_shole, I know it’s Davio who is a member at your forums, gonna lock him out too

AnonJr
Moderator

United States
5768 Posts

Posted - 29 November 2005 : 09:46:23

quote:
Originally posted by pdrg

AnonJr - are you saying you're still running NT4? Beware it is basically out-of-support now http://support.microsoft.com/gp/lifean3 if you hit issues, you're on your own, in other words :(

If I had my druthers we'd be running XP with 2k3 servers, but as it is we have mostly Win2K clients and servers, a couple of Win98 boxes floating around to support some legacy app that no one has taken the time to test in compatability mode (though compatability mode did suck in Win2K), and a handfull of freaking old PII clients still floating around

- you want to talk about Win2K running sloooowwww.

Despite the mostly widespread use of Win2K, we are not using the AD. I wish it were otherwise. Oh, and the other web server is still running NT4. (I think there may be others, but I'm not privy to that information since I am a departamental programmer and not a part of IS

).

As to the question at hand, I can't say at this point. I've heard of some people doing it, but no one that I know of has posted code. I wish I could help on this one.

cory_booth
Starting Member

Bhutan
13 Posts

Posted - 29 November 2005 : 10:15:30

Here is my LDAP code:

dim sUserName, sPassWord, sUserId, sPassWd
sUserName = request.form("userid")
sPassWord = request.form("passwd")
sUserId = sUserName
sPassWd = sPassWord

'CHECK THE LDAP SERVER FOR VALID PASSWORD
dim akoServer, dnUserName, oLDAP
akoServer = "LDAP://directory.us.army.mil:636/"
dnUserName = "cn=" & sUserName & ",ou=People,ou=Army,ou=DoD,o=U.S. Government,c=US"
Set oLDAP = GetObject("LDAP:")

dim oContainer
Set oContainer = oLDAP.OpenDSObject(akoServer & dnUserName, dnUserName, sPassWord, 2)
If Err.Number = 0 Then
ErrorLevel = 1
bValidPwd = True

'OBTAIN USER ITEMS FROM LDAP SERVER
dim SUPERBROKER, SUPERBROKERPWD
SUPERBROKER = "CCCCCCCCC"
SUPERBROKERPWD = "CCCCCCCCCCC"

dim dnAdmin, akoName, akoEmail, armyRank, armyLN, armyFN, armyName
dnAdmin = "cn=" & SUPERBROKER & ",ou=army administrators,ou=Army,ou=DoD,o=U.S. Government,c=US"
Set oContainer = oLDAP.OpenDSObject(akoServer & dnUserName, dnAdmin, SUPERBROKERPWD, 2)

akoName = oContainer.Get("armySSN")
akoEmail = oContainer.Get("mail")
armyRank = oContainer.Get("title")
armyFN = oContainer.Get("givenname")
armyLN = oContainer.Get("sn")
armyNAme = armyRank & " " & armyFN & " " & armyLN
Set oContainer = Nothing
Set oLDAP = Nothing

'CHECK THE DB TO GET THE USER'S LOCAL DATABASE PRIVLEDGES
Set conn = Server.CreateObject("ADODB.Connection")
conn.open xDb_Conn_Str
sSql = "SELECT * FROM [tblWEBADD]"
sSql = sSql & " WHERE [ako] = '" & (sUserId) & "'"
Set rs = conn.Execute(sSql)
If Not rs.Eof Then
Session("add_ticket_User") = armyNAme
Session("add_ticket_PPA") = rs("PPA")
Session("add_ticket_email") = akoEmail
Else
ErrorLevel=1
bValidPwd = False

End If

I would like to take this routine and use it as the NT authentication piece...

Can anyone give me a hand?

quote:
why did you not post this at Snitz?

cory_booth
Starting Member

Bhutan
13 Posts

Posted - 04 December 2005 : 13:27:02

Well, no answer to my post, but I was able to fix this myself:
Using the above code to validate the user based on his/her login to a LDAP server.
' Write cookies

Session("forum_status") = "login"
strAutoLogon="1"
dim strUser, strNTUser, checkNT
strNTUser = Session("ako_id")
strUser = strNTUser
Session(strCookieURL & "userid") = strUser
strNTUserInfo = Session("ako_id")
strNTUserFullName=strNTUserInfo
Session(strCookieURL & "strNTUserFullName") = strNTUserFullName
'DID USE FULL NAME BUT THEN PM MOD Didn't work anymore

dim strSql
dim rs_chk
dim my_Conn
dim Level

'## Forum_SQL

set my_Conn = Server.CreateObject("ADODB.Connection")
my_Conn.Open "CCCCCCCCCCCCCCCCCCCCCCCCCCCCCcc"
strSql ="SELECT MEMBER_ID, M_LEVEL, M_PASSWORD, M_USERNAME, M_NAME FROM FORUM_MEMBERS WHERE M_USERNAME = '" & Session(strCookieURL & "userid") & "' AND M_STATUS = " & 1

Set rs_chk = Server.CreateObject("ADODB.Recordset")
rs_chk.open strSql, my_Conn

if rs_chk.BOF or rs_chk.EOF then
strLoginStatus = 0
else

Session(strCookieURL & "username") = rs_chk("M_NAME")
if strSetCookieToForum = 1 then
Response.Cookies(strUniqueID & "User").Path = strCookieURL
end if
Response.Cookies(strUniqueID & "User")("Name") = rs_chk("M_NAME")
Response.Cookies(strUniqueID & "User")("Pword") = rs_chk("M_PASSWORD")
'HAD TO PULL THE USER LEVEL MANUALLY - NOT SURE WHY....
Level = rs_chk("M_LEVEL")
Response.Cookies(strUniqueID & "User").Expires = dateAdd("d", intCookieDuration, strForumTimeAdjust)
Session(strCookieURL & "last_here_date") = ReadLastHereDate(Request.Form("Name"))
if strAuthType = "nt" then
Session(strCookieURL & "last_here_date") = ReadLastHereDate(Session(strCookieURL & "userID"))
end if

strLoginStatus = 1

mLev = cLng(chkUser(Session(strCookieURL & "userID"), Request.Cookies(strUniqueID & "User")("Pword"),-1))
if mLev = 4 then
Session(strCookieURL & "Approval") = "15916941253"
end if
mLev = Level
Session("email_Level") = mLev
end if

rs_chk.close
set rs_chk = nothing

Response.Redirect "sitenews.asp"

quote:
why did you not post this at Snitz?

cory_booth
Starting Member

Bhutan
13 Posts

Posted - 19 December 2005 : 16:01:53

Please Delete this post...

Thank you

quote:
why did you not post this at Snitz?

pdrg
Support Moderator

United Kingdom
2897 Posts

Posted - 20 December 2005 : 04:35:09

Cory - we're reluctant to delete posts - if you want I can edit some of the post details if you're worried about security or lock the post , but it's always useful to have a body-of-knowledge building up for the next person to search for...

Any particular reason?

Topic

New Topic

Topic Locked

Printer Friendly

Jump To:

Snitz Forums 2000

This page was generated in 0.19 seconds.