who is logged in user, from Active Dir?

[Jason Shohet]

How can I get the current logged in user on the computer? We're all Active
Directory here -- Netbios is not turned on however. I need to get the name
the user logged in as, when he started up his machine...

TY
jason shohet

 

[Carl Prothman [MVP]]

How can I get the current logged in user on the computer? We're all
Active Directory here -- Netbios is not turned on however. I need
to get the name the user logged in as, when he started up his
machine...

Jason,
If your IIS Application is using Windows Authentication and you have
Identity Impersonate enabled in web.config, then you can get the current
user's credential using: WindowsIdentity.GetCurrent().Name

--

Thanks,
Carl Prothman
Microsoft ASP.NET MVP

Hire top-notch developers at
http://www.able-consulting.com

 

[Jason Shohet]

hi Carl,
we're not using any authentication on the site -- its just a regular asp.net
intranet site that shows a list of employees. We'd like to allow employees
to edit a few records in a database. But first we have to know who they are
logged in as -- on the box. But I don't want to have the user have to log
in to the site... If i turn on windows authentication in iis (windows 2003
server), will that cause an ugly challenge-response window?

TY

 

[Greg Burns]

Not if using IE. (Firefox will still prompt). We use it all the time
(Windows 2000 Server IIS 5)

uncheck anonymous, and check integrated

add <authentication mode="Windows" /> to web.config also

you do NOT need to turn on Identity Impersonate in web.config to get
username!

Dim sCurrentuser As String = HttpContext.Current.User.Identity.Name will do
it from a class
or simply Page.User.Identity.Name from a web form.

Greg

 

[Jason Shohet]

Greg,

Half way there but still 1 problem. I turned on integrated authentication,
& put the code in you specified. It works fine on the server itself, and I
can get the logged in user. But when I browsed from my machine to the
server, it prompted me for username & password. I'm on an XP client, but
of course logged in against Active Directory a few days ago (i generally
don't turn my machine off, I just lock it ea. night ). Not sure why its
prompting me...

 

[Jason Shohet]

wait, my computer is the only one w/ the prob, its working on others... i'll
reboot & see if that works.
Its been a few weeks...

 

[Greg Burns]

OK, fraid of that.

Not sure about your network topography (also I'm not a network guru).

We connect to our intranet using http://intranet This "intranet" alias is
on our local dns server. If I try and type just the ip address it will
prompt for me too.

Couple things you can do:

Add the ip address to each browser's list of local address (in the security
tab).
Or add the ip addresss to your local hosts file.
C:\WINDOWS\system32\drivers\etc\hosts (no extension)

Obviously neither is very convenient.

The best is to have your "intranet" published on a DNS server.

But like I said, I am not a network guy and maybe talking out my *ss. :^)

Greg

 

[Jason Shohet]

Greg, VERY bizarre.

When I log on as Joe, Cathy or Rufus on my machine, they have no
problem getting authenticated & don't get interrogated. When I log on as
myself, I get the Abu Graib interrogation..... I don't get it. Is
something wrong with me
Have the network guys somehow cursed me so that I don't work with windows
integrated logon?

TY

 

[Greg Burns]

Sounds like you might have NTFS permisions restrictions set on the virtual
directory on the web site. Maybe you're not part of a group? Having said
that, if you don't have identity impersonate turned on in web.config (which
you shouldn't) this shouldn't be happening. Without it on, it will just
look like the ASPNET user is accessing the folder to NTFS.

If you want to restrict the site to specific users\groups in AD, use code
like this in web.config:

<authorization>
<allow roles="SRVWEB2\Permissions - HR" />
<allow users="OURDOMAIN\burnsg" />
<deny users="*" />
</authorization>

 

[Jason Shohet]

We're not restricting anything in the web.config at all !

The authentication works on 2/3 of the people I've tested, 1/3 it doesn't
work....
I'm going around to peoples' pc's to see if I can detect a pattern. We're
all on active directory however, the same domain.

 

[Greg Burns]

I understand. I am just saying you COULD restrict using web.config. Sounds
to me like you ARE restricting using NTFS permissions on the web server.

But, like I said (or thought I did). NTFS permissions should not be
blocking different users unless you have identity impersonate turned on in
web.config. If you DON'T have it turned on, then as far as NTFS permissions
are concerned everybody is connecting as the ASPNET user.

Take a look at the NTFS permissions for your virtual directory on the web
server.

Greg

 

[Jason Shohet]

I especially coded in the web.config:

<authentication mode="Windows" />
<identity impersonate="false" />



but still, I and certain others can't log in, and others can. Bizarre