Extracting NT username

Results 1 to 4 of 4

Thread: Extracting NT username

  1. #1
    David Gault Guest

    Default Extracting NT username

    I have a quiz that I want to make available online. The problem is that if I provide a field for identifying the user, it is possible to take the quiz in someone else&#039s name. I won&#039t be able to use a database for this one so is there any way I can extract the user&#039s NT login name so that when this is posted it has an identifier for each user? Can anyone think of another solution?<BR><BR>Thanks

  2. #2
    Ben Jones Guest

    Default RE: Extracting NT username

    If the directory containing your quiz is protected by NTFS and authenticates all users attempting to access it (open the MMC, find the directory on your web server, right-click, select "properties", go to "security" tab, disable anon. access and enable authentication). You can then retrieve the NT username supplied like this:<BR><BR>&#060;%<BR>username = request.serverVariables("LOGON_USER")<BR>%&#062;

  3. #3
    David Gault Guest

    Default RE: Extracting NT username

    Thanks Ben -<BR><BR>I had hoped to avoid having to prompt for an additional login to open the quiz (and use the initial system login) but I don&#039t see any other way around it.<BR><BR>The CGI variables are the route I intend to take but until the user is forced to enter a username/password, the LOGON_USER is empty. Why doesn&#039t LOGON_USER hold the login value from the initial logon to the system. Are CGI variables set only through the browser therefore the initial logon to the system is unknown?<BR><BR>Thanks,

  4. #4
    Ben Jones Guest

    Default RE: Extracting NT username

    If LOGON_USER stored the actually NT login-name of the person browsing a web site it would be a huge potential security hole. Think about it -- web site operators could compile lists of IP addresses within companies and have the username for those systems! Given the poor selection of passwords for a lot of people, this would be a big first step in opening holes to the company&#039s network.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts