Hi,

In my application I need to authenticate the windows user
based on his username and password. The situation is like
this..
Database is SQL Server 2000 - using Integrated Security.

There is a situation where we need dual control to modify
a field. User1 is the one who modified the field, now
User2 need to authenticate this. So he goes to User1's
machine and in the dual control field enter his windows
username and password.

How can I validate he has entered valid password? I have
read a article about how to do this using Windows API in
Visual Basic 6.0. Is that the only way to do this?

Anybody else has a better idea?? Please Help!

Thanks in advance!

You'll have to use the LogonUser API call. If it succeeds, the user entered
a valid user id and password.
If you need to further use the account information, you can take the token
returned by this function and use it to create a .NET WindowsIdenity and
WindowsPrincipal object. That will let you do things like impersonation and
group membership checks.

-Rob

"Srinivas" <srinivask@sbcglobal.net> wrote:
>
>Hi,
>
>In my application I need to authenticate the windows user
>based on his username and password. The situation is like
>this..
>Database is SQL Server 2000 - using Integrated Security.
>
>There is a situation where we need dual control to modify
>a field. User1 is the one who modified the field, now
>User2 need to authenticate this. So he goes to User1's
>machine and in the dual control field enter his windows
>username and password.
>
>How can I validate he has entered valid password? I have
>read a article about how to do this using Windows API in
>Visual Basic 6.0. Is that the only way to do this?
>
>Anybody else has a better idea?? Please Help!
>
>Thanks in advance!

"Srinivas" <srinivask@sbcglobal.net> wrote in message
news:3cec1512@10.1.10.29...

Whatever Rob said...but:

Have you considered what a clunky solution it is you're building? I don't
know anything about your user environment of course, but you're building an
app that requires a second user to physically walk over to a PC, sign in and
approve something. That is not a very efficient way of doing things you
know... What if the supervisor isn't there? Does that request not get done
until he/she gets back from lunch/holiday/sick leave? Seems to me you are
using technology to imitate an old world solution here....

Why not consider sending/forwarding the authorisation request to the
supervisor (or stand in)...then the supervisor simply goes through a check
list and ticks a box authorising the transaction etc...and the employee is
happily getting on with his/her work in the meantime.

Just a suggestion....

rgds
John Butler

Thank You Rob, I was unsure about using the API. I do not know whether the
program will be able to validate a different user while the other user is
logged in. I will experiment with this, thanks again for the suggestion.

John, appreciate your comments. I agree with you in total. But I have a
situation like that, which I cannot avoid. You must be knowing better than
me about user requirements, dead lines, financial calculations.
I was trying for a amicable solution, this is what I came up with. It is
enough if the coworker validates the entry, also users are processing at
around 6:30 AM in the morning.

But to tell you very frankly Sir, I do not like the solution.......


"John Butler" <nospamjrbutler@btinternet.com> wrote in message
news:3ced5823@10.1.10.29...
>
> "Srinivas" <srinivask@sbcglobal.net> wrote in message
> news:3cec1512@10.1.10.29...
>
> Whatever Rob said...but:
>
> Have you considered what a clunky solution it is you're building? I don't
> know anything about your user environment of course, but you're building
an
> app that requires a second user to physically walk over to a PC, sign in
and
> approve something. That is not a very efficient way of doing things you
> know... What if the supervisor isn't there? Does that request not get done
> until he/she gets back from lunch/holiday/sick leave? Seems to me you are
> using technology to imitate an old world solution here....
>
> Why not consider sending/forwarding the authorisation request to the
> supervisor (or stand in)...then the supervisor simply goes through a check
> list and ticks a box authorising the transaction etc...and the employee is
> happily getting on with his/her work in the meantime.
>
> Just a suggestion....
>
> rgds
> John Butler
>
>
>

>>>Anybody else has a better idea?? Please Help!

>But to tell you very frankly Sir, I do not like the solution.......

Hey you asked!

--
Anthony Jones
Nuesoft Ltd

Sorry If you misunderstood, I was answering John's question about my design,
where a user physically go to another user's machine and enter his userid
and password. I myself do not like this solution. So it is this peice of my
design which I do not like.

"Anthony Jones" <anthony.jones@nonuesoft.spamco.uk> wrote in message
news:3cededc9@10.1.10.29...
> >>>Anybody else has a better idea?? Please Help!
>
> >But to tell you very frankly Sir, I do not like the solution.......
>
> Hey you asked!
>
> --
> Anthony Jones
> Nuesoft Ltd
>
>