MS Logon as current user

Any feature you'd like to see in Ultr@VNC? Just propose it here.

MS Logon as current user

Postby yesod » 2004-07-19 19:29

I'd like to be able to logon as current user if the currently logged user is a member of the specified group in ms logon panel.
(no user/pass prompt)

Postby Marscha » 2004-07-20 07:58

I agree that this would be a great feature since it is the usage scenario I expect in most cases.
Unfortunately I think that this would require to change the VNC (authentication) protocol.
Besides that I have no idea how to implement this because Windows does not cache username and password from the Windows logon.
Former moderator
Former moderator
Posts: 471
Joined: 2004-05-14 06:48

Postby yesod » 2004-07-20 12:33

You can get the currently logged user name with this function (in Delphi)

function GetMyNetUserName: string;
localName : array[0..255] of char;
userName : array[0..255] of char;
rc : Integer;
len : cardinal;
FillChar(localname,sizeof(localName), #00 );
FillChar(userName, sizeof(userName), #00);
len := 255-1;
rc := WNetGetUser(localName,userName,len);
if ( rc <> 0 ) then
result := ''
result := strpas(userName);

After that you can validate the username on active directory like you seem to do already

Postby Marscha » 2004-07-21 06:55

ok, username is no problem (you can even find it in the environment as USERNAME), but the password...
AFAIK the password is never ever stored somewhere, only something like a hash.
Maybe there is some way to authenticate with these stored credentials, but I don't know of it.
Former moderator
Former moderator
Posts: 471
Joined: 2004-05-14 06:48

Postby Guest » 2004-08-13 13:39

Maybe you don't need the password for a domain user where the server and remote are in the same domain? You know that the user is already validated in the domain. Is it enough just to check that the domain user is a member of one of the access groups specified on the VNC sever?

This wouldn't work for local accounts or different domains, but would cover the most common admin situation. Does this make sense, or am I overlooking something?

Postby prandal » 2004-08-13 21:06

You could peek at Mozilla's Bug 231529 which seeks to do the same thing :-)
Posts: 36
Joined: 2004-06-08 15:24

Postby Rudi De Vos » 2004-08-13 21:28

Impersonation a user wil only work running as service
Running as application, you have a permission problem.
9.X/NT/W2K/XP handle the security different.
Possible, seperate code is needed for each OS.

Also, the server should pass the user name to the viewer.
"protocol change"
Without knowing the logged user, you don't have a clue for the password.

A simple thing can get a huge program :)
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 5994
Joined: 2004-04-23 10:21

Return to Feature requests

Who is online

Users browsing this forum: No registered users and 1 guest