Validate username and password against Active Directory

Resolved Validate username and password against Active Directory

How-to

Votes

Undo

Bryan Comeau
PowerBuilder
Monday, 4 March 2019 12:50 PM UTC

Hello,

We have Client-Server applications where we want the users log in with their Active Directory account. How can we validate username and password against Active Directory? We are using PowerBuilder 2017 R2.

Responses (5)

Miguel Leeuwe Accepted Answer Pending Moderation

Thursday, 19 September 2019 22:03 PM UTC
PowerBuilder
# 1

For Oracle users, this might be a helpful link:

https://docs.oracle.com/cd/B28359_01/win.111/b32010/authen.htm#i1006045

Comment

There are no comments made yet.

Michael Kramer Accepted Answer Pending Moderation

Saturday, 14 September 2019 00:45 AM UTC
PowerBuilder
# 2

Many traditional client/server apps require DB login at startup. Example here asks database for user's identity right after DB connect.

SQLCA.DBMS       = "SNC"
SQLCA.ServerName = "DemoServer"
SQLCA.DBParm     = "Database='DemoDB',Provider='SQLNCLI11',TrustedConnection=1"

CONNECT USING SQLCA;

SELECT ADLogin  INTO  :ls_loginName
FROM  (SELECT ORIGINAL_LOGIN() [ADLogin]) a
USING SQLCA;

TIPS:

SUSER_NAME() / USER_NAME() change values when app calls EXECUTE AS LOGIN / EXECUTE AS USER
ORIGINAL_LOGIN() retains identity.

HTH /Michael

Comment

There are no comments made yet.

Christophe Dufourmantelle Accepted Answer Pending Moderation

Wednesday, 6 March 2019 04:53 AM UTC
PowerBuilder
# 3

You can use Visual Guard, to let users log in with their Active Directory account.

Once plugged into the PowerBuilder app, it offers 2 options:

1. Single Sign-On (users don't have to enter credentials - they are automatically logged with the current Windows account)

                        if isvalid(guo_vgmanager) Then
                          if guo_vgmanager.of_VerifyUser() > 0 Then
                             Open(w_Main)
                          Else
                        Return
                          End if
                        End if

2. Users enter their credentials - this can work even if they are not running the app in the AD domain

                        if isvalid(guo_vgmanager) Then
                          if guo_vgmanager.of_VerifyUser(VGlogin, VGpassword, vg_n_authenticationmode.windowsbycredential) > 0 Then
                            Open(w_Main)
                          Else
                        Return
                          End if
                        End if

Beside user log in, you can pick additional security features (Permissions Management, Security Audit, Administration Console, etc.).

Regards,
Christophe

Comment

Bryan Comeau
Wednesday, 6 March 2019 12:14 PM UTC

Nice to know that this exist... But for now I just need authentication....

Helpful 0

There are no comments made yet.

Stuart Macandrew Accepted Answer Pending Moderation

Monday, 4 March 2019 23:33 PM UTC
PowerBuilder
# 4

Try something like this -

Declare an external function

function long LogonUser(string username, string domain, string password, long logontype, long logonprovider, ref ulong hToken) library "Advapi32" alias for "LogonUserA;Ansi"

And Validate like this;

Constant long  LOGON32_LOGON_NETWORK  = 3

Constant long  LOGON32_PROVIDER_DEFAULT  = 0

 long ll_rc

ulong        ulHandle

 ll_rc = LogonUser( sle_user_id.text , sle_domain.text ,  sle_password.text  , LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, ulHandle)

 Messagebox( "LogonUser", "Return=" + string(ll_rc) )

 if ll_rc > 0 then

CloseHandle(ulHandle)

else

ll_rc = GetLasterror( )

Messagebox( "LogonUser", "GetLastError Return=" + string(ll_rc) )

end if

Comment

Bryan Comeau
Wednesday, 6 March 2019 12:12 PM UTC

Thank you! It is doing exactly what I needed and really simple...

Helpful 0

There are no comments made yet.

Chris Pollach @Appeon Accepted Answer Pending Moderation

Monday, 4 March 2019 18:07 PM UTC
PowerBuilder
# 5

Hi Bryan;

I did a presentation on A.D. processing from PowerBuilder and PowerServer at the Elevate 2018 conference.

FYI: https://www.appeon.com/user/center/mydocuments?op=downloadfileByPdf&fileName=Elevate%202018_145.pdf&ID=145

HTH
Regards ... Chris

Comment

Load more comments

Juan Carlos Rojas
Friday, 13 September 2019 20:53 PM UTC

Hello. I have the same necessity, "Validate username and password against Active Directory " but I don´t understand this code by Stuart Macandrew . Where´s the code of the function? for example:

library "Advapi32" alias for "LogonUserA;Ansi

What does it mean?

Can you help me, please?

Thanks.

Helpful 0

Chris Pollach @Appeon
Friday, 13 September 2019 21:01 PM UTC

Hi Juan;

Its an "external" call to an MS-Windows API function. The proper declaration though for Appeon PB should be ...

FUNCTION long LogonUser (string username, string domain, string password, long logontype, long logonprovider, ref ulong hToken) library "Advapi32" alias for "LogonUserW"

Regards ... Chris

Helpful 0

Juan Carlos Rojas
Friday, 13 September 2019 21:33 PM UTC

Hi. I appreciate your timely response. However, I ask you to apologize, but I still do not understand what should be done to implement this code. It is not clear to me. I understand that a function must be declared but I don't know how to define the type of variables in certain cases. For example ref ulong hToken. Is ulong the type of variable? I also don't understand if libraries like the Advapi32 library should be imported somewhere. You could be more descriptive to see if I can solve my case. Thank you.

Helpful 0

There are no comments made yet.

Page :
1

There are no replies made for this question yet.
However, you are not allowed to reply to this question.

Please login to post a reply

You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here. Register Here »

Forgot Password?

Resolved Validate username and password against Active Directory

Find Questions by Tag