Subscribe via RSS
Toggle Submenu
  1. Categories
  2. Recent
  3. Tags
View Replies (3)

Resolved Windows Authentication with SQL Server

  1. How-to
0
Votes
Undo
  1. Tim Bruce
    Tim Bruce
  2. PowerBuilder
  3. Tuesday, 21 February 2023 14:44 PM UTC

Hello,

PowerBuilder 2019

Sql Server 2019

Is there a way to authenticate a AD account that's not the current windows user with SQL Server?  

For instance 

John Doe is logged into windows 

Jane Doe logs into the app

We need Jane Doe Authenticating not John Doe

This is my code so far

App.ini

DBParm = "ConnectString='DSN=SERVER',ConnectOption='SQL_INTEGRATED_SECURITY,SQL_IS_ON', MsgTerse='Yes',DisableBind=1,DelimitIdentifier='No'"

 

External functions 

Function boolean LogonUser ( string lpszUsername, string lpszDomain, string lpszPassword, ulong dwLogonType, ulong dwLogonProvider, ref ulong phToken) Library "advapi32.dll" Alias For "LogonUserW"
Function boolean CloseHandle (ulong hObject) Library "kernel32.dll"

 

PowerScript 

lb_result = LogonUser( as_uid, ls_domain, as_pwd, LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, lul_token )

 

When I try to connect as Jane Doe it seems to work ok but when I look at the connections in the database I'm actually connected as John Doe.

Is there a way to do this?

 

 

Opening a word document inside ole control
powergen for powerbuilder 19 (R3)
Responses (3)
Tim Bruce
Tim Bruce Accepted Answer Pending Moderation
  1. Tuesday, 21 February 2023 17:40 PM UTC
  2. PowerBuilder
  3. # 1

Thanks guys,

Client is fine with credentials being tied to windows auth, so I'll just leave it as is

 

Comment
There are no comments made yet.
Chris Pollach @Appeon
Chris Pollach @Appeon Accepted Answer Pending Moderation
  1. Tuesday, 21 February 2023 17:18 PM UTC
  2. PowerBuilder
  3. # 2

Hi Tom;

  That's because the ODBC middle ware is actually performing the actual connect to SS & not your PB app. Thus, ODBC is providing SS your Windows authentication credentials.

Regards ... Chris 

Comment
There are no comments made yet.
Roland Smith
Roland Smith Accepted Answer Pending Moderation
  1. Tuesday, 21 February 2023 15:48 PM UTC
  2. PowerBuilder
  3. # 3

The whole point of Windows Authentication is that the app is connected as the Windows user without having to transmit their credentials to the database server.

You can validate Jane's Windows Userid/Password with those API functions but you would then have to pass them in the usual way without Windows Authentication turned on.

Comment
Armeen Mazda @Appeon
  1. Armeen Mazda @Appeon
  2. Tuesday, 21 February 2023 16:06 PM UTC
Adding to what Roland said, if different users are sharing the same Windows account (e.g. Jan is using the app on John's machine), the usual way we see most customers do it is prompt the user for username/password in your app dialog and then pass that to the DB using the traditional SQL Server authentication method.
  1. Helpful
Arnd Schmidt
  1. Arnd Schmidt
  2. Tuesday, 21 February 2023 16:57 PM UTC
I wonder what happens if you run the app as other user (Jane Doe).

Can you try this and give back a feedback?

  1. Helpful
Miguel Leeuwe
  1. Miguel Leeuwe
  2. Tuesday, 21 February 2023 17:31 PM UTC
Create a windows user for Jane Doe on the same machine, have her log in as herself, problem solved ?

  1. Helpful
There are no comments made yet.
  • Page :
  • 1


There are no replies made for this question yet.
However, you are not allowed to reply to this question.