Jump to content

LabVIEW and windows authentication


Jonas

Recommended Posts

Is there an easy way to use windows authentication within LabVIEW?

Tried to browse through . net functions but I couldn’t find a usefull one…

I’m using a 64 bit windows 7 system and I want a function that checks if the user and password combination is valid and which groups the user is member of.

Thanks in advance.

Edited by Jonas
  • Like 1
Link to comment

I'd post code, but it's part of our internal reuse library, so I won't. That said, here's a summary of what you can tyr:

To get a member's groups, call a command prompt with

net group /domain

Then look at the text between the "----------" and the "The command completed successfully". Then iterate over the groups with a command prompt

net user /domain "%s"

for the groups the member belongs to.

Note: you could get the user list first, then loop over them to get groups, but that is *much* slower, depending on how many domain controllers there are, and how geographically distributed they are.

Link to comment
  • 3 months later...

Anybody verified this with Windows XP system. Any changes need to be made to an XP machine to make it work?

Verifying the Domain credentials worked for me on Windows XP, just make sure the domain name is filled in correctly.

Link to comment
  • 3 years later...
  • 4 months later...

Hi,

Could anyone help me sort out how to obtain the list of users groups? I've permanently got the "System.Security.SecurityException: The name provided is not a properly formed account name." when I'm trying use UPN. All work fine for local user (user name is empty). The Validate_Username_and_Password.vi works fine for domain login and local account.

 

I've also tried to get the UserToken via LogonUser() but unsuccessful (see test_logon.vi). It also doesn't work from C++ and the last printf() always returns two zeros.

#include "stdafx.h"
#include <Windows.h>
#include <WinBase.h>
#include <stdio.h>


int _tmain(int argc, _TCHAR* argv[])
{
	HANDLE token = NULL;
	BOOL ret = LogonUserA("myname","mydomain","mypasswd",LOGON32_LOGON_INTERACTIVE,LOGON32_PROVIDER_DEFAULT,&token);
	printf("%d %ul\n", ret, token);
}

I'm using WIN10 64 bit and my computer not belongs to domain. I'm using local account.

 

Thanks in advance

test_logon.vi

Link to comment
  • 2 months later...

Hi!

 

Thank you very much. This great piece of work made my day  :yes:

 

Cheers.

 

Andy

 

Here are the VIs we use for Windows authentication and domain groups.

Validate Username and Password.vi takes the username and password and returns a TRUE if it validates against the domain controller.
User in Group.vi takes a username (or current user if left blank) and a Domain Group name and returns TRUE if the user is a member.
User Groups.vi takes a username (or current user if left blank) and returns an array of Domain Groups to which the user belongs.

We only use these on our internal network, so I can't guarantee they work in every situation. Still, they may give you a starting point if you need something similar.

Pat

P.S. LabVIEW 2010sp1

Link to comment
  • 1 year later...

Great vi,

but I need to give some privilegis at a labview.exe file, when the app is runing under a standard user without this privilegis, what is the way to give some privilegis at the current execution. (of course I have a user with administrative privilegies)

I working with Windows 10 or 7, and Labview 2017.

Thanks in advanced

Link to comment
  • 4 months later...
  • 7 months later...

The "validate user and password.vi" gives the programmer direct access to the users password. It may be starred out but there it is. Is there a native Windows call opens a standard windows window that prompts for both user name and password so that the programmer doesn't have direct access to the users password?

Thanks lavezza for the .NET code!

Norm

Link to comment

I was curious about this -- I wasn't able to find any example of code which offloads all the password handling to windows. You can open the standard windows login dialog, but you still get the password back. 

From a more realistic perspective, this is to be expected. When you use single-sign on from a browser, chrome or firefox has access to your password. When you log into your bank, google has your information. If you use a bad browser plugin, someone in the ukraine might have your information. 

Link to comment
  • 1 year later...
On 12/8/2011 at 1:24 PM, lavezza said:

Here are the VIs we use for Windows authentication and domain groups.

Validate Username and Password.vi takes the username and password and returns a TRUE if it validates against the domain controller.

User in Group.vi takes a username (or current user if left blank) and a Domain Group name and returns TRUE if the user is a member.

User Groups.vi takes a username (or current user if left blank) and returns an array of Domain Groups to which the user belongs.

We only use these on our internal network, so I can't guarantee they work in every situation. Still, they may give you a starting point if you need something similar.

Pat

P.S. LabVIEW 2010sp1

User Groups.vi 18.31 kB · 923 downloads

User in Group.vi 14.18 kB · 815 downloads

Validate Username and Password.vi 19.13 kB · 1,177 downloads

I am using the User in Group.VI to determine if someone belongs to a group.  When I run this VI with an empty string for the name, it defaults to the windowsIdentify "Get Current" and continues.  This part works and I am able to determine if I am in the group.

The next part I enter my windows credential name, which uses the windowsIdentify "sUserPrincipalName", I get a good return of my name, but a False if I'm in the Group.

My goal is to use the text input Name to determine if I or other users are a valid group member.

Any Ideas?  -Thanks

 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.