Possible duplicate:
User Authentication with Active Directory in Client-Server Application
I am trying to use a single input in my program using unmanaged C ++, and you need to determine if the current Windows user is checked in my domain. If I find a way to find out that the user is authenticated, I will allow him to log into my desktop application without requiring a password (the usernames are the same in my application and in the domain).
I can authenticate directly against Active Directory using ADsOpenObject () , but this requires a username, password and privileges, I need to do this only with the username and without entering the user itself.
With .net, I could use something from System.DirectoryServices, for example, in this thread.
As far as I figured out, this task might include analyzing Windows security tokens to ensure proper operation. This has been discussed in detail in this thread and has been addressed for Java in this thread. Although I do not need a strict SSO, as my application is not trying to access anything related to the domain.
Is an SSPI ticket the only way, or can I use some ADSI / WinLogon / CredentialsCache property to make it work?
source share