Back to product page

UseNTAuthentication property


Determines if native NT authentication is used for user's access.

Type

A Boolean value

Syntax

  • Basic
object.UseNTAuthentication [= value]    
The UseNTAuthentication(object,value) syntax has these parts:
objectAn expression evaluating to an object of type SSHUser.
valueA Boolean value.

Remarks

This property allows you to let your OS determine if client supplied valid login/password combination and therefore he can access your system. When set to True (from inside LoginPassword event), you CAN check if provided Login/Password and allow access if you want to - but you can also ignore that event (just set this property to True).

For example, idea is to allow user 'joe' with password 'joe' to connect as guest to local system. There is no 'joe' account defined on the system - but it is not important at all. You will check by yourself if user enter proper login and password, and then just give control to wodSSHServer to give guest credentials to the client. For example, you could use code like this:
 
Private Sub SSHD1_LoginPassword(ByVal User As wodSSHDComLIB.ISSHUser, ByVal Login As String, ByVal Password As String, Action As wodSSHDComLIB.SSHActions)
     If Login = "joe" And Password = "joe" Then
           Action = Allow
           User.UseNTAuthentication = True
           User.Login = "guest"
           User.Password = "guestpassword"
     Else
           Action = Deny
     End If
End Sub
 

and if valid login and pass are entered - you will provide proper account credentials to the system to login him as guest.

Also, you don't have to check login and password at all, let OS do it for you. Use code like this:
 
Private Sub wodSSHD1_LoginPassword(ByVal User As wodSSHDComLIB.ISSHUser, ByVal Login As String, ByVal Password As String, Action As wodSSHDComLIB.SSHActions)
     Action = Allow
     User.UseNTAuthentication = True
End Sub
 

don't think this will let everyone to connect (because we Allowed access). This only means you will Allow system to check provided Login and Password (they are already stored as User.Login and User.Password properties. You can optionally set User.Domain if you want to test credentials using your domain controller. That's all!

WARNING: To use this option on Win2000 or higher, you have to set special privileges for user who is running wodSSHServer. To be more precise, user must: "Act as part of the operating system" (SeTcbPrivilege) "Increase quotas" (SeIncreaseQuotasPrivilege) "Replace a process-level token" (SeAssignPrimaryTokenPrivilege) to set these privileges for yourself, open Control Panel, Administrative Tools, Local Security Policy, User Rights Assignment and add yourself in 'Security Setting' field.

Platforms

Windows