[Tutor] Check if user exist in domain
jon.papageorgiou at wachovia.com
jon.papageorgiou at wachovia.com
Tue Mar 1 19:29:07 CET 2005
I need to check if a user is in a domain from a computer that is not in a
domain. Currently, we are running an NT domain, but will be moving to
ActiveDirectory2003 in the next few months.
I thought if I could get user information for the user I could verify that
the user account existed:
#CODE STARTS HERE
######################################################
import win32net
import win32netcon
domain = "domain"
login = "userid"
try:
#get the server for the domain -- it has to be a primary dc
server = str(win32net.NetGetDCName("",domain))
print server
#info returns a dictionary of information
info = win32net.NetUserGetInfo(server, login, 1)
print info#['full_name']
except win32net.error:
print "Error: " + login + " not found in " + domain + "."
#CODE ENDS HERE
######################################################
The problem is that the following code only works when one is logged in
locally with a UserID and password that is the SAME as a UserID and
password on the Domain.
Example:
Domain : Berlin Stand-alone <<- Different
User : Frank Frank <<- Same
Password: frank'spassword frank'spassword <<- Same
So I then attempted to authenticate with alternate credentials. The
following code did not work.It blew up on line 20.
#CODE STARTS HERE
######################################################
import sys
import win32api
import win32net
import win32netcon
import win32security
import win32con
domain = "berlin"
login = "hans"
userwithrights = "frank"
userwithrightspassword = "frank'spassword"
#code blows up on next line
hUser = win32security.LogonUser(
userwithrights,
domain,
userwithrightspassword,
win32con.LOGON32_LOGON_INTERACTIVE,
win32con.LOGON32_PROVIDER_DEFAULT
)
win32security.ImpersonateLoggedOnUser(hUser)
print win32api.GetUserName() # Should display "frank"
#code to be run with alternate credentials
try:
#get the server for the domain -- it has to be a primary dc
server = str(win32net.NetGetDCName("",domain))
print server
#info returns a dictionary of information
info = win32net.NetUserGetInfo(server, login, 1)
print info#['full_name']
except win32net.error:
print "Error: " + login + " not found in " + domain + "."
win32security.RevertToSelf()
hUser.Close()
#CODE ENDS HERE
######################################################
The output I receive is as follows:
Traceback (most recent call last):
File "C:\Documents and
Settings\Administrator\Desktop\python-components\getuser2.py", line 20, in
?
win32con.LOGON32_PROVIDER_DEFAULT
pywintypes.error: (1326, 'LogonUser', 'Logon failure: unknown user name or
bad password.')
The account being checked and the account that I am impersonating are both
domain admins and the password I am using is correct.
Can anybody point me in the right direction as to what I am missing?
Jon Papageorgiou
More information about the Tutor
mailing list