none
How to get Windows Login credentials using C#.Net?

    Question

  • Hi,

     

    How can we get Windows logged in user credential using C#.NET API?

     

    Do we have any API to get the current User login and password ?

     

    Thanx in advance,

    yagnesh

    Wednesday, April 09, 2008 11:15 AM

Answers

  • You can get the current identity of the user under which the current thread is running (not necessarily the logged in user) using WindowsIdentity.GetCurrent().  Alternatively you can get the logged in user name via the Environment.UserName property.  It is not guaranteed to be the user running the current process however.

     

    There is no Windows API to get a user's password as passwords aren't stored in Windows.  Instead Windows stores a one-way hashed version.

     

    Michael Taylor - 4/9/08

    http://p3net.mvps.org

     

    Wednesday, April 09, 2008 12:58 PM
    Moderator
  • You can get current credential of logged user using System.Net.CredentialCache.DefaultCredentials and also System.Net.CredentialCache.DefaultNetworkCredentials but from them you can't read nothing usefull like username or password. You can create new credential by setting Username, Password and maybe Domain but reading is not posible and never will be.
    Wednesday, April 09, 2008 11:31 AM
  • I want to add to the previous answers.

    In a web application, you need to invoke the following code to get the user identity of the active user on the current request -

    Code Snippet

    System.Web.HttpContext.Current.User.Identity


    This is a little different from the case when you are not developing web applications, because under default settings the current windows user thats running a web application on the server is the IIS user account and not the actual user account associated with a particular request.


    -Sohan
    MCTS, CSM
    http://smsohan.blogspot.com

    Wednesday, April 09, 2008 5:32 PM

All replies

  • You can get current credential of logged user using System.Net.CredentialCache.DefaultCredentials and also System.Net.CredentialCache.DefaultNetworkCredentials but from them you can't read nothing usefull like username or password. You can create new credential by setting Username, Password and maybe Domain but reading is not posible and never will be.
    Wednesday, April 09, 2008 11:31 AM
  • You can get the current identity of the user under which the current thread is running (not necessarily the logged in user) using WindowsIdentity.GetCurrent().  Alternatively you can get the logged in user name via the Environment.UserName property.  It is not guaranteed to be the user running the current process however.

     

    There is no Windows API to get a user's password as passwords aren't stored in Windows.  Instead Windows stores a one-way hashed version.

     

    Michael Taylor - 4/9/08

    http://p3net.mvps.org

     

    Wednesday, April 09, 2008 12:58 PM
    Moderator
  • I want to add to the previous answers.

    In a web application, you need to invoke the following code to get the user identity of the active user on the current request -

    Code Snippet

    System.Web.HttpContext.Current.User.Identity


    This is a little different from the case when you are not developing web applications, because under default settings the current windows user thats running a web application on the server is the IIS user account and not the actual user account associated with a particular request.


    -Sohan
    MCTS, CSM
    http://smsohan.blogspot.com

    Wednesday, April 09, 2008 5:32 PM
  • How would I make the user enter a username and password (Windows application, not web application) verify that against an AD and run code according to user role? could someone give me a simple example? (I'm new to C# bdw)
    Saturday, August 15, 2009 4:51 PM
  • mmm...

    Trust me, the problem will come in later when you try to use the Current Logged on Users' AD details to try to log you into a website.

    AD needs to be in sync with the user, website needs to be on same domain as user, AD server needs to be on the same domain as this and that :(. I'm still unable to get a straight explanation on how to get the current user AD details. And the only way to get it is to have a sad popup prompting the user. :( I wish someone could could in detail explain exactly what to do.

    To assist in your question. You can use

    WindowsPrincipal P = Thread.CurrentPrincipal as WindowsPrincipal;
    P.Identity.Name;

    Context.User.Identity.Name;

    I haven't come across anything that allows you to the user's password.
    Wednesday, September 23, 2009 7:32 AM
  • I've found this article <a href="http://support.microsoft.com/kb/308160"></a>[<a href="http://support.microsoft.com/kb/308160" target="_blank" title="New Window">Windows support</a>]

    There's a very interesting section briefly explain the problem I'm receiving.

    Integrated Windows authentication
    Integrated Windows authentication is more secure than basic authentication and it functions well in an Intranet environment where users have Windows domain accounts. In integrated Windows authentication, the <b>browser attempts to use the current user's credentials from a domain logon and if this fails, the user is prompted to enter a user name and password</b>. If you use integrated Windows authentication, the user's password is not transmitted to the server. If the user has logged on to the local computer as a domain user, the user does not have to authenticate again when the user accesses a network computer in that domain.

    NOTE: You cannot use integrated Windows authentication through a proxy server.

    But as you can see, no real explanation of why it wouldn't get the user's domain logon. Or what needs to be done to allow the browser to get the domain logon. :(
    Wednesday, September 23, 2009 7:44 AM
  • Hi
    We have sites using ldap authentication and wanted to login directly via sso ..after searching a lot i used this code to get my network user name.
    used a browser IE 7 and XP machines.using Intg Windows Authentication in IIS only.

    using System.Security.Principal;
    using System.Threading;

    WindowsPrincipal p = Thread.CurrentPrincipal as WindowsPrincipal;
    Response.Write("<br>identity : " + p.Identity.Name);

    using the domain and userid i checked ADS and did the rest.
    Thursday, January 28, 2010 6:42 AM
  • Environment.Username surely helps to find the username.





    • Edited by SK198 Friday, October 11, 2013 5:26 AM
    Wednesday, December 21, 2011 1:04 PM