Hmmm... I dont think this method is going to work. The win32security.LogonUser function doesn't allow you to authenticate to a remote computer. From the docs: --- begin docs --- win32security.LogonUser PyHANDLE = LogonUser( userName, domain , password , logonType , logonProvider ) Attempts to log a user on to the local computer, that is, to the computer from which LogonUser was called. You cannot use LogonUser to log on to a remote computer. Parameters userName : string The name of the user account to log on to. domain : string The name of the domain, or None for the current domain password : string The password to use. logonType : int Specifies the type of logon operation to perform. Must be a combination of the LOGON32_LOGON* constants. logonProvider : int Specifies the logon provider to use. --- end docs --- I am still trying to find the call to do a username/password lookup to a remote machine. -----Original Message----- From: Toby Dickenson To: 'Ian Blenke'; Toby Dickenson Cc: zope@zope.org Sent: 10/20/99 2:32 AM Subject: RE: [Zope] NT User Folder - No Domain support? Hmmmm. Are you running Zope in the local system account (ie the default account for a service?) That account does not have rights to access a network, so probably can not authenticate against the domain controller. Try switching to the account of a user in the domain, and remember to give that user the 'Act as part of the operating system' permission. If I think of anything else, Ill let you know in another 24 hours ;-) -----Original Message----- From: Ian Blenke [mailto:icblenke@2c2.com] Sent: 19 October 1999 22:23 To: 'Toby Dickenson' Cc: zope@zope.org Subject: RE: [Zope] NT User Folder - No Domain support? On Oct 19, 1999, Toby Dickenson wrote:

You can fix this by making some changes to the NTUserFolder source:

1. Change the first parameter from None to the name of a DC, in the calls to NetUserEnum and NetUserGetInfo

2. Change the second parameter from "." to the name of a DC, in the call to LogonUser

That looks like it should work, but it is untested.

You had me convinced :) Unfortunately, this doesn't seem to work. I've tried using the PDC and multiple BDCs, uppercase and lowercase names, and using our domain name instead of a hostname - no joy. Time for me to dig a little deeper into the win32 extensions :)

A question for anyone else using NTUserFolder.... Would it be appropriate to change the default to authenticate in the domain?

It might be nice to add a "domainname" field to the addForm - perhaps with a checkbox to flag "use local SAM only" or some such workaround. - Ian C. Blenke <icblenke@2c2.com> <ian@blenke.com> _______________________________________________ Zope maillist - Zope@zope.org http://www.zope.org/mailman/listinfo/zope (Related lists - please, no cross posts or HTML encoding! To receive general Zope announcements, see: http://www.zope.org/mailman/listinfo/zope-announce For developer-specific issues, zope-dev@zope.org - http://www.zope.org/mailman/listinfo/zope-dev )