UserServer version 1.6
by Brian Schaffner <bschaffner@accentonline.com>
DISCLAIMER
No warranty. No crying. No fixes. No responsibility for what you do with this.
Use at your own risk.
DESCRIPTION
UserServer is a Windows NT service that gives you access to Windows NT's
network user/group functions. This includes checking passwords, checking groups,
and converting logon ids to user's full names.
INSTALLATION
There are 2 .EXEs included:
instsvc.exe - used to install the service
userserver.exe - the userserver service
Put the userserver.exe file in the \winnt\system32 directory.
Run instsvc:
instsvc userserver "UserServer Service"
Once installed you may want/need to tweak the parameters by using the Services
applet in the Control Panel.
The service can also be run from the command line. It accepts 2 command line arguments:
userserver <port> <pdc>
The port allows you to specify what port the server will listen on. The default is port 11.
The PDC is a domain controller on your network. Currently, UserServer has only been tested
on single-domain networks. If no PDC is specified, the server will look for one.
FEATURES
GETUSERS
returns a list of all domain users
GETGROUPS
returns a list of all domain groups, or groups for specific user
GETNAME
returns the full name for a specific user
GETUSERSINGROUP
returns a list of users in a specific group
CHECKPASSWORD
returns 1 if the username/password is good or 0 if not
You can test the features by telnetting to the server at the listening port. Then enter the
command. The server expects an "ACK" (a new line - so hit the return key) after it sends each
line. When the server is finished sending data, it will send a SHUTDOWN message. While the
server is sending data you can send a QUIT which quits immediately or a STOP which stops the
server from sending data. After a STOP or after the SERVER sends a SHUTDOWN you can send a CONT
message, followed by a new command. This keeps you from having to open a new session everytime
you want to make a request. After the final SHUTDOWN from the server, send SDACK (shutdown
acknowledged) to end the connection.
USERSERVER AND PHP
In addition to the userserver service, I've included users.php3. This PHP library gives you an
interface to the userserver functions via PHP. The functions in users.php3 are:
CheckPassword($user, $password)
* returns 1 for good, 0 for bad
IsUserInGroup($user, $group)
* returns 1 if yes, 0 if no
GetUserList()
* returns a list of users (caching mechanism included)
GetUserListGroup($group)
* returns a list of users in a specific group (caching mechanism included)
IsUserInGroup2($user, $group)
* returns 1 if user is in group, 0 if not
Users.php3 also includes the following LDAP wrapper functions that can talk
to an Exchange server:
FindManagerName($user)
* returns the full name of the user's manager
FindManagerId($user)
* returns the login id of the user's manager
GetFullName($user)
* returns the fullname for the login id
GetEmail($fullname)
* returns the email address
GetPhone($fullname)
* returns the phone number
GetDepartments()
* returns a list of departments
FUTURE
There is also a mod_auth_samba that works with the userserver to authorize users by group
for access. My plans are to drop the samba part, and just use userserver. I haven't really
decided which way to go with this...
