Sometimes the requirements may arrive when you want your employees to log in from allocated machine(s) only. Such sitiations are most common in enterprises where high level of security is required and specially when your core business relies on core data.Imaging a situation where user from a different department is siting on a programmer's workstation trying to send the data outside of the organization and even worse the same person sits on the manager's workstation accessing the files !!!In all possibilities, you will not appreciate such an attempt and wish for asecure method of FIXING the work station to employee names or maybe the employee id.There are several ways for acheiving the IP Address bonding but doing it programmatically has a different charm and effect altogether since it allows you greater customization and control.
n this article we will discuss how this can be achieved using Visual Basic 6.0 and Win32 API.
Steps:
1. Create the Database Table with sample records
2. Create Visual Basic Project file with neccessary code
3. Adding the program in the registry so it runs once the user logs in to the system
4. Testing the program
1. Create the database table with sample records:Assume that you have SQL Server 7/2000/2005Open Query analyzer and connect to the database.
In the query window, type:
USE NORTHWIND
CREATE TABLE User_IP_Address( EntryID numeric IDENTITY(1,1) PRIMARY KEY, USerName varchar(50) NOT NULL, IPAddress varchar(15) NOT NULL)GO
2. Create Visual Basic Project file with neccessary code:
Create new Visual Basic Standard exe project and put the code in form load so it runs as soon as the program is called by windows start-up service.
Pivate Sub Form_Load()
Call CheckAuthenticity()
End Sub
Sub CheckAuthenticity()
Dim objConnection as new ADODB.Connection
Dim objrsValidate as new ADODB.Recordset
objConnection.open "DSN=security" ' CREATE THE DSN in ODBC Manager and point it to use NORTHWIND
objrsValidate.ActiveConnection = objConnection
WindowsUserName = GetWindowsUserName
WindowsIPAddress = GetWindowsIPAddress
objrsValidate.Open " execute proc_ValidateLogin '" & WindowsUserName & "','" & WindowsIPAddress & "'"
End Sub
' Define it in the module
Public Declare Function gethostname Lib "WSOCK32.DLL" (ByVal hostname$, ByVal HostLen&) As LongPublic Declare Function gethostbyname Lib "WSOCK32.DLL" (ByVal hostname$) As Long
Public Declare Sub RtlMoveMemory Lib "kernel32" (hpvDest As Any, ByVal hpvSource&, ByVal cbCopy&)Public Declare Function GetUserName Lib "advapi32.dll" Alias "GetUserNameA" _ (ByVal lpBuffer As String, nSize As Long) As Long
' ************************************************************************************
' Defining GetWindowsUserName, define it in module
Public Function GetWindowsUserName() As String' Dimension variables
Dim lpBuff As String * 25Dim ret As Long, UserName As String ' Get the user name minus any trailing spaces found in the name.
ret = GetUserName(lpBuff, 25) UserName = Left(lpBuff, InStr(lpBuff, Chr(0)) - 1)
' Display the User Name GetWindowsUserName = UserName
End Function
' ************************************************************************************
' Defining GetWindowsIPAddress, define it in module
Public Function GetWindowsIPAddress() As String
Dim hostname As String * 256
Dim hostent_addr As Long
Dim host As HOSTENT
Dim hostip_addr As Long
Dim temp_ip_address() As Byte
Dim i As Integer
Dim ip_address As String
gethostname hostname, 256
hostname = Trim$(hostname)
hostent_addr = gethostbyname(hostname)
If hostent_addr = 0 Then
MsgBox "Winsock.dll is not responding."
End If
RtlMoveMemory host, hostent_addr, LenB(host)
RtlMoveMemory hostip_addr, host.hAddrList, 4
ReDim temp_ip_address(1 To host.hLength)
RtlMoveMemory temp_ip_address(1), hostip_addr, host.hLength
For i = 1 To host.hLength
ip_address = ip_address & temp_ip_address(i) & "."
Next
ip_address = Mid$(ip_addraddress) - 1)
GetWindowsIPAddress = ip_address
End Function
3. Addiin the registry so it runs once the user logs in to the system
a. Compile the program and create executeable
b. Add the newly created executeable in the following registry entry, (Default, value data) HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
4. Testing the program
1. Add entry in User_IP_Address with the current machine's IP Address and the user name
2. Log in to windows, you should be logged-out of windows.
1. Remove entry in User_IP_Address with the current machine's IP Address and the user name
2. Log in to windows, you should get logged-in successfully.