Somebody told me the other day that they made an Active-X control that calls Windows APIs to get the network identity. They can embed it on a page or applet and get the information. (Requires a security policy no doubt.) They figure that if a user logs on the network the userid has been sufficiently validated for them. Our customers rejected this concept because the person at the keyboard may not be the one who signed on the network ... supervisors come around to help or diagnose problems or whatever. If you go this route, you'd want your users to be pretty darned careful about locking the workstation when they walk away.
A good question is never answered. It is not a bolt to be tightened into place but a seed to be planted and to bear more seed toward the hope of greening the landscape of the idea. John Ciardi