Active Directory/LDAP :: AD Authentication Using Forms - Dealing With Roles
Mar 2, 2010
I am not really sure if this post should go in the Security section or the Active Directory / LDAP section....with that being said I am looking for advice on how to best accomplish my goal(s), I am working with FORMS authentication, using active directory (across 2 domains). I have got authenticating working correctly based upon the article at: [URL] now - my questions:
1. What is the best way to deal with roles? What I would like to do is restrict access to my application so that only the users that are authorized to use the application can login - not everyone in the AD. My gut feeling tells me I would use an AD group for this. Furthermore, a subset of these users in this group will be allowed to access the data maintenance forms
2. Ideally, in a perfect world, I would like to write this authentication piece as a separate project - this way it could be used for multiple projects - the only thing different would be the AD groups it would be checking. Is there a way that I could set which AD groups or roles in each projects web.config?
Am I approaching this the correct way? What is typically done?
View 7 Replies
Similar Messages:
Feb 8, 2010
LDAP - directory entry issue with out user and password using impersonate and windows authentication
View 1 Replies
Apr 21, 2010
How to provide authentication based on a Active directory security group for a ASP.net webpage. I am using c# laungauge and .Net framework2.
View 3 Replies
Aug 11, 2010
I created one application, and I need to authenticate local user. This user is the user who is login to his/her Personal Computer.. Main thing his that he/she does not in any DOMAIN... I want NON-DOMAIN authentication.
View 4 Replies
Aug 13, 2010
Is it possible to authenticate a user using userDN and password? If so, then tell me the syntax.So far i have tried to authenticate using username and password from my c# code using directoryentry which takes the parameters like domainname,username and password. But i need to authenticate using Userdn and password.
View 1 Replies
Jan 27, 2011
I need to create a web page that authenticates users against an existing active directory. The domain is actually a cloud computing configuration where there is a domain controller and multiple other servers on the stack.
I understand that objects from the System.DirectoryServices namespace can be used. However, I cant seem to path the code to the active directory through the LDAP://domain.com address. There doesnt seem to be any communication going on. I suspect there is some initial configuration necessary or security measures blocking the communication.
I am working with this example from MSDN: http://msdn.microsoft.com/en-us/library/ms180890(v=vs.80).aspx.
I get an error that says the server is not operational.
View 2 Replies
Mar 16, 2010
I tried to use Authentication form with LDAP but when I run my web application I received error: Invalid dn syntax specified. This is my code:
public bool IsAuthenticated(string domain, string username, string password)
{
// string domainAndUsername = domain + @"" + username;
string domainAndUsername = "http://localhost:389
jsmith";
// DirectoryEntry entry = new DirectoryEntry(_path, domainAndUsername, password);// _path = LDAP://localhost:389/dc=example,dc=com
DirectoryEntry entry = new DirectoryEntry("LDAP://localhost:389",domainAndUsername,"rJsmitH");
try
{
Object obj = entry.NativeObject;
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(SAMAccountName=" + username + ")";
search.PropertiesToLoad.Add("cn");
SearchResult result = search.FindOne();
if(null == result)
{
return false;
}
_path = result.Path;
_filterAttribute = (String)result.Properties["cn"][0];
}
catch (System.Exception ex)
{
throw new Exception("Error authenticating user. " + ex.Message);
}
return true;
}
I got exception at line Object obj = entry.NativeObject; and error message is: Invalid dn syntax specified. how can i take a right dn syntax? I tried some domain name such as: LDAP://localhost:389, [URL], ... but I still get this error
View 7 Replies
May 5, 2010
I am trying to restrict access to the webpage using a security group. find the code in the web.config file:
<authentication mode="Windows"/>
<roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider" />
<authorization>
<allow roles="enterprisenet.orgNMR Helpdesk Supt" />
</authorization>
Code in the code behind file of the aspx file i am trying to access:
if (User.IsInRole(@"enterprisenet.orgNMR Helpdesk Supt"))
{}
else
{
Server.Transfer("noaccess.aspx");
}
Group is located in enterprisenet.org/Groups/NMR Helpdesk Supt . Its not working as expected.
View 2 Replies
May 5, 2010
I am using System.directory services namespace in framework 2 to query active directory. I have used fixed user account impersonisation in the web.config file, find the code:
<identity impersonate="true" userName="enterprise ang09" password="Telcome123"/>
<authentication mode="Windows"/>
I have disabled anonymous access in IIS. Also i have given Read & write access to the account tang09 for the website virtual directory and Microsoft.NET folder located in windows folder. But still i get prompted for the domain username and password to access the website.
View 4 Replies
Feb 11, 2011
I want to learn how to add/delete/update account (including adding mail boxes for new users). Can someone point to a good book where I can begin from. I want to start with some real basics and build from there.
View 1 Replies
Sep 3, 2010
Is there any way to find computer owner or computer accounts in activedirectory via ldap?
I wanna to know if it is possible via ldap or another way?
I using c#.
View 5 Replies
Mar 4, 2010
How to get a primary token to solve a double - hop and be able to access Active Directory [URL]
I don't understand a method A where is ASPX page to set the security mechanism to Anonymous only.
View 1 Replies
May 25, 2010
Is there anyway to change a user password as an administrator in active directory using c# code.
View 1 Replies
Mar 13, 2010
have a probleme with my search filter, i want to list the users of an organizational unit result.filter =(& (objectClass= user)(ou=dep1)); ====> it didn't work for me
View 1 Replies
Jun 15, 2010
I need to list a group of users, their group name is (IRS Group) to a list group. how to do this. I'm very new to asp.net and dont have much knowlegde about acctive directory.
View 1 Replies
Sep 23, 2010
our project using active directory on vb.net 1.1 and server 2003. We will be upgrade to vb.net 3.5 and server 2008.
In this case, 1. We convert all vb.net 1.1 application to vb.net 3.5 and run on server 2003.
Then later on, 2. Our server will upgrade to server 2003 to server 2008.
I would linke to know after doing above two phase will effect on Active Directory code setting in our program.
Can I conver to 1 to 1 withut changing anything in vb.net and server?
View 3 Replies
Jun 24, 2010
I am updating some CS code that was written in 2004, and that references some assemblies which extract user data from AD by query filtering on the user's title. I can't test my updated code in VS2010 because the assemblies no longer compile - the references are no longer valid (I can't create a DirectoryEntry or DirectorySearcher) so I need to work out how to replace the code with current directoryservices.accountmanagement namespace properties and methods. I have searched around but don't seem to be getting anywhere. give me some code that will work with vs 2010 to replicate the following:
[code]....
View 2 Replies
Mar 2, 2011
may i know where is the error , i tried so many to figure out but i was not able
Dim
UserName0 As
String= [code]......
View 3 Replies
Jun 25, 2010
I have a problem with saving some data into extensionattribute in AD.There is no problem with saving data into properties like "Mobile" or "SN" but when I try to save data into one of extensionAttribute , for example: extensionAttribute7 , I get an error "The attribute syntax specified to the directory service is invalid".There is no problems of read data from extension Attributes.
I use code like this:
[Code]....
It works good with "standard" properties.
View 1 Replies
Sep 30, 2010
I like to add a field that add active directory user in ASP.NET Web Application .
View 1 Replies
Jul 27, 2010
the directoryentry object with wrong password locks the user account and not able to log in again.
View 2 Replies
Jul 13, 2010
Using C# how do i get a liust of the properties of the computers in the active directory.
I also need to know what is installed on each computer, is this something i can get through the active directory?
View 3 Replies
May 6, 2010
I am looking at displaying certain information from Active Directory within an ASP.NET web page/application to allow users of my organisation to update thCe specified fields. I have searched the internet for help and found windows forms based information, but nothing to really help me with ASP.NET, and anything that could possibly be of any assistance to me is written in C#. I have already built a logon form that hands forms based authentication against AD, and now want to display that authenticated user information.
View 1 Replies
Mar 25, 2010
how to get the member of property of a active directory group?
I am using .NET 2 framework and c# laungauge.
View 2 Replies
Jan 29, 2010
figure out how to pull a specific users logon hours from Active Directory? I am using Visual Studio 2005 and asp.net.
View 1 Replies