I'm in the process of creating a blog engine on my website. Nothing fancy. The user will register some basic information, including the comment itself that is the issue of this question.Inside the comment field, the user can write some text, but there are currently nothing stopping him from writing anything harmful there, that would mess up the page when rendering it with comments
I have an ASP.NET app that accepts users comments and them in a SQL database. I want to make sure that I weed out any "naughty" words so I can keep my app respectable. Problem is that I'm finding there are LOTS of these words. ;>My question is, what's the most efficient way to do this processing? Should I have a table in SQL and write a stored proc that does the work? Should I do it with c# and Regex in memory on the web server? Are there other options? Has anyone else successfully done this kind of text scanning at scale? If y, what worked?
I am trying to create a comments page for users to review and comment on an article. I have 2 buttons on each comments posted by users; "Like" and "Don't Like". I am stuck with how to track which user voted already for a given comment. I am thinking of two options and would like to know if they are they way to go or is there a better solution.
Option 1: I have created a table in my database with stores, the comment id, the userid of the user who rated it and the value "like" or "don't like". So each time I have to query my table to find out if this user indeed vote for a given comment. The table unfortunately grows exponentially!!
Option 2: I store the commentid, userid, and "like" or "don't like" value in a cookie on the client's machine. I read the cookie and find out if the user has already voted on a comment. This is proving to be VERY quirky with cookie expiration, growing cookie size and also multiple users on the same machine.
In either way, my test case of ~1500 users, and 2 Million comments, this is getting to be HEAVY on both methods. Is there anything better?
I want to learn how to add/delete/update account (including adding mail boxes for new users). Can someone point to a good book where I can begin from. I want to start with some real basics and build from there.
have a probleme with my search filter, i want to list the users of an organizational unit result.filter =(& (objectClass= user)(ou=dep1)); ====> it didn't work for me
I need to list a group of users, their group name is (IRS Group) to a list group. how to do this. I'm very new to asp.net and dont have much knowlegde about acctive directory.
I want to use the Domain Users group to show all the users in a dropdown box. For some or other reason I cannot return all the users when looking for everyone under the domain so instead I was thinking of using the domain users group.This is part of my code:
I am trying to retrieve all the users from active directory into a sorted list, but for some reason it does not return all the users like myself for instance. It's on a client's ad and there is probably about 1500+ users in AD.
I am working On dating site. there is requirement of showing most active users of the one month, when some one going to do searching. let say if in a Oct month i logged in 45 times , and some one 30 times, and 29 times. i need to show the list of Most Active user in descending order basis on single month. and as month finish the routine again start calculation from 0. this is basically a senario.
How can I get a list of users from active directory? Is there a way to pull username, firstname, lastname? I saw a similar post where this was used:
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, "YOURDOMAIN"); I have never done anything with active directory so I am completely lost.
I wonder if it's possible to use .NET to get access to users in Active Directory: - Methods that returns a collection of users belonging to a specific AD group - Get access to AD propterties beloning to the user account, want to check if the user account is disabled or not
I am trying to do something that i am sure has been done before. I have a asp.net pagethat changes a password , and it works fine if I use credentials of a user with rights to a OU that holds the users container. However i would like to have the users credentials
userEntry = new DirectoryEntry(adspath,userid,this.oldPasswordtb.Text.ToString(),AuthenticationTypes.Secure);
be used when executing
userEntry.Invoke("SetPassword", new Object[] {passwd});
currently I get System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)) --- End of inner exception stack trace --- at System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args) at ASP.changepassword_aspx.__Render__control1(HtmlTextWriter __w, Control parameterContainer) in c:usrhtmlexternalChangePasswordchangepassword.aspx:line 128any ideas why that wouldn't work users I assume have right to modify that attribute of their CN right?see code below
I am wanting to make a sign in and out site for reception I have made it so far using C#, I have got the visitor part sorted, how I could let staff choose there name from a list that has retrieved the names from active directory and then that pulls there name into the SQL Database and then adds a row with there name into as including other columns but I can do the other columns.
I'm looking at starting a new web app which needs to be secure (if for no other reason than that we'll need PCI (Payment Card Industry) accreditation at some point). From previous experience working with PCI (on a domain), the preferred method is to use integrated windows authentication which is then passed all the way through the app to the database using kerberos (so the NT user has permissions in the DB). This allows for better auditing as well as object-level permissions (ie an end user can't read the credit card table). There are advantages in that even if someone compromises the webserver, they won't be able to glean any/much additional information from the database. Also, the webserver isn't storing any database credentials (beyond perhaps a simple anonymous user with very few permissions for simple website config)
So, now I'm looking at the new web app which will be on the public internet. One suggestion is to have a Active Directory server and create windows accounts on the AD for each user of the site. These users will then be placed into the appropriate NT groups to decide which DB permissions they should have (and which pages they can access). ASP.Net already provides the AD membership provider and role provider so this should be fairly simple to implement. There are a number of questions around this - Scalability, reliability, etc... and I was wondering if there is anyone out there with experience of this approach or, even better, some good reasons why to do it / not to do it.
I need to get the list of domain usrs. The users not necessorily be on the domain where I am logged in. (e.g. I am logged in on domain "Dom111" but I need the list of users from the domain "Dom222")
I want this information on the basis of following - 1) Name of the Domain 2) A valid User name (of-course with Admin rights for the Target domain) and password
I am trying to use the following code -
DirectoryContext dc = new DirectoryContext(DirectoryContextType.Domain, "Dom222", "Administrator", "password"); Domain domain = Domain.GetDomain(dc); DirectoryEntry de = domain.GetDirectoryEntry(); FillList(de);
Here is the FillList function private void FillList(DirectoryEntry de) { DirectorySearcher deSearch = new DirectorySearcher(de); deSearch.Filter = "(&(objectClass=user)(objectCategory=person))"; SearchResultCollection results = deSearch.FindAll(); //checkedListBox1.Items.Clear(); foreach (SearchResult srUser in results) { DirectoryEntry deUser = srUser.GetDirectoryEntry(); checkedListBox1.Items.Add(deUser.Properties["sAMAccountName"].Value.ToString()); } checkedListBox1.Sorted = true; }
This works fine for the domain where I logged in (i.e. Dom111) but for the other domain (Dom222), while executing the statement - Domain domain = Domain.GetDomain(dc); I am getting the error saying "The specified domain does not exist or cannot be contacted."
Now, For creating the dc if I use following - DirectoryContext dcTemp = new DirectoryContext(DirectoryContextType.DirectoryServer, "Server_dom222", "administrator", "password"); Then everything works fine. But as you can see I need to pass the "Domain Controller (Server) Name"which I want to avoid.
I have a asp.net (3.5) web-app that will be used in an intranet. I need to enforce that users type in their network credentials (windows credentials) before they can log into this application. I intentionally need to disallow Integrated Windows Authentication. I need to authenticate these users against my company's Active Directory, that is obviously on the same network as my .net web app.
I have been reading a bit about Forms Authentication using ActiveDirectoryMembershipProvider - [URL]. I also stumbled upon this - [URL]. Based on what I can tell, both seem to do what I need to get done. Could somebody tell me what are the major differences, pros/cons and when you would use which method? Or are these exactly identical, and both achieve the exact same results?
From the security perspective...what do I need to watch for? I am assuming if I use SSL that will cover me for when I pass the username/pwd to AD for verification?
I'm new to directoryServices and im trying to capture all users in the active directory and their organizational units but i'm having abit of trouble here, i've been reading through the forums and searching online but can't seem to find information that is viable to me.
Here is brief overview of what im trying to do. Im trying to create a datatable where i can insert all the usernames and their ou by capturing the values from the AD but i keep getting alot of duplicated usernames BUT in different organizationalUnits. I've checked the AD, and they do not belong so the following are my codes, but i can't seem to figure out what is wrong.