Security :: Forms Authentication Using Active Directory Group
Jan 15, 2010[Code]....
Forms authentication using Active Directory Group
[Code]....
Forms authentication using Active Directory Group
How to provide authentication based on a Active directory security group for a ASP.net webpage. I am using c# laungauge and .Net framework2.
View 3 RepliesI am trying to restrict access to the webpage using a security group. find the code in the web.config file:
<authentication mode="Windows"/>
<roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider" />
<authorization>
<allow roles="enterprisenet.orgNMR Helpdesk Supt" />
</authorization>
Code in the code behind file of the aspx file i am trying to access:
if (User.IsInRole(@"enterprisenet.orgNMR Helpdesk Supt"))
{}
else
{
Server.Transfer("noaccess.aspx");
}
Group is located in enterprisenet.org/Groups/NMR Helpdesk Supt . Its not working as expected.
I have an application where I display every Active Directory group that the current user belongs to. When I have my config setup like this:
<authentication mode="Windows"/>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
It works fine. When it's like this:
<authentication mode="Windows"/>
<authorization>
<!--<deny users="?"/>-->
<allow users="*"/>
</authorization>
No groups are found. Why does this make a difference? Does asp.net only authenticate if we are specifically denying access to unauthenticated users? If it helps this is how i'm getting the groups:
protected string GetUserGroups()
{
StringBuilder userGroups = new StringBuilder();
ArrayList groupMembers = new ArrayList();
DirectoryEntry root = new DirectoryEntry("LDAP://myldap/DC=nc,DC=local");
DirectorySearcher ds = new DirectorySearcher(root);
ds.Filter = String.Format("(&(samaccountname={0})(objectClass=person))", User.Identity.Name.Substring(User.Identity.Name.LastIndexOf(@"") + 1));
ds.PropertiesToLoad.Add("memberof");
try
{
foreach (SearchResult sr in ds.FindAll())
{
foreach (string str in sr.Properties["memberof"])
{
string str2 = str.Substring(str.IndexOf("=") + 1, str.IndexOf(",") - str.IndexOf("=") - 1);
groupMembers.Add(str2);
}
}
}
catch
{
//ignore if any properties found in AD
}
return String.Join("|", (string[])groupMembers.ToArray(typeof(string)));
}
I am trying to set up an intranet application with Forms Authentication configured for AD. (Don't ask why, it's for the boss). Anyways, I got it configured to where everybody on the domain can log in but I need to restrict it to a security group that IT has set up for me.
The problem I am having is that users in the SG can not log in to the site. I tried just adding
[Code]....
without a role manager but it didn't work. Then I tried adding the role manager below (among others...).
Here is my web.config
[URL]
Also, how should the user defined in connectionUsername and connectionPassword be set up? Must it be the same as the user I am running the application as?
I want to authenticate against the Active Directory by using Forms authentication and Visual Studio ASP.NET/C#.Do you know any great tutorials/howto:s for implementing this?
View 7 RepliesI am just getting started with MVC and I was wondering if someone could point me in the right direction for help with forms authentication using active directory? I have the sample site up but the results I have found on google have not been very helpful in answering this question. This site is going to be an intranet page that we want users to be able to access without logging in when they access it from our network while they must login when trying to access it from home.
View 7 RepliesI need to list a group of users, their group name is (IRS Group) to a list group. how to do this. I'm very new to asp.net and dont have much knowlegde about acctive directory.
View 1 RepliesWhat's the easiest way to make Forms Authentication functional? Do I need to setup IIS/Active Directory? If so, how would you code that?
I was looking at this tutorial but it is a bit long, hard, and confusing: [URL]
Here's my web.config info:
[Code]....
I currently have a web application deployed on our intranet and it uses Active Directory to authenticate the user.It all works fine. But now im asked to somehow grant access to the application for outside vendors that are not part of AD, but they still need to keep the functionality of the AD as they dont want to manage all the users that currently use the application.Is this possible in some way?Currently users dont need to enter a password or username as they are part of AD, but users who are not get the " You are not authorized to view this page..."message. Is there any way to avoid that message and allow them to login using their own password?
View 1 RepliesI have a requirement to make parts of forms (and sometimes the entire form) read-only based on the user's active-directory group. I already have integrated AD into the dynamic menu, so that users cannot view certain menu itmes based on their AD group - and this is working fine; however, now they want to get down to the control-level on the forms. The first way that comes to mind is for me to just grab the AD groups for the users and then loop through them, and write my own code to make controls read-only or enabled. Is this a good way to do it, or is there another way? Also, while we're on the topic, is there an easy way to protect an entire form, or maybe an entire panel?
View 1 Replieshow to get the member of property of a active directory group?
I am using .NET 2 framework and c# laungauge.
I've written a small ASP.NET 3.5 application to allow users to update selected account attributes on their own. Everything works fine when I use Basic Authentication, but because the dialog that is presented is less than ideal, I'd like to use forms authentication to give the users more instruction on how to log in. My problem is that in order for the user to update their account information, I have to have the application impersonate them for the update actions. I've scoured the internet trying to find a solution to my issue, but nothing fits or works. I have tried setting the web.config:
[Code]....
I also tried using the LogonUser method to create a user token and backend the authentication that way, and it doesn't work either.
[Code]....
Authentication With Active Directory AD Getting propertie
[Code]....
I am using Visual web Developer 2010 Express.
I want to create a small intranet web site with a login page that will authenticate against groiups of users in Active Directory. So for example if someone in Group A logs in they can get to web page X and if someone from Group B logs on they can get to web page Y. Is it possible to do this with the login controls without writing code? I thought it would be a fairly standard thing to do.
I am trying to build a web app for an intranet site that for security reasons needs to make the user type in their Windows or Active Directory username pwd manually. I have previously worked with Integrated Windows Auth but in this case, we do want them to use type in their AD credentials.
I have been trying to look up how to do this and frankly I am a bit lost. It should be a fairly straightforward task and am hoping you can point me in the right direction, with some tutorials or examples. We will be using SSL so, dont have to worry about passing pwd in cleartext over the wire.
My environment is visual studio 2008 in C#, .net 3.5 if that matters.
I've built a asp.net 3.5 web application and want to be able to restrict access to particular pages. I have pages which should be able to be accessed by a user and then an adminshould be able to access all pages. I have created 2 Active Directory groups, one for normal users and one for admins so any users in the user group can see some pages then admins should have no restrictio
View 1 RepliesI am trying to follow instructions on how to create a login page that tests against active directory. My issue is all of the tutorials seem to be written for ASP.NET 2.0. When I try to follow them I cannot get them to work. Does anyone have any tutorial or information for .NET 3.5 or 4.0?
View 11 RepliesI want to know how to do Active Directory Authentication in my intranet web application,
So far I created a simple login page and I am using the login control. my questions are how do I configure the application, how do I interface the login control so it will take the user to next page once they input their usual active directory username and password.
I am trying to authenticate the users on a web application through their Active Directory credentials. What should I use? Client Certificate Mapping? or Forms? I am currently using a Form Authentication, but it is not working. It keep telling me my credentials are not correct. Should I switch over to something more recent? Client Certificate Mapping is installed, I just don't know how to set it up. Isn't there something about purchasing a certificate for the website? Is there anything else I can use that is secure and uses Active Directory credentials?
View 10 Repliesi have a problem with the users authentication on my site. I made <authentication mode="Windows"> in my web.config. The LoginView shows "mycomputermyusername" if i request the page. So far as well. Now i want to login with a different username. Users are stored in an Active Directory. My questions: wich setting i have to do, that user's account and password checked by Active Directory? how can i force the system to make a new login? Logout doesn't work, i always see my on account.
View 1 Replies I have a need to send out emails to all the people who are in a given group say "HR Department". I need to be able to get all the emails through a for loop and then as it retrieves I should send emails to them.
this is what I came up with but not sure how to go about writing a for loop to get all the emails in the given group.
[Code]....
I am using Active Directory to authenticate users for an intranet site. I would like to refine the users that are authenticated based on the group they are in in Active Directory. Can someone show me or point me to directions on how to find what groups a user is in in ASP.NET 4.0 (VB)?
View 2 RepliesI have som problem verifying that user is in a group and returning boolean value
Private
Function IsExistInAD(ByVal SAMAccountName
As
String)
As
[Code]....
if you have implemented Forms Authentication with Active Directory in ASP.NET 2.0, I have implemented [URL] mentioned on this page. But I am getting an error saying "Provider must implement the class 'System.Web.Security.RoleProvider".
View 1 Replies