C# - Authenticate Against A Local Windows User On Another Machine In An Application?
May 24, 2010
In my ASP.NET application, I need to be able to authenticate/authorise against local Windows users/groups (ie. not Active Directory) on a different machine, as well as be able to change the passwords of said remote local Windows accounts.
Yes, I know Active Directory is built for this sort of thing, but unfortunately the higher ups have decreed it needs to be done this way (so authentication against users in a database is out as well).
I've tried using DirectoryEntry and WinNT like so:
DirectoryEntry user = new DirectoryEntry(String.Format("WinNT://{0}/{1},User",
serverName, username), username, password, AuthenticationTypes.Secure)
but this results in an exception when you try to log in more than one user:
Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again.
I've tried making sure my DirectoryEntries are used inside a using block, so they're disposed properly, but this doesn't seem to fix the issue. Plus, even if that did work it is possible that two users could hit that line of code concurrently and therefore try to create multiple connections, so it would be fragile anyway.
Is there a better way to authenticate against local Windows accounts on a remote machine, authorise against their groups, and change their passwords?
I have to host an asp.net that user can access that website something like http://111.11.11.11/myapp/homepage.aspx. ( my ip address will be 111.11.11.11). All I have local IIS installed. I want that if any user clicks on the link. He should be able to access that web application.
when I am trying to run the asp.net application from the shared location(not from the local machine), I have encountered a security exception as 'request for the permission of type 'system.web.aspnet hosting permission'. I have given the full trust rights to share folder.. but still I have got the same error..
I am using ASP.NET 3.5 and SQL SERVER 2008. And I have a very simple code within my ASP.NET page :
Quote:
[code]....
The connection string specifies a local Sql Server Express instance using a database location within the applications App_Data directory. The provider attempted to automatically create the application services database because the provider determined that the database does not exist. The following configuration requirements are necessary to successfully check for existence of the application services database and automatically create the application services database:
If the applications App_Data directory does not already exist, the web server account must have read and write access to the applications directory. This is necessary because the web server account will automatically create the App_Data directory if it does not already exist.
If the applications App_Data directory already exists, the web server account only requires read and write access to the applications App_Data directory. This is necessary because the web server account will attempt to verify that the Sql Server Express database already exists within the applications App_Data directory. Revoking read access on the App_Data directory from the web server account will prevent the provider from correctly determining if the Sql Server Express database already exists. This will cause an error when the provider attempts to create a duplicate of an already existing database. Write access is required because the web server accounts credentials are used when creating the new database. Sql Server Express must be installed on the machine.
The process identity for the web server account must have a local user profile. See the readme document for details on how to create a local user profile for both machine and domain accounts.
I'm trying to get an asp.net application up on IIS on a Windows Server 2008 machine. I can hit the app from localhost, no problem. But I can't access the app using the server's domain name either locally or from another machine on the network.But here's the odd part. I can access a normal file on IIS using the domain name, both from a browser running on the server and from a browser running on another machine on the network. Here's a synopsis ("http" converted to "htp" below because I don't have enough points to have all these links in my message):
From IE on the server itself: works htp://localhost/foo.htm works htp://localhost/App works htp://test.foo.com/foo.htm dead htp://test.foo.com/App From IE on another machine: works htp://test.foo.com/foo.htm dead htp://test.foo.com/App
I created one application, and I need to authenticate local user. This user is the user who is login to his/her Personal Computer.. Main thing his that he/she does not in any DOMAIN... I want NON-DOMAIN authentication.
2. I have PC, on which file to copy to device is located, with Active Sync installed and IE running which has a page in that IE has rendered by server #1.
3. I have a DEVICE connected to desktop #2 via AS.
I would like to copy file from a local machine to the device which is connected to this machine. My application is located in a webserver.
On one of my pages I display a datetime (from a database) and it is formatted correctly as a UK date time (dd-mm-yyyy) on my local machine. However when I deploy it to a server it reverts to American format (mm-dd-yyyy). Does anyone have any idea of when this might be happening?This might be outside the scope of stackoverflow
How do I get the smtp server address for the local machine? I want to my email address on a windows form and have the user send me an email and I need to be able to get their smtp server address programatically to do this. I tried this:
System.Net.Mail. SmtpClient smtpc = new SmtpClient("127.0.0.1"); smtpc.Send(email);
I basically want to transfer a file from the client to the file storage server without actual login to the server so that the client cannot access the storage location on the server directly. I can do this only if i manually login to the storage server through windows login. I dont want to do that. This is a Web-Based Application.
protected void Button1_Click(object sender, EventArgs e) { filePath = FileUpload1.FileName; try { WebClient client = new WebClient(); NetworkCredential nc = new NetworkCredential(uName, password); Uri addy = new Uri("\\192.168.1.3\upload\"); [code]...
I just begin creating a website for an organization. First page to be displayed in the login page. I dont have any knowledge in ASP.NET Security. On Login page, i want to display UserName field as disabled with the useralias of the user who currently logged into Windows. Password user has to provide and it should be that user's windows password.
How do i validate that password that user has entered is his windows password?
In our application, we allow user to upload documents which can be PDF, Doc, XLS, TXT. Uploaded documents will be saved on web server. We need to display link for each document user uploaded and when user click on that link, it should open relevant document. it is expected to have required software to open relevant documents.
To upload document, we use saveAs method of FileUpload control and it works absolutely fine.Now, how to view it?I believe, i need to copy/download file to local user machine and need to open it using Process.Start.For that i need to find user local temp directory. if i put path.GetTempPath(), it gives me web server directory and copy file there.
We have a website portal hosted in Windows 2003 server. For security reasons we are using different windows Login user say (xxxx) for signin other than Administrator. Now with this user (xxxx) name I installed .net Windows Application. It was working fine. For some reasons I renamed the original windows Login user(xxxx) to different say (yyyy). Now this .net Windows Application is not working with (yyyy) and even it is not allowing me to uninstall it.
i have an asp.net project in vs2010 i have a db and table inside the app_data folder, i have created a deployment package and have imported the package into an iis server that is installed on my local mechine. now i get this error message while trying to preform an insertion.
Failed to generate a user instance of SQL Server due to failure in retrieving the user's local application data path. Please make sure the user has a local user profile on the computer. The connection will be closed the connection string is:
Data Source=.SQLEXPRESS;AttachDbFilename=|DataDirectory|survey.mdf;Integrated Security=True;User Instance=True
I have had a real nightmare with Server.MapPath(). When I call Server.MapPath("~") in my application that is running in ASP.NET Development Server it returns root directory that ends in a back slash like f:projectsapp1, but I call it in published version, installed in IIS, it returns root directory without any back slash like c:inetpubwwwrootapp1.
string mainRoot = HttpContext.Current.Server.MapPath("~"); DirectoryInfo di = new DirectoryInfo(mainRoot); //added to solve this problem with Server.MapPath if (!mainRoot.EndsWith(@"")) mainRoot += @""; FileInfo[] files = di.GetFiles("*.aspx"); foreach (FileInfo item in files) { string path = item.FullName.Replace(mainRoot, "~/").Replace(@"", "/"); //do more here }
I have an application which is installed on local pc and is using SQL db. It is a client management system where I want to add capability to register new clients and give them access to my web site which is sharing the same SQL database with local application.
At the moment clients can register on the web site and I have ASP.NET authorisation system set up with aspnetdb_user, aspnetdb_membership and etc tables. But sometimes it happens that I need to register clients on my local application on PC and ideally would like that registration to create online account for the client as well. Then I want to be able to send him user id and password by email and let him know that he has been registered in my database and online account is ready for him as well.
Basically I want to have full synchronization between asp.net membership service and local application through SQL db. As I said both online and local apps are shareing the same SQL database. what would be the best practice to implement it.
I have a ASP.NET website which uses the standard ASP.NET Login Control for authenticating users. The user information is stored in a SQL Server database which is not accessible from client side. I want to write a standalone desktop windows form application which requires user to login with the same credential (username and password) used on the website. For the web-based form authentication, it's simple just to use the login control. Howerver, I have no idea for how to deal with the login for windows form application. My naive idea is to create a login web service which windows form application can utilize.
I face this problem when my client setting the LAN like this: the database server is in server A, the web application is in server B, and the windows login server control (is it what we call "windows domain"?) is in server C.
When I use windows authentication in the web application I built, it checked only the windows account in server B. How to authenticate with server C's windows account?
We have a web service running on the server. We want to use the service in local machine. Could some one kindly give all the steps to get the methods availble in the client.
We have created web methods in the server. And trying to access the same thing on the client. I can literally access those methods using the refernce variable of the server. but when I try to run it , it comes up with run time exception unable to connect to remote server.
I have a fairly complex business application written in ASP.NET that is deployed on a hosted server. The site uses Forms Authentication, and there are about a dozen different roles defined. Employees and customers are both users of the application.
Now I have the requirement to develop a Windows Mobile client for the application that allows a very specialized set of tasks to be performed from a device, as opposed to a browser on a laptop. The client wants to increase productivity with this measure. Only employees will use this application.
I feel that it would make sense to re-use the security infrastructure that is already in place. The client does not need offline capability.
My thought is to deploy a set of web services to a folder of the existing site that only the new role "web service" has access to, and to use Forms Authentication (from a Windows Mobile 5/.Net 3.5 client).
I did see this question and I am aware of the limitations that Forms Authentication poses. Since security is not my primary motivator (I use SSL and can restrict access by IP address), but rather using existing user accounts and roles, my decision tree is somewhat different as well.
I wrote an asp.net application with default.aspx. When I hit this page It is asking me windows login popup window. My application should me windows authentication required but it should "Integrated Windows authentication". If I enter login password I am able to see my page. How can I automatically integrate this windows authentication? I added below code in web.config. still doesn't work.
I can get the proper output..but the styles not same as user control...styles not displayed properly..I need the same design of the user control in web application
i have created one windows user control in vb.net and i am consuming this in web application i already added windows user control dll to my web application and i used object tag for adding user control in web application. but i am not getting any output only blank image with small x on the top of the page