Security - Where To Display Every Active Directory Group
Nov 30, 2010
I have an application where I display every Active Directory group that the current user belongs to. When I have my config setup like this:
<authentication mode="Windows"/>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
It works fine. When it's like this:
<authentication mode="Windows"/>
<authorization>
<!--<deny users="?"/>-->
<allow users="*"/>
</authorization>
No groups are found. Why does this make a difference? Does asp.net only authenticate if we are specifically denying access to unauthenticated users? If it helps this is how i'm getting the groups:
protected string GetUserGroups()
{
StringBuilder userGroups = new StringBuilder();
ArrayList groupMembers = new ArrayList();
DirectoryEntry root = new DirectoryEntry("LDAP://myldap/DC=nc,DC=local");
DirectorySearcher ds = new DirectorySearcher(root);
ds.Filter = String.Format("(&(samaccountname={0})(objectClass=person))", User.Identity.Name.Substring(User.Identity.Name.LastIndexOf(@"") + 1));
ds.PropertiesToLoad.Add("memberof");
try
{
foreach (SearchResult sr in ds.FindAll())
{
foreach (string str in sr.Properties["memberof"])
{
string str2 = str.Substring(str.IndexOf("=") + 1, str.IndexOf(",") - str.IndexOf("=") - 1);
groupMembers.Add(str2);
}
}
}
catch
{
//ignore if any properties found in AD
}
return String.Join("|", (string[])groupMembers.ToArray(typeof(string)));
}
View 1 Replies
Similar Messages:
Apr 21, 2010
How to provide authentication based on a Active directory security group for a ASP.net webpage. I am using c# laungauge and .Net framework2.
View 3 Replies
May 5, 2010
I am trying to restrict access to the webpage using a security group. find the code in the web.config file:
<authentication mode="Windows"/>
<roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider" />
<authorization>
<allow roles="enterprisenet.orgNMR Helpdesk Supt" />
</authorization>
Code in the code behind file of the aspx file i am trying to access:
if (User.IsInRole(@"enterprisenet.orgNMR Helpdesk Supt"))
{}
else
{
Server.Transfer("noaccess.aspx");
}
Group is located in enterprisenet.org/Groups/NMR Helpdesk Supt . Its not working as expected.
View 2 Replies
Jan 15, 2010
[Code]....
Forms authentication using Active Directory Group
View 5 Replies
Jun 15, 2010
I need to list a group of users, their group name is (IRS Group) to a list group. how to do this. I'm very new to asp.net and dont have much knowlegde about acctive directory.
View 1 Replies
Feb 12, 2011
I have a requirement to make parts of forms (and sometimes the entire form) read-only based on the user's active-directory group. I already have integrated AD into the dynamic menu, so that users cannot view certain menu itmes based on their AD group - and this is working fine; however, now they want to get down to the control-level on the forms. The first way that comes to mind is for me to just grab the AD groups for the users and then loop through them, and write my own code to make controls read-only or enabled. Is this a good way to do it, or is there another way? Also, while we're on the topic, is there an easy way to protect an entire form, or maybe an entire panel?
View 1 Replies
Mar 25, 2010
how to get the member of property of a active directory group?
I am using .NET 2 framework and c# laungauge.
View 2 Replies
Dec 1, 2010
I would like to control the menu display (show/hide menu items) in my ASP.NET 3.5 website based on the user's AD group and also control the functionality within a page using user's active directory group membership. how to do this? menu is stored in an xml file and bound to a control. all the examples I see on the web are related to forms authentication. this is an intranet website with integrated windows authentication and both authentication and authorization should be controlled using user's active directory groups.
View 1 Replies
Dec 1, 2010
I'm a bit of a newbie when it comes to AD... But what I want to achieve in the first instance is to use the AD to display the staff name and e-mail address from Active Directory, when they are logged onto the company Intranet. Using the 'login status' I can display domain/username, but would prefer the 'CN' and e-mail address to be shown instead.
I'm using C# and I've got as far as putting Using System.DirectoryServices in my references and .cs file
Staff are authenticated using "Windows" authentication rather than "forms" as they would already be logged onto a PC and should not require to log onto the Intranet again
PS Tried to search through the forums, but the examples shown seem to be to retrieve multiple users / info from AD and I hope my request is a 'simpler' fix
View 2 Replies
Mar 11, 2010
I have a need to send out emails to all the people who are in a given group say "HR Department". I need to be able to get all the emails through a for loop and then as it retrieves I should send emails to them.
this is what I came up with but not sure how to go about writing a for loop to get all the emails in the given group.
[Code]....
View 1 Replies
Jul 6, 2010
I am using Active Directory to authenticate users for an intranet site. I would like to refine the users that are authenticated based on the group they are in in Active Directory. Can someone show me or point me to directions on how to find what groups a user is in in ASP.NET 4.0 (VB)?
View 2 Replies
Mar 5, 2010
I have som problem verifying that user is in a group and returning boolean value
Private
Function IsExistInAD(ByVal SAMAccountName
As
String)
As
[Code]....
View 1 Replies
Sep 28, 2010
I am getting the details from groups but some groups have data but did not return any data is there any problem with this code. some groups have returned data.
CN=Tets App_Reviewer,OU=Tets Appl Groups,OU=District Wide Groups,DC=tets,DC=com;
Tets App_Reviewer is the group name
public List<ADUserDetail> GetUserFromGroup(String groupName)
{
List<ADUserDetail> userlist = new List<ADUserDetail>();
try
{
_directoryEntry = null;
DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);
directorySearch.Filter = "(&(objectClass=group)(SAMAccountName=" + groupName + "))";
SearchResult results = directorySearch.FindOne();
if (results != null)
{
DirectoryEntry deGroup = new DirectoryEntry(results.Path, LDAPUser, LDAPPassword);
System.DirectoryServices.PropertyCollection pColl = deGroup.Properties;
int count = pColl["member"].Count;
for (int i = 0; i < count; i++)
{
string respath = results.Path;
string[] pathnavigate = respath.Split("CN".ToCharArray());
respath = pathnavigate[0];
string objpath = pColl["member"][i].ToString();
string path = respath + objpath;
DirectoryEntry user = new DirectoryEntry(path, LDAPUser, LDAPPassword);
ADUserDetail userobj = ADUserDetail.GetUser(user);
userlist.Add(userobj);
user.Close();
}
}
return userlist;
}
catch (Exception ex)
{
return userlist;
}
}
View 3 Replies
Oct 28, 2010
I have the following AD Strucure
Domain Controller with the Name like abc.com ........> Groups Folder .....>>>UserGroups >>> Subgroup >>>> List of Users
I did the following but not succeed
[Code]....
Iam getting the Count == 0 at the below line
int groupCount = result.Properties["memberOf"].Count;
View 2 Replies
Feb 8, 2010
I can get the list of user groups from the same domain based on the logged in users by using following commandSystem.Web.HttpContext .Current.Request.LogonUserIdentity.GroupsBut in my case user can be part of another trusted domain group also. The above command is not retrieving the trusted domain groups.Is there any way to get all the groups belongs to logged in user even he is part trusted domain group also?
View 1 Replies
Sep 24, 2010
How to check user is related to a particular group , if he is assigned to multiple groups
View 5 Replies
Sep 3, 2010
After entering user name, i want check user belonging to which group, group is some thing like role based
if group is something group1 , then i want redirect hime to page 1, if groupis 2 then page 2 like that
View 5 Replies
Jul 27, 2010
We had few distribution groups in our AD for emailing. To provide access to my application i use these groups to generate the license keys.
Microsoft clearly says "Distribution groups play no role in security (you do not assign permissions to distribution groups), and you cannot use them to filter Group Policy settings."
Is there any way to get the token access for the Distribution groups?
View 2 Replies
Sep 9, 2010
this is what i used:
[code]...
It throws me out saying genral access denied... finding the exact solution on how i could create a configuration page such that a certain set of groups could be assigned to my application.
View 1 Replies
May 5, 2010
I am using System.directory services namespace in framework 2 to query active directory. I have used fixed user account impersonisation in the web.config file, find the code:
<identity impersonate="true" userName="enterprise ang09" password="Telcome123"/>
<authentication mode="Windows"/>
I have disabled anonymous access in IIS. Also i have given Read & write access to the account tang09 for the website virtual directory and Microsoft.NET folder located in windows folder. But still i get prompted for the domain username and password to access the website.
View 4 Replies
Feb 11, 2011
I want to learn how to add/delete/update account (including adding mail boxes for new users). Can someone point to a good book where I can begin from. I want to start with some real basics and build from there.
View 1 Replies
Mar 4, 2010
How to get a primary token to solve a double - hop and be able to access Active Directory [URL]
I don't understand a method A where is ASPX page to set the security mechanism to Anonymous only.
View 1 Replies
May 25, 2010
Is there anyway to change a user password as an administrator in active directory using c# code.
View 1 Replies
Mar 13, 2010
have a probleme with my search filter, i want to list the users of an organizational unit result.filter =(& (objectClass= user)(ou=dep1)); ====> it didn't work for me
View 1 Replies
Sep 23, 2010
our project using active directory on vb.net 1.1 and server 2003. We will be upgrade to vb.net 3.5 and server 2008.
In this case, 1. We convert all vb.net 1.1 application to vb.net 3.5 and run on server 2003.
Then later on, 2. Our server will upgrade to server 2003 to server 2008.
I would linke to know after doing above two phase will effect on Active Directory code setting in our program.
Can I conver to 1 to 1 withut changing anything in vb.net and server?
View 3 Replies
