Advertisement

06.24.2008 at 12:00PM PDT, ID: 23512174
[x]
Attachment Details
[x]
The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

  • The Grade of the Solution
  • The Zone Rank of the Expert Providing the Solution
  • The Number of Author and Expert Comments
  • The Number of Experts Contributing
  • The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!
9.3

How to Authenticate Username and/or password to any Microsoft or any Direcotry server with service account and with SSL

Asked by mcbain942 in Visual Basic Programming, C++ Programming Language, Lightweight Directory Access Protocol (LDAP)

Tags: , ,

Im a little confused how to use use IADs to verify a username and password IF a company locks down thier Directory server with a service account username and password first before you can even connect.

The following code i have coded to work with encryption if the function is asking for it.  I would like this to work for any Directory server not just microsoft.  here is my code.  In your response if you could just give me pseudo code on how to do this with my object names i would appreciate it

This function already works on my NT AD as is, but it do not understand how to impliment sServiceAccount username and sSA password.


Thank you.




Function AuthenticateUser(strServerName As String, strUserName As String, blnSSL As Boolean, Optional strPassword As String, Optional sPort As String, Optional SAMName As String, Optional sServiceAccount As String, Optional sSAPassword) As Boolean
On Error Resume Next
Const ADS_SECURE_AUTHENTICATION = 1
Const ADS_SERVER_BIND = 512

Dim strUserADSPath As String
Dim blnUserExists As Boolean

Dim oADOConn As New ADODB.Connection
Dim oADORs As New ADODB.Recordset



Dim oUser As IADs
Dim oDSObj As IADsOpenDSObject
Dim strNamingContext As String

strServerName = strServerName & ":389/"
If sPort <> "" Then
strServerName = Replace(strServerName, ":389", ":" & sPort)
End If




Dim oRootDSE As IADs
    Set oRootDSE = GetObject("LDAP://" & strServerName & "RootDSE")
    strNamingContext = strServerName & oRootDSE.Get("defaultNamingContext")



Set oRootDSE = Nothing

strUserADSPath = ""
blnUserExists = False
Set oADOConn = CreateObject("ADODB.CONNECTION")
Set oADORs = CreateObject("ADODB.Recordset")
oADOConn.Provider = "ADSDSOObject"
oADOConn.Open

If SAMName = "" Then SAMName = "sAMAccountName"

Set oADORs = oADOConn.Execute("<LDAP://" & strNamingContext & ">;(" & SAMName & "=" & strUserName & ");AdsPath, cn")
If oADORs.RecordCount = 0 Then

Else
    strUserADSPath = oADORs.Fields("ADSPATH").value
    blnUserExists = True
End If

oADORs.Close
Set oADORs = Nothing
oADOConn.Close
Set oADOConn = Nothing

If Not blnUserExists Then
    AuthenticateUser = False
    Exit Function
Else

    If strPassword = "" Then
    AuthenticateUser = True
    Exit Function
    End If

End If

Dim oAuth

Set oUser = GetObject(strUserADSPath)
Set oDSObj = GetObject("LDAP:")

If blnSSL = True Then
Set oAuth = oDSObj.OpenDSObject("LDAP://" & strNamingContext, strUserName, strPassword, ADS_SECURE_AUTHENTICATION + ADS_SERVER_BIND)
Else
Set oAuth = oDSObj.OpenDSObject("LDAP://" & strNamingContext, strUserName, strPassword, ADS_SERVER_BIND)
End If

If Err.Number <> 0 Then
AuthenticateUser = False
Exit Function
End If

If Not oAuth Is Nothing Then
    Set oAuth = Nothing
    AuthenticateUser = True
Else

AuthenticateUser = False
End If



End FunctionStart Free Trial
[+][-]06.24.2008 at 01:59PM PDT, ID: 21860342

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: Visual Basic Programming, C++ Programming Language, Lightweight Directory Access Protocol (LDAP)
Tags: vb6, COM, NA, NA
Sign Up Now!
Solution Provided By: mre224
Participating Experts: 1
Solution Grade: A
 
 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628