Classic ASP Active Directory Authentication
I am trying to use AD to authenticate users to enter secure areas of an Intranet site.
I know very little about AD.
I came across the following code which currently lets me verify a username/password combination. If I enter good data, I see "authenticated". If I enter bad data, I see "oops".
Great!
Problem:
Once a user is authenticated, how can I get a listing of the groups he/she belongs to? I only want users that are part of a specific group to move on to the secure pages.
I know very little about AD.
I came across the following code which currently lets me verify a username/password combination. If I enter good data, I see "authenticated". If I enter bad data, I see "oops".
<%
'on error resume next
strUser = Request.Form("username")
strPassword = Request.Form("attempt")
domain = "myad.domain.com"
' assume failure
AuthenticateUser = false
strQuery = "SELECT cn FROM 'LDAP://" & domain & "' WHERE objectClass='*' "
set oConn = server.CreateObject("ADODB.Connection")
oConn.Provider = "ADsDSOOBJECT"
oConn.Properties("User ID") = strUser
oConn.Properties("Password") = strPassword
oConn.Properties("Encrypt Password") = true
oConn.open "DS Query", strUser, strPassword
set cmd = server.CreateObject("ADODB.Command")
set cmd.ActiveConnection = oConn
cmd.CommandText = strQuery
on error resume next
set oRS = cmd.Execute
if oRS.bof or oRS.eof then
Response.Write "oops..."
AuthenticateUser = false
else
Response.Write "authenticated"
AuthenticateUser = true
end if
set oRS = nothing
set oConn = nothing
%>Great!
Problem:
Once a user is authenticated, how can I get a listing of the groups he/she belongs to? I only want users that are part of a specific group to move on to the secure pages.
ASKER
When I use this method, the username and computer name are generic.
I think I need more help implementing this.
Ideally, I'd like to insert a check after "authenticated" where I can see if the user is a member of the 'SG-All-IntraApps_pmtAdmin
I think I need more help implementing this.
Ideally, I'd like to insert a check after "authenticated" where I can see if the user is a member of the 'SG-All-IntraApps_pmtAdmin
ASKER
Still need some help....
Bumping points up.
Bumping points up.
i'm not sure other than the method that I sent you. hopefully another expert will come along.
ASKER
When I use the script mentioned, here is the output:
CN=gwwebuser,OU=Generic,OU
gwwebuser intranet
I am seen as a generic user by the script on the page referenced.
CN=gwwebuser,OU=Generic,OU
gwwebuser intranet
I am seen as a generic user by the script on the page referenced.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
After doing more research I came across this method
http://bytes.com/topic/asp-classic/answers/496326-determine-if-user-ad-group