Question

ASP Get User Attributes from AD?

Asked by: Data-Base

Hello,

I found a very handy ASP Script

================================================================================
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<html>
<head>
<title>LDAP Authentication Test</title>
</head>

<body>

<%
dim submit
dim UserName
dim Password

UserName = ""
Password = ""
Domain = ""

submit = request.form("submit")

if submit = "Authenticate" then
UserName = request.form("UserName")
Password = request.form("Password")
Domain = request.form("Domain")
result = AuthenticateUser(UserName, Password, Domain)
if result then
response.write "<h3>Authentication Succeeded!</h3>"
else
response.write "<h3>Authentication Failed!</h3>"
end if
end if

response.write "<hr><form method=post>"
response.write "<table>"
response.write "<tr>"
response.write "<td><b>Username:&nbsp;</b></td><td><input type=""text"" name=""UserName"" value=""" & UserName & """ size=""30""><br><small>Enter as ""DOMAIN\UserName"" or ""UserName@sub.domain.com"" or ""\UserName"" in a single domain environment</small></td>"
response.write "</tr>"
response.write "<tr>"
response.write "<td><b>Password:&nbsp;</b></td><td><input type=""password"" name=""Password"" value=""" & Password & """ size=""30""></td>"
response.write "</tr>"
response.write "<tr>"
response.write "<td><b>AD Domain:&nbsp;</b></td><td><input type=""text"" name=""Domain"" value=""" & Domain & """ size=""30""><br><small>Enter the AD Server FQDN, IP Address, or DN<br>Examples: ""adserver1.ourdomain.com"" or ""192.168.1.150"" or ""192.168.1.150/dc=adserver1,dc=ourdomain,dc=com""</small></td>"
response.write "</tr>"
response.write "<tr>"
response.write "<td>&nbsp;</td><td><input name=""submit"" type=""submit"" value=""Authenticate""></td>"
response.write "</tr>"
response.write "</table>"
response.write "</form>"
response.end

function AuthenticateUser(UserName, Password, Domain)
dim strUser
' assume failure
AuthenticateUser = false

strUser = UserName
strPassword = Password

strQuery = "SELECT cn FROM 'LDAP://" & Domain & "' WHERE objectClass='*' "
set oConn = server.CreateObject("ADODB.Connection")
oConn.Provider = "ADsDSOOBJECT"
oConn.Properties("User ID") = strUser
oConn.Properties("Password") = strPassword
oConn.Properties("Encrypt Password") = true
oConn.open "DS Query", strUser, strPassword

set cmd = server.CreateObject("ADODB.Command")
set cmd.ActiveConnection = oConn
cmd.CommandText = strQuery
on error resume next
set oRS = cmd.Execute
if oRS.bof or oRS.eof then
AuthenticateUser = false
else
AuthenticateUser = true
end if
set oRS = nothing
set oConn = nothing

end function

%>

</body>
</html>
================================================================================

now I need to make the function "AuthenticateUser(UserName, Password, Domain)" to return the Full name or the given name instead of False/True

I was trying allot to make a minimum modifications to this script but it didn't work !!!

any help

Thank you

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2007-01-02 at 03:49:39ID22108044
Tags

asp

,

get

,

user

,

ldap

,

ad

Topic

Active Server Pages (ASP)

Participating Experts
2
Points
500
Comments
34

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

    Free Tech Articles

    1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
      It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
    2. SCCM OSD Basic troubleshooting
      SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
    3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
      This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
    4. Create a Win7 Gadget
      This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
    5. Outlook continually prompting for username and password
      There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
    6. Backup Exchange 2010 Information Store using Windows Backup
      There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

    Cloud Class Webinars

    1. Avoiding Bugs in Microsoft Access
      Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
    2. Top 10 Best New Features in Visio 2010
      Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
    3. IT Consultant Business Secrets Revealed
      Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
    4. Disaster Recovery and Business Continuity
      Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
    5. Organize Your Visio Diagrams with Containers and Lists
      Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
    6. How to Us Objects, Properties, Events and Methods in Microsoft Access
      Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

    Join the Community

    Give a Little. Get a Lot.

    Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

    Join the Community

    Answers

     

    by: topazgPosted on 2007-01-02 at 06:04:54ID: 18227541

    As it is that is only possible if you are happy with them all in one field.

    To do this, change
       AuthenticateUser = false
    to
       AuthenticateUser = "User Not Found"
    and the following:

    -------------------
    if oRS.bof or oRS.eof then
    AuthenticateUser = false
    else
    AuthenticateUser = true
    end if
    -----------------

    to

    ----------------
    if oRS.bof or oRS.eof then
        AuthenticateUser = "User Not Found"
    else
        AuthenticateUser = "Found User: " & trim(RS("{fieldname}"))
    end if
    ----------------

    That _should_ work I think, with {fieldname} being replaced by the column (presumably "cn") in the table you are extracting the data from.

     

    by: Data-BasePosted on 2007-01-02 at 06:18:29ID: 18227626

    hello thanks for the replay

    It didn't work for me I tried

    AuthenticateUser = "Found User: " & trim(RS("{description}"))
    AuthenticateUser = "Found User: " & trim(RS("description"))

    AuthenticateUser = "Found User: " & trim(oRS("{description}"))
    AuthenticateUser = "Found User: " & trim(oRS("description"))

    all of the didn't work


    any other solution

     

    by: topazgPosted on 2007-01-02 at 06:22:26ID: 18227644

    The curly brackets wouldn't work, I just included them to hint it was a fieldname being asked for as opposed to real text.

    Looking at the SQL syntax, cn is the only field name being selected, and oRS is your recordset name, so:

    AuthenticateUser = "Found User: " & trim(oRS("cn"))

    should work.

     

    by: Data-BasePosted on 2007-01-02 at 06:46:13ID: 18227844

    Thanks I forgot to add "description" to the SQL syntax

    but still !!

    now

    I have the sql syntax like this

    strQuery = "SELECT cn, description FROM 'LDAP://" & Domain & "' WHERE objectClass='*' "

    then I used this

    AuthenticateUser = "Found User: " & trim(oRS("description"))

    it give me only "Found User:"

    in AD there is description and there is text like "Staff" or "Student"

    thanks again

     

    by: topazgPosted on 2007-01-02 at 06:54:33ID: 18227908

    Looking at the script, I can only assume that the SQL Query is returning no records. Why is objectClass='*' in the script, is there really a text field called objectClass with a number of entries containing just an asterisk in the field?

     

    by: Data-BasePosted on 2007-01-02 at 07:00:53ID: 18227948

    well,

    if I use
    AuthenticateUser = "Thank you you are logged in now!"

    then it showed me that correctly

    it dose the job for checking it the user in AD or not

    but I do not understand why it dose not return any information !!!

    if it return nothing then then it will not show me that my username and password on the AD server ... right ?

     

    by: topazgPosted on 2007-01-02 at 07:06:17ID: 18227986

    Good point, it looks like it is finding a record, but the record is blank. Have you checked the description column in the database table to see if it actually contains the required information?

     

    by: Data-BasePosted on 2007-01-02 at 07:13:21ID: 18228047

    yes it dose

    now i tested "SELECT cn, givenName, description, mail FROM ...."

    and none of them worked !!!

     

    by: topazgPosted on 2007-01-02 at 07:43:49ID: 18228319

    I also notice that the script doesn't appear to be looking for a given username. The from clause references the domain, but nothing else is referenced in the SQL syntax, so it will find a "match" with any username provided there is a record present it seems.

    Can you post a dummy display from a SQL script against the database, so I can see what a couple of rows of the actual data look like?

     

    by: Data-BasePosted on 2007-01-02 at 08:11:52ID: 18228521

    I don't actully know what do tyou mean by "post a dummy display from a SQL script against the database"

    by the way this script is working perfectly in listing all the AD objects

    <%
    Domain = "MYDOMAIN"
    set conn = CreateObject("ADODB.Connection")
    conn.Provider = "ADsDSOObject"
    conn.Open "ADs Provider"
    queryString = "SELECT cn, givenName, description, mail FROM 'LDAP://" & Domain & "' WHERE objectClass='*' "
    Set rs = conn.Execute( queryString, numRecords, 1 )
    Do While Not rs.EOF
         Response.Write rs("cn") & "<br>"
         rs.MoveNext
    Loop
    %>

    and when I change  "Response.Write rs("cn") & "<br>"" to  "Response.Write rs("description") & "<br>"" I get an error but all the other options (mail and givenName) work with no problem !!!

     

    by: topazgPosted on 2007-01-02 at 08:13:02ID: 18228531

    What error do you get returned?

     

    by: kevp75Posted on 2007-01-02 at 08:16:45ID: 18228561

    you could also do something like this:
    queryString = "SELECT * FROM 'LDAP://" & Domain & "' WHERE objectClass='*' "

    then to display:
    for each i in rs
        response.write(rs(i) &"<br />")
    loop

     

    by: Data-BasePosted on 2007-01-02 at 08:43:52ID: 18228798

    topazg

    when I use "description" I get
    Microsoft VBScript runtime  error '800a000d'

    Type mismatch

    /authenticate/authorise_add.asp, line 9



    kevp75 - thank you for your replay

    how I should I put/use it in the code above ... it didn't work for me

    I'm using the secound script just to check the connection and list all users

    but what I really need is the first one :-( to check users username and passwords through AD then get some information like description and givenName


    Thank you

     

    by: kevp75Posted on 2007-01-02 at 09:00:50ID: 18228940

    i don't know much about AD, however I can assume that querying the AD is similar to querying a table in SQL.

    By simply using the number instead of the name of the field you should be able to display any field in the table.  I merely suggested using the * wildcard as it selects all fields in the table.

    I may be off on the loop, but you could experiment a bit and use your same exact code, (although for testing purposes I would change the query to select all the fields *)

    <%
    Domain = "MYDOMAIN"
    set conn = CreateObject("ADODB.Connection")
    conn.Provider = "ADsDSOObject"
    conn.Open "ADs Provider"
    queryString = "SELECT * FROM 'LDAP://" & Domain & "' WHERE objectClass='*' "
    Set rs = conn.Execute( queryString )
    Do While Not rs.EOF
         Response.Write rs(0) & "<br>" 'increase the 0 by 1 until you find what you are looking for....
         rs.MoveNext
    Loop
    %>

     

    by: topazgPosted on 2007-01-03 at 03:16:40ID: 18234205

    If RS("cn") doesn't give an error, RS("description") certainly shouldn't - a type mismatch should only occur if you are trying to run a CInt or function on a string variable or similar untransformable task.

    Try using:

    testVariable = trim(rs("description"))
    Response.write(testVariable & "<br>")

    instead of just outputting it.

     

    by: kevp75Posted on 2007-01-26 at 17:49:01ID: 18408658

    i am interested

     

    by: topazgPosted on 2007-01-29 at 01:34:44ID: 18417827

    As am I

     

    by: Data-BasePosted on 2007-01-29 at 15:57:07ID: 18424007

    sorry, I was very bosy,

    I'll test it more as soon as I can in this week

     

    by: Data-BasePosted on 2007-01-29 at 15:57:36ID: 18424012

    sorry, I was very busy,

    I'll test it more as soon as I can in this week

     

    by: Data-BasePosted on 2007-04-18 at 01:37:05ID: 18930274

    hello,

    sorry for all this I had a personal issue !!!

    OK, I tried it and it did not work !!! it gives me nothing at all (also it dose not give me any error).

    i used this

    strQuery = "SELECT cn, description FROM 'LDAP://" & Domain & "' WHERE objectClass='*' "


    the output code looks like this

    testVariable = trim(oRS("description"))
    Response.write(testVariable & "<br>")

    and it's still giving me nothing !!!!

    maybe we are looking in the wrong place :-s

    sorry again for taking all this time to respond

     

    by: topazgPosted on 2007-04-18 at 01:53:33ID: 18930322

    So are you now not getting the type mismatch error ?

     

    by: kevp75Posted on 2007-04-18 at 06:04:51ID: 18931292

    did you try my code?

     

    by: Data-BasePosted on 2007-06-22 at 22:33:28ID: 19346616

    it seems it will not wok.

    I'll look for another solution

    you can just close it :-)

    Thank you all

     

    by: kevp75Posted on 2007-06-23 at 06:38:32ID: 19347519

    so instead of doing the right thing and asking in support for them to close it you hand out a C Grade?!?!

     

    by: Data-BasePosted on 2007-06-23 at 07:01:10ID: 19347637

    sorry, I did not understand what you mean?

    i hope I did not make some stupid move !!!!

    what I should do then ?

    I had to chose something when I give the points.

    sorry if I made a mistake, can I fix it ?

     

    by: Data-BasePosted on 2007-06-23 at 07:45:10ID: 19347865

    thank you for your replay.

    no it did not work,

    and I think I should stop wasting time (for all)

    if you others thing its worth keep trying then I can keep try, but my time is limited and I'm working on other project now.

    personally I like to see this work, but we notice that it took long time for me to test it (because I work on other thing).

    and the code is here if any one see that it worth trying then it's all yours.


    about the grade can we change it to what ever kevp75 would like, I really thank him and topazg for the time the spend trying helping me.

    I'm sorry for the miss understanding

     

    by: Data-BasePosted on 2007-06-23 at 17:12:47ID: 19349447

    Thanks allot for your help Vee_Mod

    I just want to be fair with kevp75 and topazg, they were nice and very helpful to me, and they deserve the best points/grades that I can offer even if the thing did not work,

    IF I'll find the solution to this question I'll post it here if I can't post then I'll still can email them or send it to them, because they were interested to solve this question too.


    thank you all again for your help,
    and sorry for any miss-understanding

    20120131-EE-VQP-002

    3 Ways to Join

    30-Day Free Trial

    The Experts

    98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

    He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

    The Experts

    97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

    The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

    Testimonials

    "...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

    Testimonials

    "I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

    Testimonials

    "WOW! You guys have great, active, and knowledgeable people on here." moore50

    Business Clients

    Business Clients

    In the Press

    "If you’ve got a question... Experts Exchange can supply an answer.”

    In the Press

    "...an invaluable aid for both IT professionals and those who require tech support."

    In the Press

    "where IT professionals provide quick answers on just about any topic"

    Business Account Plans

    Loading Advertisement...