Use Active Directory as User Authentication

Posted on 2002-05-14
Medium Priority
Last Modified: 2010-05-02
I would like to authenticate users of an in-house application using Active Directory on the Windows 2000 server.  I would like to set up groups that users could be added to in order to gain access to the system.

I am looking for code samples, login forms, examples and tips on how to achieve this.  
Question by:ChiefDamon
  • 3
  • 2

Expert Comment

ID: 7011817
To create a group:

1) Open active directory.  
2) Highlight the domain where the application is located
3) Right click the domain -> New -> Group
4) Enter in Group Name and Group Name (Pre-Windows 2000)
5) Choose Group Scope (I'd leave the default Global)
6) Choose Group Type (You want the default, security)
7) Select OK

This will create a group.

Apply the group to the in-house application permissions.
Place all users that have access into that group.

You shouldn't have to code for this and windows has a standard logon form it uses that is perfectly fine.

If the application is a web application, use frontpage to add the group to the web permissions and dissallow anonymous access.


Author Comment

ID: 7012359
Once you add a user to the group you will need to check the users group membership prior to opening the application.  The comment by pjbaratelli approaches adding the group memberships but states that a standard windows login will do for checking the memberships.  
I am using VB6 and see no such default form so I guess my question is:
How do I check active directory memberships within a VB application?

Expert Comment

ID: 7012776
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.


Author Comment

ID: 7013517
Very productive comment falconew.  Maybe you could explain further.

Author Comment

ID: 7013617
Added a new question that is more specific to the code required to search Windows 2000 Active directory using ADO and ADSI to determine an users group memeberships.

Accepted Solution

falconew earned 600 total points
ID: 7015445
Hi ChiefDamon,

I don't think you can authenticate a user by coding it by yourself, because there's no such method in documentation explaining about that. Logon authentication must be made at the first time a user login to windows.
To determine a user in specific group you can use ADO and ADSI, please refer to MSDN documentation.
This is a sample to check whether a user Bill Gate is a group of Accounting:

Dim strGroup
Dim oGroup
Dim arrmembers
Dim i
Dim member
Dim name
Dim GrupMember
Dim userName

userName="Bill Gate"
strGroup = "LDAP://cn=ACCOUNTING,cn=Users,DC=asiasoft,DC=com"
Set oGroup = GetObject(strGroup)
arrmembers = ""
arrmembers = oGroup.GetEx("member")
If IsArray(arrmembers) Then
    For i = LBound(arrmembers) To UBound(arrmembers)
        If GrupMember = false Then
            member = Split(arrmembers(i), ",")
            name = Split(member(0), "=")
            If UCase(UserName) = UCase(name(1)) Then
                GrupMember = true
            End If
         End If
End If
Set oGroup = Nothing
if GrupMember=true then
    msgbox "Group Accounting"
    msgbox "Not Group Accounting"
end if

hope this help...

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Introduction While answering a recent question about filtering a custom class collection, I realized that this could be accomplished with very little code by using the ScriptControl (SC) library.  This article will introduce you to the SC library a…
Enums (shorthand for ‘enumerations’) are not often used by programmers but they can be quite valuable when they are.  What are they? An Enum is just a type of variable like a string or an Integer, but in this case one that you create that contains…
Show developers how to use a criteria form to limit the data that appears on an Access report. It is a common requirement that users can specify the criteria for a report at runtime. The easiest way to accomplish this is using a criteria form that a…
This lesson covers basic error handling code in Microsoft Excel using VBA. This is the first lesson in a 3-part series that uses code to loop through an Excel spreadsheet in VBA and then fix errors, taking advantage of error handling code. This l…

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question