Automate NT Authentication with IIS and ASP using LDAP or ADSI
Posted on 2003-02-26
I am developing an intranet for a client. They want to restrict the users access to files in sub-directories of the intranet. There will be three Active Directory groups
Each user will be a member of one of those groups. There will be sub-directories within the intranet folder named: 'Manager, Physician, and Standard'. Each one allows users assigned to the respective groups.
Here is a standard example of what will occur on a daily basis:
1) User wakes up in the morning, drinks coffee, gets ready, goes to work.
2) Once at work, they boot up their computer.
3) They log on to their domain using the standard Windows log on.
4) They open IE and it directs them to the intranet site.
Now, at that point I want to retrieve the users credentials. That way I can say, in code, if they are a member of the 'Managers' group, then show this relevant data. If not, restrict the data.
I have read that perhaps ADSI can do this, but can't find any specific examples.
How can I retrieve, and check whether a user is a member of a specific group. Futhermore, how can I allow access to files in those subdirectories solely based on their windows logon. Keep in mind, I do not want to do a second prompt for username and password. In other words, I don't want to turn off anonymous access and turn on basic authentication.
Thanks for the help,