?
Solved

Determining the domain name and LDAP path for use in accessing Active Directory

Posted on 2005-05-03
12
Medium Priority
?
516 Views
Last Modified: 2009-07-29
I'm trying to authenticate users from an asp.net login page against an Active Directory LDAP databse.  The code sample's I've found require the domain name.  How can the domain name be obtained from the registry in VB.NET?

Also, once I have the domain name, is there a standard way to build the path to the LDAP directory?
0
Comment
Question by:flatfoot64
  • 6
  • 3
  • 3
12 Comments
 
LVL 29

Expert Comment

by:rdivilbiss
ID: 13917529
LDAP\RootDSE should work to get you the root of the diredtory.
0
 

Author Comment

by:flatfoot64
ID: 13918950
Like this?

Dim deEntry As DirectoryEntry = New DirectoryEntry("LDAP://rootDSE", strDomainAndUsername, strPassword)

No domain is required in that string also?
0
 
LVL 29

Expert Comment

by:rdivilbiss
ID: 13920153
That looks right.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:flatfoot64
ID: 13920231
OK, now how about the domain?  Can I get this from the registry of the server?
0
 
LVL 29

Expert Comment

by:rdivilbiss
ID: 13920826
If you have the root directory you can search for any user regardless of the domain.

But before we go any further...why would you need to do this.

Can't you simply use Integrated Windows authentication?
0
 

Author Comment

by:flatfoot64
ID: 13934762
Because I'm using Forms authentication with Active Directory and it requires the domain and the path to the LDAP server.

0
 

Author Comment

by:flatfoot64
ID: 13934808
Here's the code:


Public Function IsAuthenticated(ByVal strDomain As String, ByVal strUserName As String, ByVal strPassword As String) As Boolean

            Dim strDomainAndUsername As String = strDomain & "\" & strUserName
            Dim deEntry As DirectoryEntry = New DirectoryEntry(strLDAPPath, strDomainAndUsername, strPassword)

            Try
            'Bind to the native AdsObject to force authentication.
                  Dim obj As Object = deEntry.NativeObject
                  Dim dsSearcher As DirectorySearcher = New DirectorySearcher(deEntry)

                 dsSearcher.Filter = "(SAMAccountName=" & strUserName & ")"
                 dsSearcher.PropertiesToLoad.Add("cn")
                 Dim srResult As SearchResult = dsSearcher.FindOne()

                  If (srResult Is Nothing) Then
                      Return False
                 End If

                  'Update the new path to the user in the directory.
                 strPath = srResult.Path
                 strFilterAttribute = CType(srResult.Properties("cn")(0), String)

            Catch ex As Exception
                Throw New Exception("Error authenticating user. " & ex.Message)
            End Try

            Return True
        End Function


Here's the error:

The specified domain either does not exist or could not be contacted
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Runtime.InteropServices.COMException: The specified domain either does not exist or could not be contacted

Tried this with:
Domain in format "XXXXXXX" or "XXXXXXX-XXX-XXXX.NET"

and LDAP
"LDAP://rootDSE"
or
"LDAP://XXXXXXX-XXX-XXXX.NET"


0
 
LVL 20

Expert Comment

by:ihenry
ID: 13935909
The way you're concatening the ldap path looks like you're working in WinNT domain, or you're working in Active Directory domain?
0
 
LVL 20

Expert Comment

by:ihenry
ID: 13936567
Ok, I knew you're using Active Directory domain :o) sorry for the confusion.

Essentially, binding to active directory using LDAP provider requires the following format:

LDAP://[servername][:PortNumber][/DistinguishedName]

If you're in the domain, it isn't necessary to specify a server name or dns domain name in the [servername]. You can also ignore the [PortNumber] and LDAP provider will use port number 389 as default. So you ldap path would looks something similar to this:

LDAP://CN=xxx,DC=xxx,DC=xxx

As for RootDSE, it can help you to find the best dc in your domain based-on how the binding process is done in your code. For example,

Dim de As DirectoryEntry()
de.Path = "LDAP://rootDSE"
Dim dnsHost As String = root.Properties["defaultNamingContext"].Value
Dim ldapPath = String.Format( "LDAP://{0}/", dnsHost )

and the ldapPath variable will have value something like

LDAP://DC=xxx,DC=xxx

0
 

Author Comment

by:flatfoot64
ID: 13936857
What is the 'root' object here?

Dim dnsHost As String = root.Properties["defaultNamingContext"].Value
0
 
LVL 20

Accepted Solution

by:
ihenry earned 1000 total points
ID: 13936900
Sorry, it should be the "de" variable. I copied it directly from my code :o)

Dim dnsHost As String = de.Properties["defaultNamingContext"].Value
0
 

Author Comment

by:flatfoot64
ID: 13947274
This was the format I needed:

LDAP://domain.ccc-xxxx.net
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There’s a good reason for why it’s called a homepage – it closely resembles that of a physical house and the only real difference is that it’s online. Your website’s homepage is where people come to visit you. It’s the family room of your website wh…
When the s#!t hits the fan, you don’t have time to look up who’s on call, draft emails, call collaborators, or send text messages. An instant chat window is definitely the way to go, especially one like HipChat. HipChat is a true business app. An…
Viewers will get an overview of the benefits and risks of using Bitcoin to accept payments. What Bitcoin is: Legality: Risks: Benefits: Which businesses are best suited?: Other things you should know: How to get started:
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Suggested Courses
Course of the Month16 days, 14 hours left to enroll

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question