Solved

Authenication of Internet Web Page Users

Posted on 2006-11-07
5
275 Views
Last Modified: 2008-02-01
My Configuration:  
          Novell Client 4.90 SP2
          Window Server 2000
          Internet Information Services 5.0
          ASP based web pages
          Intranet only (behind a firewall)

My Limitations:
          Zero experience using Novell

My Problem:
          I need to open my web pages up to only authenticated internet users  and secure my web pages.

My Question:
          Can I use existing Novell accounts to validate internet users via ASP?
0
Comment
Question by:RX87325
5 Comments
 
LVL 19

Assisted Solution

by:alextoft
alextoft earned 125 total points
ID: 17887656
You could use the Novell LDAP library for C#
http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=http--wwwnovellcom-coolsolutions-qna-11263html&sliceId=&dialogID=16818306&stateId=0%200%2016814671
I presume by "Novell account" you mean "Novell Netware eDirectory account"?

If you ever decide to upgrade your hosting platform from the legacy Windows operating system, mod_ldap, mod_ldap_auth, and mod_edir for Apache can be setup to do LDAP over SSL in about 5 minutes.
0
 
LVL 34

Assisted Solution

by:PsiCop
PsiCop earned 125 total points
ID: 17889862
<pet peeve>

"Novell" is a company. It makes a number of products, including "SUSE Linux", "eDirectory", "Identity Manager" and "NetWare". You didn't write "Microsoft Server 2000", did you?

</pet peeve>

As alexoft has mentioned, you could use the C# NDK to code the calls in the ASP to authenticate against eDirectory through the LDAP interface. Note that the eDirectory environment is no different than any other platform providing services - the LDAP functionality needs to be installed/enabled/configured/whatever. If you're not the admin of the eDirectory environment, then you need to talk to the person who is and find out how to architect your LDAP connection - some example questions could include:

1) Are you going to do an Anonymous Bind (easier), or do you need to authenticate before you query (more secure)?
2) Is the LDAP interface configured for SSL (let's hope it is, especially if you're not doing Anonymous Binds)?
3) What is the Base DN?

LDAP is, of course, not the only interface available for eDirectory, but as long as you're stuck on the Windoze platform, it's probably the best route if the scale is small.
0
 
LVL 35

Assisted Solution

by:ShineOn
ShineOn earned 125 total points
ID: 17891865
There are other APIs available as well, and I think there may even be some ASP stuff out on devnet.

If you choose to do LDAP, make sure you do secure LDAP so the auth traffic has some encryption going on, and keep in mind that the "CN=x,OU=x,DC=x,DC=x" notation that's the only one Microsoft talks about is used only when your tree structure is based on DNS rather than true x.500 hierarchy. You need to use "normal" x.500 naming for your LDAP lookups where the top level is "O" instead of "DC".
0
 

Accepted Solution

by:
N3tb0ss earned 125 total points
ID: 18009314
Here is a link to the Novell Developer site and some sample code for verifying user/password against NDS.
It requires the Novell ActiveX Controls to create the NWDir and NWSess objects.

http://developer.novell.com/wiki/index.php/TID102274_%28aspverif%29_Sample_code_demonstrating_how_to_verify_user_agains_NDS_from_IIS-ASP
0
 

Author Comment

by:RX87325
ID: 18009458
I found a software vendor call Stoneware that provides the functionallity I needed.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When we talk about DevOps toolchains, I sometimes wonder how many people really get what we’re talking about. I don’t know if it’s just semantics or tone or something else, but sometimes I think it just sounds like buzzword sausage. So it’s always …
Some code to ensure data integrity when using macros within Excel. Also included code that helps secure your data within an Excel workbook.
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now