Solved

Active Directory Authentication by Machine Name

Posted on 2006-11-15
8
740 Views
Last Modified: 2010-02-25
I have developed an Intranet  Web Application using ASP 3.0

There is a section where I can enter my Active Directory Login name & Password
and get authenticated to certain pages.

Now I want to be atumomatically logged in once I open the Intarnent Home Page, since there should some kind of a script that will get my machine Name, and authenticate me based on that my machine is a member of a domain.

0
Comment
Question by:aqunix
  • 3
  • 2
8 Comments
 
LVL 58

Expert Comment

by:amit_g
ID: 17948935
Take out Anoymous access and enable only Integrated Windows Authentication. Then user logged in to your domain would be able to get to you page. You can get their loginid in variable Request.ServerVariables("LOGON_USER"). To enable authentication in IIS follow direction in

http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/1aa70bfa-add5-4f61-9c7b-a095c1bd4306.mspx?mfr=true
0
 
LVL 58

Expert Comment

by:amit_g
ID: 17948946
0
 

Author Comment

by:aqunix
ID: 17954194
I know how to enable the Integrated widows Authentication, and I can retrive my PC name.

What I need is:

I want to search for my PC name to the Active directroy and if Exsits and my PC is a member of AC, then I should be authenticated based on the Stored information about my PC in the AC.



0
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
LVL 58

Expert Comment

by:amit_g
ID: 17963285
PC name or User Name? If UserName, after enabling Integrated widows Authentication and taking off Anonymous Authentication, you are gauranteed that anyone who gets to your page is already authenticated via AD as windows logon would have already tested it. So your application need not do anything. On the other hand if you are looking for both Windows Anthentication and Anonymous authentication togethere, it won't work becuase if Anoynous is enabled, there is no way to know who is logged in via a web application as the browser doesn't pass that information to the web server and so asp can't do anything.
0
 

Author Comment

by:aqunix
ID: 17971007
I could find the solution:

1- I have downloaded a free DNS component [ aspdns ]
2- This tool will return me the logged in machine Name
3- I could retrive the List of Machine from the Active directory , and I stored them in an Array
4- I searched for the Machine Name if there is a Match in the Array
5- if Machine Name was found then I will be logged in , other wise no access.
6- Then get the Machine Information from the AD.

<%
'------------------- Get the Machine Name of the Logged in User ---------------------
Set DNS = Server.CreateObject("ASPDNS.DNSLookup")
A = DNS.GetIPFromName(Request.ServerVariables("REMOTE_ADDR"))
NameA = DNS.GetNameFromIP(A)
Set DNS = Nothing
SplitName = split(NameA,".",-1)
MachineName = SplitName(0)

strUserName              = Ucase(MachineName)

%>


<%
'------------------- Get the Full Machines Name List from the AD ---------------------

on error resume next

Dim strDomain
Dim strADsPath
Dim strUserName
Dim strPassword
Dim iFlags
Dim errorcount

errorcount = 0

strDomain = "Your AD Domain Name"

strADsPath       = strDomain
iFlags             = Request.Form("Flags")


%>

<%
Function getUsers(strDomain)
    Dim oDomain, User, msg

    Set oDomain = GetObject("WinNT://" & strDomain)
    oDomain.Filter = Array("computer")
    For Each User in oDomain
      msg = msg & User.Name & ","
    Next
    getUsers = msg
End Function

'-------------- Build an Array for the AD Machines -------------------------
MachineArray = getUsers(strDomain)
MachineArray = split(MachineArray,",",-1)
x = Ubound(MachineArray)
x=x+1


' ------------------ Search for the logged Machine Name withen the Array ---------------------
i    = 0
Flag = 0

While i<x
 if strUserName = Ucase(MachineArray(i)) then
 Flag =1
 End if
i=i+1
Wend


'---------------- If Not Found [ NO Access ]
if Flag=0 then
url = "noaccess.asp"
response.Redirect(url)
End if

If Flag=1  then

           Session("USER_LOGIN") = strUserName
           Session("isLoggedIn") = True
           Session("ValidUser")  = True
 

Dim User
Set User = GetObject("WinNT://" & strDomain & "/" & strUserName & ",user")
FullName = User.Fullname
End if

Response.write " Welcome :" & FullName

%>
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 18212175
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
API not working 33 67
Display first 3 lines of text from database field, vbscript asp 4 60
Weighted Randomizing 6 30
Html Table Looping (part 2) 5 27
Have you ever needed to get an ASP script to wait for a while? I have, just to let something else happen. Or in my case, to allow other stuff to happen while I was murdering my MySQL database with an update. The Original Issue This was written…
I was asked about the differences between classic ASP and ASP.NET, so let me put them down here, for reference: Let's make the introductions... Classic ASP was launched by Microsoft in 1998 and dynamically generate web pages upon user interact…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question