[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Get user membership in Active Directory with C#, ASP.NEt

Posted on 2007-10-01
3
Medium Priority
?
14,292 Views
Last Modified: 2009-01-26
Hi,
  I have a group set up in Active Directory. Only the member in this group can login to a website buit by C#.
To do this, I'd like know if the logined user is in this group. I know I can user Directory Services to find a user's active directory information. But how can I do with the group?

Many Thanks,

 
0
Comment
Question by:Jinghui Li
2 Comments
 
LVL 4

Accepted Solution

by:
edwardq earned 2000 total points
ID: 19992543
I see 2 ways to do this...

1) Use AD site membership and roles for this.. This way the same user name and password that they use in network is the same one as on the web site.  Then use role manager for setting up who can access the site.  I use AZMAN and link my AD Group with a WEb Role and control what Role has access via the web.config.  This will take a hour or 2 to set up but I beleve is worth it.. No having to set up two accounts.  Just add the person to the group and they have a account and access.

http://blogs.msdn.com/gduthie/archive/2005/08/17/452905.aspx

Using the Membership Provider
http://msdn2.microsoft.com/en-us/library/ms998347.aspx#paght000022_usingtheactivedirectorymembershipprovider
Using Role Manager.
http://msdn2.microsoft.com/en-us/library/ms998314.aspx#paght000013_step4

2)  If I understand right, you maybe setting up a account on your web site and just want to look for the group.
http://www.15seconds.com/issue/060525.htm 
the Group search is hard to read because of all the REM statements. and its in VB.net . But its generally as follows.

 string strUser;  
        Boolean binFlag;
       DirectoryEntry adsRoot = new DirectoryEntry("LDAP://OU=ADSI,DC=ent,DC=ds,DC=microsoft,DC=com");

       
        DirectorySearcher adsSearch = new DirectorySearcher(adsRoot);

     
        strUser = Page.User.Identity.Name;
        // Strip off domain name if it has it. Put in your own code to do it.
             
        try
        {
            adsSearch.PropertiesToLoad.Add("sAMAccountName");
            adsSearch.PropertiesToLoad.Add("memberof");
            adsSearch.PropertiesToLoad.Add("cn");
            adsSearch.PropertiesToLoad.Add("FullName");
       
            adsSearch.Filter = "sAMAccountName=" & strUser;

            SearchResult oResult;
            binFlag = False;

            oResult = adsSearch.FindOne;
         
            foreach (string adsGrpcn in oResult.GetDirectoryEntry().Properties("memberof").Value)
            {
               if (adsGrpcn == "MyGroup")
               {binFlag = true;}
            }
        }
       catch (Exception ex)
           {
            Response.Write("I got the following error while trying to authenticate you: " + ex.Message);
            Response.End();
           }
   
        if (binFlag )
        {
            Response.Write("You are authorized!");
        }
        else
        {
            Response.Write("You are not authorized!");
        }
       }
0
 
LVL 1

Expert Comment

by:Computer101
ID: 20208833
Forced accept.

Computer101
EE Admin
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Problem Hi all,    While many today have fast Internet connection, there are many still who do not, or are connecting through devices with a slower connect, so light web pages and fast load times are still popular.    If your ASP.NET page …
Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question