?
Solved

LDAP, Domino and asp.net combination. beginner

Posted on 2008-06-10
5
Medium Priority
?
1,046 Views
Last Modified: 2013-12-18
I would like to use Domino LDAP on server A  to authenticate users of a website on server B.
We have no LDAP yet running.  Admins don't want to install it because  If they enable LDAP they say all addressbooks will be available, not just one.
I thought it would be possible to enable LDAP for lookups in only those addressbooks which you make available for LDAP, but how ?

Small side question is that if i have LDAP enabled on server A and use ldap authentication on 3 websites, can a user then login in all 3 websites ?  How to restrain access to only one ?
0
Comment
Question by:RonaldZaal
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 20

Expert Comment

by:brwwiggins
ID: 21753394
have the admins check into Directory assistance. With that you can specify what directories are available via LDAP

However you might have a difficult time sharing the login between 3 apps. Depending on how you authenticate, the LDAP routine will not generate a .NET authentication token to be shared across the sites. IT usually just returns either authenticated or not authenticated. You will have to figure out how to handle this on your own.

A cheap and dirty way that I've seen around this is to mix the built-in .net membership and role providers with the LDAP authentication. Once the user is authenticated via LDAP you manually authenticate in the code-behind to a asp.net username with the same name and some pre-determined password. It's kind of ugly and not the most secure but it was quick and dirty
0
 
LVL 20

Expert Comment

by:brwwiggins
ID: 21754256
also, if you want more reading you can take a look here
http://www.novell.com/coolsolutions/appnote/14730.html
0
 
LVL 5

Author Comment

by:RonaldZaal
ID: 21762072
great aticle, thanks.
The admins have directory assistance allready setup with 5 addressbooks in it so their argument is now that if I use LDAP for authenticating a userX  in a website A he can be in any addressbook, this is ok.
But when i use LDAP for authenticating a user in website B, user X can still access it.
So, is there a way to restrain access to a website while still using LDAP with DA behind it which holds already 5 nabs ?
0
 
LVL 20

Accepted Solution

by:
brwwiggins earned 2000 total points
ID: 21778903
There are several ways you could do this. One way would be to have a group in LDAP containing the authenticated users. Then on page_load of the main page have a routine to check if they are a member of the group and then set a session variable that you could use on other pages.

Other method is what I was hinting at before was use LDAP for password authentication but then try to tie it in with the built-in forms authentication of ASP.NET which has routines to restrict access by roles and so forth.
0
 
LVL 5

Author Comment

by:RonaldZaal
ID: 21791646
Many thanks, i think i understand what you mean and have enough info to instruct the admins.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For beginners of Lotus Notes user this is important to know about the types of files and their location supported by IBM Notes. Mostly users are unaware about how many file types are created and what their usages are. This Article is fully dedicated…
IBM Notes offer Encryption feature using which the user can secure its NSF emails or entire database easily. In this section we will discuss about the process to Encrypt Incoming and Outgoing Mails in depth.
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question