Solved

How to Authenticate Username and/or password to any Microsoft or any Direcotry server with service account and with SSL

Posted on 2008-06-24
1
593 Views
Last Modified: 2013-12-24
Im a little confused how to use use IADs to verify a username and password IF a company locks down thier Directory server with a service account username and password first before you can even connect.

The following code i have coded to work with encryption if the function is asking for it.  I would like this to work for any Directory server not just microsoft.  here is my code.  In your response if you could just give me pseudo code on how to do this with my object names i would appreciate it

This function already works on my NT AD as is, but it do not understand how to impliment sServiceAccount username and sSA password.


Thank you.




Function AuthenticateUser(strServerName As String, strUserName As String, blnSSL As Boolean, Optional strPassword As String, Optional sPort As String, Optional SAMName As String, Optional sServiceAccount As String, Optional sSAPassword) As Boolean
On Error Resume Next
Const ADS_SECURE_AUTHENTICATION = 1
Const ADS_SERVER_BIND = 512

Dim strUserADSPath As String
Dim blnUserExists As Boolean

Dim oADOConn As New ADODB.Connection
Dim oADORs As New ADODB.Recordset



Dim oUser As IADs
Dim oDSObj As IADsOpenDSObject
Dim strNamingContext As String

strServerName = strServerName & ":389/"
If sPort <> "" Then
strServerName = Replace(strServerName, ":389", ":" & sPort)
End If




Dim oRootDSE As IADs
    Set oRootDSE = GetObject("LDAP://" & strServerName & "RootDSE")
    strNamingContext = strServerName & oRootDSE.Get("defaultNamingContext")



Set oRootDSE = Nothing

strUserADSPath = ""
blnUserExists = False
Set oADOConn = CreateObject("ADODB.CONNECTION")
Set oADORs = CreateObject("ADODB.Recordset")
oADOConn.Provider = "ADSDSOObject"
oADOConn.Open

If SAMName = "" Then SAMName = "sAMAccountName"

Set oADORs = oADOConn.Execute("<LDAP://" & strNamingContext & ">;(" & SAMName & "=" & strUserName & ");AdsPath, cn")
If oADORs.RecordCount = 0 Then

Else
    strUserADSPath = oADORs.Fields("ADSPATH").value
    blnUserExists = True
End If

oADORs.Close
Set oADORs = Nothing
oADOConn.Close
Set oADOConn = Nothing

If Not blnUserExists Then
    AuthenticateUser = False
    Exit Function
Else

    If strPassword = "" Then
    AuthenticateUser = True
    Exit Function
    End If

End If

Dim oAuth

Set oUser = GetObject(strUserADSPath)
Set oDSObj = GetObject("LDAP:")

If blnSSL = True Then
Set oAuth = oDSObj.OpenDSObject("LDAP://" & strNamingContext, strUserName, strPassword, ADS_SECURE_AUTHENTICATION + ADS_SERVER_BIND)
Else
Set oAuth = oDSObj.OpenDSObject("LDAP://" & strNamingContext, strUserName, strPassword, ADS_SERVER_BIND)
End If

If Err.Number <> 0 Then
AuthenticateUser = False
Exit Function
End If

If Not oAuth Is Nothing Then
    Set oAuth = Nothing
    AuthenticateUser = True
Else

AuthenticateUser = False
End If



End Function
0
Comment
Question by:mcbain942
1 Comment
 
LVL 1

Accepted Solution

by:
mre224 earned 500 total points
ID: 21860342

Function AuthenticateUser3(strServerName As String, dcContextFullString As String, sSamUNContextFieldName As String, sServiceAccountContextFieldName As String, sOranizationUnitFullString As String, strUserToAuth As String, strPwToAuth As String, Optional sServiceAccountUN As String, Optional sServiceAccountPW As String, Optional strPort As String) As Integer

On Error GoTo broke

Dim con As New ADODB.Connection
Dim rs
Dim com As New ADODB.command
Dim path As String
Dim user As String
Dim sstr As String
Set con = CreateObject("ADODB.Connection")


strServerName = strServerName & ":389/"
If strPort <> "" Then
strServerName = Replace(strServerName, "389", strPort)
End If

sstr = "<LDAP://" & strServerName & dcContextFullString & ">;(" & sSamUNContextFieldName & "=" & sServiceAccountUN & ");AdsPath," & sServiceAccountContextFieldName & ";subtree"

con.Provider = "ADSDSOObject"
con.Properties("User ID") = sServiceAccountContextFieldName & "=" & sServiceAccountUN & "," & sOranizationUnitFullString & "," & dcContextFullString
con.Properties("Password") = sServiceAccountPW
con.Properties("ADSI Flag") = 34
con.Open "ADSI"

Set com = CreateObject("ADODB.Command")
Set com.ActiveConnection = con
com.CommandText = sstr
Set rs = com.Execute


If rs.EOF Then
AuthenticateUser3 = -1
End If

Dim dso
Dim cont

 Set dso = GetObject("LDAP:")
 Set cont = dso.OpenDSObject("LDAP://" & strServerName & dcContextFullString, strUserToAuth, strPwToAuth, 513)

 If Err.Number <> 0 Then
 'MsgBox Err.Description
 AuthenticateUser3 = 0
 Else
 AuthenticateUser3 = 1
 End If

Exit Function

broke:
AuthenticateUser3 = -2
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Beginner to Unreal Engine 4 5 79
vbModal 12 51
Need Nag Screen for Reboot if system up time is over 14 days 12 45
Simple SQL query from two tables 13 53
Read about achieving the basic levels of HRIS security in the workplace.
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
The viewer will learn how to pass data into a function in C++. This is one step further in using functions. Instead of only printing text onto the console, the function will be able to perform calculations with argumentents given by the user.
The viewer will learn additional member functions of the vector class. Specifically, the capacity and swap member functions will be introduced.

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question