Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

ASP-Logon-Page with Active Directory Group Authentication

Posted on 2008-10-13
1
Medium Priority
?
354 Views
Last Modified: 2008-10-14
Hello,

At first, I apologize for my bad English I come from Germany.

I've already created a login page with solutions i found on Expert Exchange.

This is the code:

____



<%
on error resume next

Dim strDomain
Dim strADsPath
Dim strUserName
Dim strPassword
Dim iFlags
Dim errorcount

errorcount = 0

' force the domain
if Request.Form("Domain") <> "TESTGROUP" then
     strDomain = Request.Form("Domain")
     if strDomain = "" then strDomain = "TESTGROUP" end if
else
     strDomain = "TESTGROUP"
end if

strADsPath = strDomain
iFlags = Request.Form("Flags")
strPassword = Request.Form("Password")
strUserName = Request.Form("UserName")
%>                
<form action = "login.asp" method = "post" id=form1 name=form1>
                  <table width="100%" cellpadding="0" class=news1>
                    <tr align="left" valign="middle">
                      <td>&nbsp;&nbsp;</td>
                      <td class=news1><div align="right"><font class="news1"><strong><nobr>Username:&nbsp;</nobr></strong></font></div></td>
                      <td>&nbsp;&nbsp;</td>
                      <td> <div align="left">
                        <input name=UserName type="text" id=UserName2 value="<%response.write strUserName%>" size="40">
                      </div></td>
                    </tr>
                    <tr align="left" valign="middle">
                      <td>&nbsp; </td>
                      <td class=news1><div align="right"><font class="news1"><strong>Password:</strong></font></div></td>
                      <td>&nbsp;</td>
                      <td> <div align="left">
                        <input type="password" id=Password2 name=Password size = 40 > 
                      </div></td>
                    </tr>
                    <tr align="left" valign="middle">
                      <td>&nbsp;</td>
                      <td class=news1><div align="right"><font class="news1"><strong>Domain:</strong></font></div></td>
                     
                      <td>&nbsp;</td>
                      <td> <div align="left"><font class="news1">TESTGROUP </font>
                        <input name=Domain type="hidden" id=Password3 value="<%response.write strDomain%>" size = 26 > 
                      </div></td>
                    </tr>
                    <tr valign="top">
                      <td colspan="4">&nbsp;&nbsp;</td>
                    </tr>
                    <tr valign="top">
                      <td colspan="4"> <div align="center">
                          <input type="hidden" id=Flags2 name=Flags size = 10 value = 0>
                          <input type="submit" value="  Login  " id=submit12 name=submit1>
                          <input type="reset" name="Reset" value="  Reset  ">
                        </div></td>
                    </tr>
                  </table>
                                         </form>

<%
if (not strUserName= "") then

      strADsPath = "WinNT://" & strADsPath
      Dim oADsObject  
      Dim tempstr
      tempstr = strDomain & "\" & strUserName

 
      Set oADsObject = GetObject(strADsPath)

      Dim strADsNamespace
      Dim oADsNamespace
      strADsNamespace = left(strADsPath, instr(strADsPath, ":"))
      set oADsNamespace = GetObject(strADsNamespace)
      Set oADsObject = oADsNamespace.OpenDSObject(strADsPath, tempstr, strPassword, 0)
     
           if not (Err.number = 0) then
                                             
               Response.Write "You did not enter the correct password<br> or username for the " & strDomain & " domain.<br>Please try again."
                 'response.write err.description & "<p>"
               if err.number = -2147022987 then ' for account logout
                    Response.write "<strong>Your account has been logged out!</strong>"
                end if
         
          else
 
Set oContainer = GetObject("LDAP://CN=<username>,CN=users,DC=TESTGROUP,DC=local")

for each oGroupName in oContainer.memberOf                                                                      
gname = left(oGroupName,instr(oGroupName,",")-1)
gname = right(gname,len(gname) - 3)
if gname = "TEST" then
Session("Group") = gname

end if
next

Session("USER_LOGIN") = strUserName
Session("isLoggedIn") = True
Session("ValidUser") = True
response.redirect "index.asp"
                   
          end if

end if
%>

______

As far as I can succesfull Authenticate my username and password with Active Directory.

Now I want that only users of the security group "TEST" can successfully forwarded to "index.asp".

But how exactly do I have to modify the code?!

I hope you can help me

Many greetings

David

0
Comment
Question by:muhmann
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 10

Accepted Solution

by:
slamhound earned 500 total points
ID: 22708525
Try this:

for each oGroupName in oContainer.memberOf                                                                      
gname = left(oGroupName,instr(oGroupName,",")-1)
gname = right(gname,len(gname) - 3)
if gname = "TEST" then
Session("Group") = gname

end if
next
If Session("Group")  = "TEST" Then
Session("USER_LOGIN") = strUserName
Session("isLoggedIn") = True
Session("ValidUser") = True
response.redirect "index.asp"
End If
                   
          end if

end if
%>
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently decide that I needed a way to make my pages scream on the net.   While searching around how I can accomplish this I stumbled across a great article that stated "minimize the server requests." I got to thinking, hey, I use more than one…
This demonstration started out as a follow up to some recently posted questions on the subject of logging in: http://www.experts-exchange.com/Programming/Languages/Scripting/JavaScript/Q_28634665.html and http://www.experts-exchange.com/Programming/…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question