?
Solved

How search user in Active Directory and then find it in a table's Aplication with c# ?

Posted on 2009-04-29
3
Medium Priority
?
235 Views
Last Modified: 2012-05-06
Hi everyone:

I need to make a login that must make the follow:
1- When the user is connected to the INTRANET, is in Active Directory where they need to put the user name and password.
2.- Once the user is inside the INTRANET, he can go to his explorer, open a Web Page and he'll never enter the username and Password BUT:
a) Behind in the background the user send to the server his username and password from the sesion when he entered to the INTRANET, then:
b) If the username and password in the Active Directory are correct, the aplication return a true and then this same username and passworda are:
c) Are searched in the tables of the application that we are development, if this final step are true then:
d) Return true and the username and password are saved in a Session variable


500 Point to this SOLUTION, thank you so much.


In the example below, this code receive the username and password, BUT where I can get the username and password if this are posting where the user are enter to INTRANET?
private bool Authenticate(string userName,
    string password, string domain)
{
    bool authentic = false;
    try
    {
        DirectoryEntry entry = new DirectoryEntry("LDAP://" + domain,
            userName, password);
        object nativeObject = entry.NativeObject;
        authentic = true;
    }
    catch (DirectoryServicesCOMException) { }
    return authentic;
}

Open in new window

0
Comment
Question by:777999
  • 2
3 Comments
 
LVL 7

Expert Comment

by:badbearontour
ID: 24304801
just a comment rather than a solution, I would be wary of storing the password in a session variable......

its retrievable from the served webpage, using base64 decoding.....

just a thought....

I used a similar system, but simply got AD to authenticate my user, after that we only ever dealt with out 'intranet' user object, which did not have access or indeed knowledge of the password for the user....

Regards

BB
0
 
LVL 7

Expert Comment

by:badbearontour
ID: 24304807
 correction...


.... with OUR 'Intranet' user object.....
0
 

Accepted Solution

by:
777999 earned 0 total points
ID: 24533324
badbearontour:, Thanks for aswering but that wasn't the solution
0

Featured Post

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
You have missed a phone call. The number looks like it belongs to the bunch of numbers which your company uses. How to find out who has just called you?
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

599 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question