Current LDAP user?

I have a Windows app that accesses a Microsoft SQL database. Currently the app uses Windows authentication to access the SQL database and finds each user's application privileges from a table in the database based on the Windows user name. Doing it this way means I do not have to prompt for a separate username and password for my app. Everything works fine.

I now need to implement the application in a larger organisation which has multiple Windows domains but a single LDAP directory. I want to use LDAP to identify the user rather than Windows/AD. I can sort out the SQL side (by using SQL logins) but I am new to LDAP.

I have written a VB.NET test app and figured out how to do LDAP queries. However, how do I find out the details of the current user using LDAP instead of Windows? Is there even a concept of 'currently authenticated user' in LDAP? I have a feeling I'm missing something but I don't know what!

Thanks in advance,
Miranda
MirandaPothiawalaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

RiteshShahCommented:
0
MirandaPothiawalaAuthor Commented:
No I can't set up a domain forest, I do not have control of the whole domain unfortunately ...
0
MirandaPothiawalaAuthor Commented:
I've deduced that there is no concept of 'the current LDAP user'. Instead we will change the app so that in an LDAP environment it prompts for the user's LDAP name and password when the application starts, and validates the information given against the LDAP directory, in order to establish whether the user has access to the system.

This is not as 'nice' a solution as using Windows authentication as it requires an extra user login screen but it will achieve the desired effect.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
RiteshShahCommented:
>>No I can't set up a domain forest, I do not have control of the whole domain unfortunately ...<<

no need to create forest, all you have to do is, create linked server of AD.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Databases

From novice to tech pro — start learning today.