Solved

How do I use form authentication ASP.NET  intranet site using Active Directory

Posted on 2010-11-08
16
415 Views
Last Modified: 2012-05-10
Can someone help, I have been browsing the web and nothing seem to work. My applicaition is a 3.5 asp.net vb web site. And is hosted locally in the same network that the active directory server is ...

How do I create the connection string?
What information do I need , and how do I get it. e.g. domain name, port???
how do I link this so I can use the login asp.net control

?

thanks!!!
0
Comment
Question by:TonyReba
  • 9
  • 6
16 Comments
 
LVL 9

Expert Comment

by:puru1981
ID: 34086925
0
 
LVL 9

Author Comment

by:TonyReba
ID: 34087329
I been trying all those codes and walkthroughs but I have had not luck to make my site work?

can you please look in some of the specific questions I asked?
0
 
LVL 41

Expert Comment

by:guru_sami
ID: 34087549
How do I create the connection string?
--> Create a test page and put the code suggested in the link in the pageload and output it in the browser.
http://forums.asp.net/p/943717/1340605.aspx

What information do I need , and how do I get it. e.g. domain name, port???
--> You might also ask you IT admin for this admin

how do I link this so I can use the login asp.net control
---> Linking with Login Control will be easy. Handle OnAuthentication event. Inside the handler you do this:

string domain = "SomeDomain";
e.Authenticated = DoADAuthentication(Login1.UserName,Login1.Password, domain);

--->DoADAuthentication is the method that will do AD authentication
---> Also if you are using AD MembershipProvider, LoginControl should work out-of-the box without the code I suggest above but you will have to modify your web.config to make the ADMembershipProvider your default provider.
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 9

Author Comment

by:TonyReba
ID: 34087618
Create a test page and put the code suggested in the link in the pageload and output it in the browser.

So if I test by placing the code in the browser by itself it opens a Find People window, but can't find people???

What does that mean??
0
 
LVL 9

Author Comment

by:TonyReba
ID: 34088038
Ok I have the server name ,

can you exlpain how this piece of code would authenticate , I am using .net 3.5. vb


string domain = "SomeDomain";
e.Authenticated = DoADAuthentication(Login1.UserName,Login1.Password, domain);

0
 
LVL 41

Expert Comment

by:guru_sami
ID: 34088072
Sorry I think I provided incomplete info. Place this code in the code-behind of your testpage:

DirectoryEntry root = new DirectoryEntry("LDAP://RootDSE");

using (root)
{
    string dnc = root.Properties["defaultNamingContext"][0].ToString();
    string server = root.Properties["dnsHostName"][0].ToString();

    string adsPath = String.Format(
        "LDAP://{0}/{1}",
        server,
        dnc
        );
     Response.Write(adsPath);
}

It should output something like this: LDAP://abcd.xyz.com/DC=abcd,DC=xyz,DC=com
You can try that as your connectionstring.
0
 
LVL 9

Author Comment

by:TonyReba
ID: 34088116
Yes I am following and now I have the connection string defined

can you please explain me the event handler for authenticate
string domain = "SomeDomain";
e.Authenticated = DoADAuthentication(Login1.UserName,Login1.Password, domain);

0
 
LVL 41

Accepted Solution

by:
guru_sami earned 500 total points
ID: 34088120
Check the code here: http://support.microsoft.com/kb/326340

So your function should be: "IsAuthenticated" instead of "DoADAuthentication"

And your code would be:

Protected Sub Login1_Authenticate(sender As Object, e As AuthenticateEventArgs) Handles  Login1.Authenticate

Dim domain As String = "SomeDomain"
e.Authenticated = IsAuthenticated(domain,Login1.UserName,Login1.Password)

End Sub
0
 
LVL 9

Author Comment

by:TonyReba
ID: 34088177
hi I am almost there bu is giving me the following error
:

Error      1      'Public Event Authenticate(sender As Object, e As System.Web.UI.WebControls.AuthenticateEventArgs)' is an event, and cannot be called directly. Use a 'RaiseEvent' statement to raise an event.      C:\Documents and Settings\gtrrra00\My Documents\Visual Studio 2010\WebSites\intranetLogin\Default.aspx.vb      52      
0
 
LVL 41

Expert Comment

by:guru_sami
ID: 34088195
can you share your login page code?
0
 
LVL 9

Author Comment

by:TonyReba
ID: 34088206
this is my full code::
Imports System
Imports System.DirectoryServices
Imports System.Web.Security.MembershipProvider
Imports System.Text
Imports System.Collections


Partial Class _Default
    Inherits System.Web.UI.Page

    Dim _path As String
    Dim _filterAttribute As String

    Public Sub New(ByVal path As String)
        _path = path
    End Sub

    Public Function IsAuthenticated(ByVal domain As String, ByVal username As String, ByVal pwd As String) As Boolean

        Dim domainAndUsername As String = domain & "\" & username
        Dim entry As DirectoryEntry = New DirectoryEntry(_path, domainAndUsername, pwd)

        Try
            'Bind to the native AdsObject to force authentication.			
            Dim obj As Object = entry.NativeObject
            Dim search As DirectorySearcher = New DirectorySearcher(entry)

            search.Filter = "(SAMAccountName=" & username & ")"
            search.PropertiesToLoad.Add("cn")
            Dim result As SearchResult = search.FindOne()

            If (result Is Nothing) Then
                Return False
            End If

            'Update the new path to the user in the directory.
            _path = result.Path
            _filterAttribute = CType(result.Properties("cn")(0), String)

        Catch ex As Exception
            Throw New Exception("Error authenticating user. " & ex.Message)
        End Try

        Return True
    End Function


    Protected Sub Login1_Authenticate(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.AuthenticateEventArgs) Handles Login1.Authenticate
        Dim domain As String = "SomeDomain"
        e.Authenticated = IsAuthenticated(domain, Login1.UserName, Login1.Password)

    End Sub
End Class

Open in new window

0
 
LVL 41

Expert Comment

by:guru_sami
ID: 34088382
what kind of project is that? WebApplication or WebSite?
do this...go to designer, select your LoginControl, in properties, go to it's Events list and double click OnAuthenticate.
See if that changes anything.

Also I would like to point out:
1: "SomeDomain" should be replace with appropriate value for your case. e.g. it could be the domain you use when you login in your window machine in your network.
2: set _path = "You Ldap connectionstring" before you call IsAuthenticated method
0
 
LVL 9

Author Comment

by:TonyReba
ID: 34088448
I am sorry for my ignorance,,what is the difference between ? WebApplication or WebSite?

I beliveve is an intranet web site?

I dont see the OnAuthenticate event  only Logging_In

this lines seems to be the conflict,,,
<%@ Page Language="VB" AutoEventWireup="false" CodeFile="Default.aspx.vb" Inherits="_Default" %>
0
 
LVL 41

Expert Comment

by:guru_sami
ID: 34088514
sorry should be "Authenticate" and the is no reason for it to not appear..it has to...so may be you are not seeing it in the right place.
Ssomething like this listing:
http://www.aspnettutorials.com/images/controls/HowtoAddErrorstoLoginASP4-CSharp/ss1.jpg

To see if it is a Web App of Website... check the icon of your application in VS Solution Explorer.
It is just "Globe+Document" or "Globe+vb" or you can check your physical folder to see if the is a file .vb.proj

0
 
LVL 9

Author Comment

by:TonyReba
ID: 34088731
HI guru sammi , it is working now. Thanks this is very valuable
0
 
LVL 9

Author Closing Comment

by:TonyReba
ID: 34088736
great stuff
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now