Solved

How do I use form authentication ASP.NET  intranet site using Active Directory

Posted on 2010-11-08
16
420 Views
Last Modified: 2012-05-10
Can someone help, I have been browsing the web and nothing seem to work. My applicaition is a 3.5 asp.net vb web site. And is hosted locally in the same network that the active directory server is ...

How do I create the connection string?
What information do I need , and how do I get it. e.g. domain name, port???
how do I link this so I can use the login asp.net control

?

thanks!!!
0
Comment
Question by:TonyReba
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 6
16 Comments
 
LVL 9

Expert Comment

by:puru1981
ID: 34086925
0
 
LVL 9

Author Comment

by:TonyReba
ID: 34087329
I been trying all those codes and walkthroughs but I have had not luck to make my site work?

can you please look in some of the specific questions I asked?
0
 
LVL 41

Expert Comment

by:guru_sami
ID: 34087549
How do I create the connection string?
--> Create a test page and put the code suggested in the link in the pageload and output it in the browser.
http://forums.asp.net/p/943717/1340605.aspx

What information do I need , and how do I get it. e.g. domain name, port???
--> You might also ask you IT admin for this admin

how do I link this so I can use the login asp.net control
---> Linking with Login Control will be easy. Handle OnAuthentication event. Inside the handler you do this:

string domain = "SomeDomain";
e.Authenticated = DoADAuthentication(Login1.UserName,Login1.Password, domain);

--->DoADAuthentication is the method that will do AD authentication
---> Also if you are using AD MembershipProvider, LoginControl should work out-of-the box without the code I suggest above but you will have to modify your web.config to make the ADMembershipProvider your default provider.
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 9

Author Comment

by:TonyReba
ID: 34087618
Create a test page and put the code suggested in the link in the pageload and output it in the browser.

So if I test by placing the code in the browser by itself it opens a Find People window, but can't find people???

What does that mean??
0
 
LVL 9

Author Comment

by:TonyReba
ID: 34088038
Ok I have the server name ,

can you exlpain how this piece of code would authenticate , I am using .net 3.5. vb


string domain = "SomeDomain";
e.Authenticated = DoADAuthentication(Login1.UserName,Login1.Password, domain);

0
 
LVL 41

Expert Comment

by:guru_sami
ID: 34088072
Sorry I think I provided incomplete info. Place this code in the code-behind of your testpage:

DirectoryEntry root = new DirectoryEntry("LDAP://RootDSE");

using (root)
{
    string dnc = root.Properties["defaultNamingContext"][0].ToString();
    string server = root.Properties["dnsHostName"][0].ToString();

    string adsPath = String.Format(
        "LDAP://{0}/{1}",
        server,
        dnc
        );
     Response.Write(adsPath);
}

It should output something like this: LDAP://abcd.xyz.com/DC=abcd,DC=xyz,DC=com
You can try that as your connectionstring.
0
 
LVL 9

Author Comment

by:TonyReba
ID: 34088116
Yes I am following and now I have the connection string defined

can you please explain me the event handler for authenticate
string domain = "SomeDomain";
e.Authenticated = DoADAuthentication(Login1.UserName,Login1.Password, domain);

0
 
LVL 41

Accepted Solution

by:
guru_sami earned 500 total points
ID: 34088120
Check the code here: http://support.microsoft.com/kb/326340

So your function should be: "IsAuthenticated" instead of "DoADAuthentication"

And your code would be:

Protected Sub Login1_Authenticate(sender As Object, e As AuthenticateEventArgs) Handles  Login1.Authenticate

Dim domain As String = "SomeDomain"
e.Authenticated = IsAuthenticated(domain,Login1.UserName,Login1.Password)

End Sub
0
 
LVL 9

Author Comment

by:TonyReba
ID: 34088177
hi I am almost there bu is giving me the following error
:

Error      1      'Public Event Authenticate(sender As Object, e As System.Web.UI.WebControls.AuthenticateEventArgs)' is an event, and cannot be called directly. Use a 'RaiseEvent' statement to raise an event.      C:\Documents and Settings\gtrrra00\My Documents\Visual Studio 2010\WebSites\intranetLogin\Default.aspx.vb      52      
0
 
LVL 41

Expert Comment

by:guru_sami
ID: 34088195
can you share your login page code?
0
 
LVL 9

Author Comment

by:TonyReba
ID: 34088206
this is my full code::
Imports System
Imports System.DirectoryServices
Imports System.Web.Security.MembershipProvider
Imports System.Text
Imports System.Collections


Partial Class _Default
    Inherits System.Web.UI.Page

    Dim _path As String
    Dim _filterAttribute As String

    Public Sub New(ByVal path As String)
        _path = path
    End Sub

    Public Function IsAuthenticated(ByVal domain As String, ByVal username As String, ByVal pwd As String) As Boolean

        Dim domainAndUsername As String = domain & "\" & username
        Dim entry As DirectoryEntry = New DirectoryEntry(_path, domainAndUsername, pwd)

        Try
            'Bind to the native AdsObject to force authentication.			
            Dim obj As Object = entry.NativeObject
            Dim search As DirectorySearcher = New DirectorySearcher(entry)

            search.Filter = "(SAMAccountName=" & username & ")"
            search.PropertiesToLoad.Add("cn")
            Dim result As SearchResult = search.FindOne()

            If (result Is Nothing) Then
                Return False
            End If

            'Update the new path to the user in the directory.
            _path = result.Path
            _filterAttribute = CType(result.Properties("cn")(0), String)

        Catch ex As Exception
            Throw New Exception("Error authenticating user. " & ex.Message)
        End Try

        Return True
    End Function


    Protected Sub Login1_Authenticate(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.AuthenticateEventArgs) Handles Login1.Authenticate
        Dim domain As String = "SomeDomain"
        e.Authenticated = IsAuthenticated(domain, Login1.UserName, Login1.Password)

    End Sub
End Class

Open in new window

0
 
LVL 41

Expert Comment

by:guru_sami
ID: 34088382
what kind of project is that? WebApplication or WebSite?
do this...go to designer, select your LoginControl, in properties, go to it's Events list and double click OnAuthenticate.
See if that changes anything.

Also I would like to point out:
1: "SomeDomain" should be replace with appropriate value for your case. e.g. it could be the domain you use when you login in your window machine in your network.
2: set _path = "You Ldap connectionstring" before you call IsAuthenticated method
0
 
LVL 9

Author Comment

by:TonyReba
ID: 34088448
I am sorry for my ignorance,,what is the difference between ? WebApplication or WebSite?

I beliveve is an intranet web site?

I dont see the OnAuthenticate event  only Logging_In

this lines seems to be the conflict,,,
<%@ Page Language="VB" AutoEventWireup="false" CodeFile="Default.aspx.vb" Inherits="_Default" %>
0
 
LVL 41

Expert Comment

by:guru_sami
ID: 34088514
sorry should be "Authenticate" and the is no reason for it to not appear..it has to...so may be you are not seeing it in the right place.
Ssomething like this listing:
http://www.aspnettutorials.com/images/controls/HowtoAddErrorstoLoginASP4-CSharp/ss1.jpg

To see if it is a Web App of Website... check the icon of your application in VS Solution Explorer.
It is just "Globe+Document" or "Globe+vb" or you can check your physical folder to see if the is a file .vb.proj

0
 
LVL 9

Author Comment

by:TonyReba
ID: 34088731
HI guru sammi , it is working now. Thanks this is very valuable
0
 
LVL 9

Author Closing Comment

by:TonyReba
ID: 34088736
great stuff
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question