Solved

ASP - LDAP Authentication

Posted on 2011-03-04
3
1,022 Views
Last Modified: 2012-05-11
Hi,

i am trying to Authenticate user using LDAP on win2003 from my ASP application.
i always get result as "Failed" when ever i run this code even for existing users.
please correct my code where ever .

ASP -> legacy

FYI, i have another code which works fine and retrieves UserName - Emai l- Phonenumber  when Passed userID
for the same LDAP://Domain
function AuthenticateUser(UserName, Password, Domain)
dim strUser
' assume failure
AuthenticateUser = false

strUser = UserName
strPassword = Password
'response.write(UserName&"---"&Password)
strQuery = "SELECT cn FROM 'LDAP://" & Domain & "' WHERE objectClass='*' "
set oConn = server.CreateObject("ADODB.Connection")
oConn.Provider = "ADsDSOOBJECT"
oConn.Properties("User ID") = strUser
oConn.Properties("Password") = strPassword
oConn.Properties("Encrypt Password") = true
oConn.open "DS Query", strUser, strPassword

set cmd = server.CreateObject("ADODB.Command")
set cmd.ActiveConnection = oConn
cmd.CommandText = strQuery
on error resume next
set oRS = cmd.Execute
if oRS.bof or oRS.eof then
AuthenticateUser = false
else
AuthenticateUser = true
end if
set oRS = nothing
set oConn = nothing

end function

Open in new window

0
Comment
Question by:kishan66
  • 2
3 Comments
 
LVL 4

Assisted Solution

by:Tuyau2poil
Tuyau2poil earned 500 total points
ID: 35056716
may be missing domain in :
oConn.Properties("User ID") = strUser
must be oConn.Properties("User ID") = domain & "\" & strUser
can you try it and post result ?
 
0
 

Author Comment

by:kishan66
ID: 35057068
Hi Tuyau2poil,
Thank you for showing up.

i changed it to domain\strUser ... still the same error.
 
when i used "LDAP:\\Mydomain"  in some other program to retrieve the user's Email & phone number it worked fine.

dont i have to use any Bind? ..
i would really apprecite ur help

-----below is the sample  code that works in different scenario.-----------

sample code which tells i can talk to my LDAP server(Not the problem code but other code which is working to get Email-Phone for a specific User)

strBase = "<LDAP://mydomain>"
	strFilter = "(sAMAccountName=" & strUID & ")" 
	strAttributes = "cn, mail, company, givenName, sn, ADsPath, name, sAMAccountName, telephoneNumber"
	'strAttributes = "cn, company, givenName, sn, ADsPath, name, sAMAccountName, telephoneNumber"
	strScope = "subtree"	
	strFullCommand = strBase & ";" & strFilter & ";" & strAttributes & ";" & strScope
	set rsADUserInfo = Server.CreateObject("ADODB.Recordset")
	set	rsADUserInfo = connAD.Execute(strFullCommand)

Open in new window

0
 
LVL 4

Accepted Solution

by:
Tuyau2poil earned 500 total points
ID: 35058782
Try this two functions : first just test if user exist, second test user authentication (same as your but rewrited).

note : Domain must be in LDAP notation : "dc=MyDOMAIN,dc=Local"
you can try with netbios name but I don't think it work.


1- this function return true if user exist :

Function testUserExist(strUser,Domain)
 
  dim oConn, Cmd, objRecordSet
 
   
  if strUser = "" then testUserExist = false: exit function
 
  Set oConn = CreateObject("ADODB.Connection")
  Set Cmd = CreateObject("ADODB.Command")
 
  oConn.Provider = "ADsDSOObject"
  oConn.Open "Active Directory Provider"
 
  Set Cmd.ActiveConnection = oConn
 
  Cmd.Properties("Searchscope") = 2 'full AD Search
 
 'Find some user's property
  Cmd.CommandText = "SELECT ADSPath, givenName, sn, homeDirectory FROM 'LDAP://" & Domain & "' WHERE objectCategory='user' AND Name='" & strUser & "*'"
  Set objRecordSet = Cmd.Execute

  if objRecordSet.BOF and objRecordSet.EOF then
   testUserExist = False
  else
  testUserExist = True
  end if

end function




2- validating user authentication : (return 0 if OK, any other value if not OK)

function authenticateUser(username,password,domain)
    dim oConn
    dim Cmd
    dim objRecordSet
 

    on error resume next
   
    Set oConn = Server.CreateObject("ADODB.Connection")
 
    oConn.provider ="ADsDSOObject"
    oConn.properties("user id")=username
    oConn.properties("password")=password
    oConn.open "Active Directory Provider"
    Set Cmd = CreateObject("ADODB.Command")
    Set Cmd.ActiveConnection = oConn
 
    Cmd.CommandText = "select sn from 'LDAP://" & domain & "' WHERE objectCategory='user' "
    Set objRecordSet = Cmd.Execute
 
    authenticateUser=err
 
    objRecordSet.close
    oConn.close
 
    set objRecordSet=nothing
    set Cmd=nothing
    set oConn=nothing
end function

hope this will help
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

I have helped a lot of people on EE with their coding sources and have enjoyed near about every minute of it. Sometimes it can get a little tedious but it is always a challenge and the one thing that I always say is:  The Exchange of information …
Have you ever needed to get an ASP script to wait for a while? I have, just to let something else happen. Or in my case, to allow other stuff to happen while I was murdering my MySQL database with an update. The Original Issue This was written…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now