ASP - LDAP Authentication

Posted on 2011-03-04
Last Modified: 2012-05-11

i am trying to Authenticate user using LDAP on win2003 from my ASP application.
i always get result as "Failed" when ever i run this code even for existing users.
please correct my code where ever .

ASP -> legacy

FYI, i have another code which works fine and retrieves UserName - Emai l- Phonenumber  when Passed userID
for the same LDAP://Domain
function AuthenticateUser(UserName, Password, Domain)
dim strUser
' assume failure
AuthenticateUser = false

strUser = UserName
strPassword = Password
strQuery = "SELECT cn FROM 'LDAP://" & Domain & "' WHERE objectClass='*' "
set oConn = server.CreateObject("ADODB.Connection")
oConn.Provider = "ADsDSOOBJECT"
oConn.Properties("User ID") = strUser
oConn.Properties("Password") = strPassword
oConn.Properties("Encrypt Password") = true "DS Query", strUser, strPassword

set cmd = server.CreateObject("ADODB.Command")
set cmd.ActiveConnection = oConn
cmd.CommandText = strQuery
on error resume next
set oRS = cmd.Execute
if oRS.bof or oRS.eof then
AuthenticateUser = false
AuthenticateUser = true
end if
set oRS = nothing
set oConn = nothing

end function

Open in new window

Question by:kishan66
  • 2

Assisted Solution

Tuyau2poil earned 500 total points
ID: 35056716
may be missing domain in :
oConn.Properties("User ID") = strUser
must be oConn.Properties("User ID") = domain & "\" & strUser
can you try it and post result ?

Author Comment

ID: 35057068
Hi Tuyau2poil,
Thank you for showing up.

i changed it to domain\strUser ... still the same error.
when i used "LDAP:\\Mydomain"  in some other program to retrieve the user's Email & phone number it worked fine.

dont i have to use any Bind? ..
i would really apprecite ur help

-----below is the sample  code that works in different scenario.-----------

sample code which tells i can talk to my LDAP server(Not the problem code but other code which is working to get Email-Phone for a specific User)

strBase = "<LDAP://mydomain>"
	strFilter = "(sAMAccountName=" & strUID & ")" 
	strAttributes = "cn, mail, company, givenName, sn, ADsPath, name, sAMAccountName, telephoneNumber"
	'strAttributes = "cn, company, givenName, sn, ADsPath, name, sAMAccountName, telephoneNumber"
	strScope = "subtree"	
	strFullCommand = strBase & ";" & strFilter & ";" & strAttributes & ";" & strScope
	set rsADUserInfo = Server.CreateObject("ADODB.Recordset")
	set	rsADUserInfo = connAD.Execute(strFullCommand)

Open in new window


Accepted Solution

Tuyau2poil earned 500 total points
ID: 35058782
Try this two functions : first just test if user exist, second test user authentication (same as your but rewrited).

note : Domain must be in LDAP notation : "dc=MyDOMAIN,dc=Local"
you can try with netbios name but I don't think it work.

1- this function return true if user exist :

Function testUserExist(strUser,Domain)
  dim oConn, Cmd, objRecordSet
  if strUser = "" then testUserExist = false: exit function
  Set oConn = CreateObject("ADODB.Connection")
  Set Cmd = CreateObject("ADODB.Command")
  oConn.Provider = "ADsDSOObject"
  oConn.Open "Active Directory Provider"
  Set Cmd.ActiveConnection = oConn
  Cmd.Properties("Searchscope") = 2 'full AD Search
 'Find some user's property
  Cmd.CommandText = "SELECT ADSPath, givenName, sn, homeDirectory FROM 'LDAP://" & Domain & "' WHERE objectCategory='user' AND Name='" & strUser & "*'"
  Set objRecordSet = Cmd.Execute

  if objRecordSet.BOF and objRecordSet.EOF then
   testUserExist = False
  testUserExist = True
  end if

end function

2- validating user authentication : (return 0 if OK, any other value if not OK)

function authenticateUser(username,password,domain)
    dim oConn
    dim Cmd
    dim objRecordSet

    on error resume next
    Set oConn = Server.CreateObject("ADODB.Connection")
    oConn.provider ="ADsDSOObject""user id")=username"password")=password "Active Directory Provider"
    Set Cmd = CreateObject("ADODB.Command")
    Set Cmd.ActiveConnection = oConn
    Cmd.CommandText = "select sn from 'LDAP://" & domain & "' WHERE objectCategory='user' "
    Set objRecordSet = Cmd.Execute
    set objRecordSet=nothing
    set Cmd=nothing
    set oConn=nothing
end function

hope this will help

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

I have helped a lot of people on EE with their coding sources and have enjoyed near about every minute of it. Sometimes it can get a little tedious but it is always a challenge and the one thing that I always say is:  The Exchange of information …
Have you ever needed to get an ASP script to wait for a while? I have, just to let something else happen. Or in my case, to allow other stuff to happen while I was murdering my MySQL database with an update. The Original Issue This was written…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now