Solved

Can I validate an Active Directory userid/password using T-SQL?

Posted on 2011-09-06
5
494 Views
Last Modified: 2012-05-12
I have a stored procedure that validates userid/password against an (encrpyted) SQL Server table.

I would like to be able to extend the stored procedure to determine whether the userid/password is valid to ActiveDirectory.

I have added an LDAP linked server and can read it with an OPENQUERY, but I don't know how to check the password or whether this is possible.

I assume the other alternative is a CLR assembly linked to SQL Server, but I am wondering about the T-SQL approach.

Can it be done?
0
Comment
Question by:AIBMass
  • 3
5 Comments
 
LVL 82

Expert Comment

by:leakim971
ID: 36491687
0
 

Author Comment

by:AIBMass
ID: 36491799
Interesting links, but they are about replicating AD info in SQL Server.

I don't want to do that; I just want to query AD.

In VB, I can use some the .NET System.DirectoryServices objects, but I'm wondering if there is a T-SQL equivalent.

Thanks for the ideas.
0
 
LVL 39

Expert Comment

by:appari
ID: 36500673
0
 

Accepted Solution

by:
AIBMass earned 0 total points
ID: 36502404
I believe that you have to use CLR assemblies, of which there are many different approaches.

The AD password is not readable from AD.
0
 

Author Closing Comment

by:AIBMass
ID: 36527874
I have chosen my own answer, because everyone else points the way to CLR approaches. Read these links and search for others, but it appears you have to use the CLR.
0

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now