Solved

Can I validate an Active Directory userid/password using T-SQL?

Posted on 2011-09-06
5
544 Views
Last Modified: 2012-05-12
I have a stored procedure that validates userid/password against an (encrpyted) SQL Server table.

I would like to be able to extend the stored procedure to determine whether the userid/password is valid to ActiveDirectory.

I have added an LDAP linked server and can read it with an OPENQUERY, but I don't know how to check the password or whether this is possible.

I assume the other alternative is a CLR assembly linked to SQL Server, but I am wondering about the T-SQL approach.

Can it be done?
0
Comment
Question by:AIBMass
  • 3
5 Comments
 
LVL 82

Expert Comment

by:leakim971
ID: 36491687
0
 

Author Comment

by:AIBMass
ID: 36491799
Interesting links, but they are about replicating AD info in SQL Server.

I don't want to do that; I just want to query AD.

In VB, I can use some the .NET System.DirectoryServices objects, but I'm wondering if there is a T-SQL equivalent.

Thanks for the ideas.
0
 
LVL 39

Expert Comment

by:appari
ID: 36500673
0
 

Accepted Solution

by:
AIBMass earned 0 total points
ID: 36502404
I believe that you have to use CLR assemblies, of which there are many different approaches.

The AD password is not readable from AD.
0
 

Author Closing Comment

by:AIBMass
ID: 36527874
I have chosen my own answer, because everyone else points the way to CLR approaches. Read these links and search for others, but it appears you have to use the CLR.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
AD and Exchnage 2010 Photos 3 44
Having difficulty adding an additional domain controller 11 38
Raising Forest Functional Level 9 38
Domain Administrator locked out "Again" 7 61
This article explains how to reset the password of the sa account on a Microsoft SQL Server.  The steps in this article work in SQL 2005, 2008, 2008 R2, 2012, 2014 and 2016.
In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question