Solved

Internet Active Directory Credentials

Posted on 2011-09-10
10
431 Views
Last Modified: 2013-12-14
I run Active Directory for my users. The users do not want to log in to a separate web site that requires authentication. Is there a way for the asp.net application when a user access it to call the credentials from microsoft and send them to the IIS server to be verified? Is there another way to do this?

Current environment, offsite server with application that needs credentials. Onsite users that login with onsite Active Directory Server.
0
Comment
Question by:sam1492
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 28

Expert Comment

by:sammySeltzer
ID: 36519668
Is this an intranet or internet?

If intranet, all you would need to are 2 things.

1, In IIS, use windows Integrated security, then
2, in iis, use impersonation and set it to true.

<impersonation = True>

and this will solve it. This of course will only work if you are running your app on intranet.

0
 
LVL 28

Expert Comment

by:sammySeltzer
ID: 36519695
I meant to say:

<identity impersonate="true"/>

I am sure you would have figured that out.
0
 

Author Comment

by:sam1492
ID: 36519972
It runs on internet. Is there a solution for that?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 28

Expert Comment

by:sammySeltzer
ID: 36520322
Only solution I can think of is to use session variables.

This way, the user's identity is persitent across pages.
0
 
LVL 7

Accepted Solution

by:
Hecatonchires earned 250 total points
ID: 36520926
If the server is running somewhere on the internet, outside your domain (area of control) then no, you can't use local IIS settings to authenticate against it. It might be possible to set up a VPN to bring this service inside your network, but even then you would not be in control of the server or its configuration.

That said, if the site uses cookies and you allow them, you might be able to choose save password in the browser.
0
 

Author Comment

by:sam1492
ID: 36520981
The link below states that I can do it. Am I not understanding this? Please advise.

http://blog.evonet.com.au/post/Using-Active-Directory-to-authenticate-users-to-your-ASPNET-Web-Site.aspx

0
 

Author Comment

by:sam1492
ID: 36520987
Also what about:

To configure a .NET Web Service to use Windows authentication, perform the following steps:
In the web.config file for the Web Service, set the authentication mode to Windows for IIS and ASP.NET as follows:

<authentication mode="Windows" />

This setting is usually the default.

Add the statement needed for the Web Services client to pass to the proxy Web Service object so that the credentials are sent through SOAP.

For example, if you have a Web Service client for a Web Service that is represented by the proxy object conv, the syntax is as follows:

/*
* Explicitly pass credentials to the Web Service
*/
conv.Credentials =
System.Net.CredentialCache.DefaultCredentials;

Will this not pull the credentials from a users PC and allow them to validated against AD?
0
 
LVL 28

Assisted Solution

by:sammySeltzer
sammySeltzer earned 250 total points
ID: 36522381
There isn't anything in that link that suggests you can do it *OUTSIDE* of your company's firewall.

It will be considered unforgivable security hole to allow your external website access to your company's AD.

Your best bet is use session variables.
0
 
LVL 143

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 37225223
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is a step by step guide on how to create a basic PTP link using Ubiquiti airOS devices. This guide can be used on the following Ubiquiti AirMAX devices. Nanostation, Bullets, AirBridge, Nanobeam, NanoBridge to name a few. Please review …
Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question