Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Internet Active Directory Credentials

Posted on 2011-09-10
10
425 Views
Last Modified: 2013-12-14
I run Active Directory for my users. The users do not want to log in to a separate web site that requires authentication. Is there a way for the asp.net application when a user access it to call the credentials from microsoft and send them to the IIS server to be verified? Is there another way to do this?

Current environment, offsite server with application that needs credentials. Onsite users that login with onsite Active Directory Server.
0
Comment
Question by:sam1492
10 Comments
 
LVL 28

Expert Comment

by:sammySeltzer
ID: 36519668
Is this an intranet or internet?

If intranet, all you would need to are 2 things.

1, In IIS, use windows Integrated security, then
2, in iis, use impersonation and set it to true.

<impersonation = True>

and this will solve it. This of course will only work if you are running your app on intranet.

0
 
LVL 28

Expert Comment

by:sammySeltzer
ID: 36519695
I meant to say:

<identity impersonate="true"/>

I am sure you would have figured that out.
0
 

Author Comment

by:sam1492
ID: 36519972
It runs on internet. Is there a solution for that?
0
Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

 
LVL 28

Expert Comment

by:sammySeltzer
ID: 36520322
Only solution I can think of is to use session variables.

This way, the user's identity is persitent across pages.
0
 
LVL 7

Accepted Solution

by:
Hecatonchires earned 250 total points
ID: 36520926
If the server is running somewhere on the internet, outside your domain (area of control) then no, you can't use local IIS settings to authenticate against it. It might be possible to set up a VPN to bring this service inside your network, but even then you would not be in control of the server or its configuration.

That said, if the site uses cookies and you allow them, you might be able to choose save password in the browser.
0
 

Author Comment

by:sam1492
ID: 36520981
The link below states that I can do it. Am I not understanding this? Please advise.

http://blog.evonet.com.au/post/Using-Active-Directory-to-authenticate-users-to-your-ASPNET-Web-Site.aspx

0
 

Author Comment

by:sam1492
ID: 36520987
Also what about:

To configure a .NET Web Service to use Windows authentication, perform the following steps:
In the web.config file for the Web Service, set the authentication mode to Windows for IIS and ASP.NET as follows:

<authentication mode="Windows" />

This setting is usually the default.

Add the statement needed for the Web Services client to pass to the proxy Web Service object so that the credentials are sent through SOAP.

For example, if you have a Web Service client for a Web Service that is represented by the proxy object conv, the syntax is as follows:

/*
* Explicitly pass credentials to the Web Service
*/
conv.Credentials =
System.Net.CredentialCache.DefaultCredentials;

Will this not pull the credentials from a users PC and allow them to validated against AD?
0
 
LVL 28

Assisted Solution

by:sammySeltzer
sammySeltzer earned 250 total points
ID: 36522381
There isn't anything in that link that suggests you can do it *OUTSIDE* of your company's firewall.

It will be considered unforgivable security hole to allow your external website access to your company's AD.

Your best bet is use session variables.
0
 
LVL 143

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 37225223
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is a step by step guide on how to create a basic PTP link using Ubiquiti airOS devices. This guide can be used on the following Ubiquiti AirMAX devices. Nanostation, Bullets, AirBridge, Nanobeam, NanoBridge to name a few. Please review …
This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question