Internet Active Directory Credentials

I run Active Directory for my users. The users do not want to log in to a separate web site that requires authentication. Is there a way for the asp.net application when a user access it to call the credentials from microsoft and send them to the IIS server to be verified? Is there another way to do this?

Current environment, offsite server with application that needs credentials. Onsite users that login with onsite Active Directory Server.
sam1492Asked:
Who is Participating?
 
HecatonchiresConnect With a Mentor Commented:
If the server is running somewhere on the internet, outside your domain (area of control) then no, you can't use local IIS settings to authenticate against it. It might be possible to set up a VPN to bring this service inside your network, but even then you would not be in control of the server or its configuration.

That said, if the site uses cookies and you allow them, you might be able to choose save password in the browser.
0
 
sammySeltzerCommented:
Is this an intranet or internet?

If intranet, all you would need to are 2 things.

1, In IIS, use windows Integrated security, then
2, in iis, use impersonation and set it to true.

<impersonation = True>

and this will solve it. This of course will only work if you are running your app on intranet.

0
 
sammySeltzerCommented:
I meant to say:

<identity impersonate="true"/>

I am sure you would have figured that out.
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
sam1492Author Commented:
It runs on internet. Is there a solution for that?
0
 
sammySeltzerCommented:
Only solution I can think of is to use session variables.

This way, the user's identity is persitent across pages.
0
 
sam1492Author Commented:
The link below states that I can do it. Am I not understanding this? Please advise.

http://blog.evonet.com.au/post/Using-Active-Directory-to-authenticate-users-to-your-ASPNET-Web-Site.aspx

0
 
sam1492Author Commented:
Also what about:

To configure a .NET Web Service to use Windows authentication, perform the following steps:
In the web.config file for the Web Service, set the authentication mode to Windows for IIS and ASP.NET as follows:

<authentication mode="Windows" />

This setting is usually the default.

Add the statement needed for the Web Services client to pass to the proxy Web Service object so that the credentials are sent through SOAP.

For example, if you have a Web Service client for a Web Service that is represented by the proxy object conv, the syntax is as follows:

/*
* Explicitly pass credentials to the Web Service
*/
conv.Credentials =
System.Net.CredentialCache.DefaultCredentials;

Will this not pull the credentials from a users PC and allow them to validated against AD?
0
 
sammySeltzerConnect With a Mentor Commented:
There isn't anything in that link that suggests you can do it *OUTSIDE* of your company's firewall.

It will be considered unforgivable security hole to allow your external website access to your company's AD.

Your best bet is use session variables.
0
 
Guy Hengel [angelIII / a3]Billing EngineerCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
All Courses

From novice to tech pro — start learning today.