Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Internet Active Directory Credentials

Posted on 2011-09-10
10
Medium Priority
?
448 Views
Last Modified: 2013-12-14
I run Active Directory for my users. The users do not want to log in to a separate web site that requires authentication. Is there a way for the asp.net application when a user access it to call the credentials from microsoft and send them to the IIS server to be verified? Is there another way to do this?

Current environment, offsite server with application that needs credentials. Onsite users that login with onsite Active Directory Server.
0
Comment
Question by:sam1492
9 Comments
 
LVL 29

Expert Comment

by:sammySeltzer
ID: 36519668
Is this an intranet or internet?

If intranet, all you would need to are 2 things.

1, In IIS, use windows Integrated security, then
2, in iis, use impersonation and set it to true.

<impersonation = True>

and this will solve it. This of course will only work if you are running your app on intranet.

0
 
LVL 29

Expert Comment

by:sammySeltzer
ID: 36519695
I meant to say:

<identity impersonate="true"/>

I am sure you would have figured that out.
0
 

Author Comment

by:sam1492
ID: 36519972
It runs on internet. Is there a solution for that?
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 29

Expert Comment

by:sammySeltzer
ID: 36520322
Only solution I can think of is to use session variables.

This way, the user's identity is persitent across pages.
0
 
LVL 7

Accepted Solution

by:
Hecatonchires earned 1000 total points
ID: 36520926
If the server is running somewhere on the internet, outside your domain (area of control) then no, you can't use local IIS settings to authenticate against it. It might be possible to set up a VPN to bring this service inside your network, but even then you would not be in control of the server or its configuration.

That said, if the site uses cookies and you allow them, you might be able to choose save password in the browser.
0
 

Author Comment

by:sam1492
ID: 36520981
The link below states that I can do it. Am I not understanding this? Please advise.

http://blog.evonet.com.au/post/Using-Active-Directory-to-authenticate-users-to-your-ASPNET-Web-Site.aspx

0
 

Author Comment

by:sam1492
ID: 36520987
Also what about:

To configure a .NET Web Service to use Windows authentication, perform the following steps:
In the web.config file for the Web Service, set the authentication mode to Windows for IIS and ASP.NET as follows:

<authentication mode="Windows" />

This setting is usually the default.

Add the statement needed for the Web Services client to pass to the proxy Web Service object so that the credentials are sent through SOAP.

For example, if you have a Web Service client for a Web Service that is represented by the proxy object conv, the syntax is as follows:

/*
* Explicitly pass credentials to the Web Service
*/
conv.Credentials =
System.Net.CredentialCache.DefaultCredentials;

Will this not pull the credentials from a users PC and allow them to validated against AD?
0
 
LVL 29

Assisted Solution

by:sammySeltzer
sammySeltzer earned 1000 total points
ID: 36522381
There isn't anything in that link that suggests you can do it *OUTSIDE* of your company's firewall.

It will be considered unforgivable security hole to allow your external website access to your company's AD.

Your best bet is use session variables.
0
 
LVL 143

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 37225223
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question