Solved

Internet Active Directory Credentials

Posted on 2011-09-10
10
411 Views
Last Modified: 2013-12-14
I run Active Directory for my users. The users do not want to log in to a separate web site that requires authentication. Is there a way for the asp.net application when a user access it to call the credentials from microsoft and send them to the IIS server to be verified? Is there another way to do this?

Current environment, offsite server with application that needs credentials. Onsite users that login with onsite Active Directory Server.
0
Comment
Question by:sam1492
10 Comments
 
LVL 28

Expert Comment

by:sammySeltzer
Comment Utility
Is this an intranet or internet?

If intranet, all you would need to are 2 things.

1, In IIS, use windows Integrated security, then
2, in iis, use impersonation and set it to true.

<impersonation = True>

and this will solve it. This of course will only work if you are running your app on intranet.

0
 
LVL 28

Expert Comment

by:sammySeltzer
Comment Utility
I meant to say:

<identity impersonate="true"/>

I am sure you would have figured that out.
0
 

Author Comment

by:sam1492
Comment Utility
It runs on internet. Is there a solution for that?
0
 
LVL 28

Expert Comment

by:sammySeltzer
Comment Utility
Only solution I can think of is to use session variables.

This way, the user's identity is persitent across pages.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 7

Accepted Solution

by:
Hecatonchires earned 250 total points
Comment Utility
If the server is running somewhere on the internet, outside your domain (area of control) then no, you can't use local IIS settings to authenticate against it. It might be possible to set up a VPN to bring this service inside your network, but even then you would not be in control of the server or its configuration.

That said, if the site uses cookies and you allow them, you might be able to choose save password in the browser.
0
 

Author Comment

by:sam1492
Comment Utility
The link below states that I can do it. Am I not understanding this? Please advise.

http://blog.evonet.com.au/post/Using-Active-Directory-to-authenticate-users-to-your-ASPNET-Web-Site.aspx

0
 

Author Comment

by:sam1492
Comment Utility
Also what about:

To configure a .NET Web Service to use Windows authentication, perform the following steps:
In the web.config file for the Web Service, set the authentication mode to Windows for IIS and ASP.NET as follows:

<authentication mode="Windows" />

This setting is usually the default.

Add the statement needed for the Web Services client to pass to the proxy Web Service object so that the credentials are sent through SOAP.

For example, if you have a Web Service client for a Web Service that is represented by the proxy object conv, the syntax is as follows:

/*
* Explicitly pass credentials to the Web Service
*/
conv.Credentials =
System.Net.CredentialCache.DefaultCredentials;

Will this not pull the credentials from a users PC and allow them to validated against AD?
0
 
LVL 28

Assisted Solution

by:sammySeltzer
sammySeltzer earned 250 total points
Comment Utility
There isn't anything in that link that suggests you can do it *OUTSIDE* of your company's firewall.

It will be considered unforgivable security hole to allow your external website access to your company's AD.

Your best bet is use session variables.
0
 
LVL 142

Expert Comment

by:Guy Hengel [angelIII / a3]
Comment Utility
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Multi-source agreements are important because they set standards that all manufacturers should follow to ensure that devices are compatible with multiple vendors. The multi-source agreement (MSA) is an agreement that establishes how multiple vendors…
Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now