Link to home
Start Free TrialLog in
Avatar of DanRaposo
DanRaposoFlag for United States of America

asked on

authenticating IIS users via a Lotus Domino Server

Our customers have access to several Domino web apps.  We wish to give them access to an IIS web app, is it possible for IIS to authenticate against Domino accounts (the Domino Server is a LDAP server).  The authentication would not be to access the Domino apps but to access the IIS app.  We'd like to maintain one set of accounts

Thanks
ASKER CERTIFIED SOLUTION
Avatar of Shalom Carmel
Shalom Carmel
Flag of Israel image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of DanRaposo

ASKER

IIS 6.0 Windows Server 2003

No need for SSO.

 I have two different LDAP-enabled Domino servers (one for employees and one for customers).  We'd like users from either server to be able to logon to the .ASP-driven web site.  We don't care if  authentication is done by IIS or by .ASP

(we have many Domino web apps used by employees/customers - just this one app that was developed in .ASP (the javascript flavor, which I will change to VB if needed).

I think it ASP.net - when I open the ASP.NET tab when looking at the app folder under IIS Manager, it shows ASP.NET version 1.1.4322

(my background is apache/php/etc so I'm not sure if I have given you what you need - let me know)

Thanks!
Here is a step by step guide to develop your own LDAP based ASP login.

http://www.aspfree.com/c/a/asp/performing-web-authentication-and-administration-with-ldap/


The tricky part is to supply the base DN and to select the unique field for the search.

Use a LDAP browser like the one from Softerra to learn how your domino LDAP looks from outside.

It's been a while since I worked with domino LDAP, but I can assure you that what you want is completely feasible
Thanks for looking at this shalomc,

I was actually wondering if it is doable without additional software (such as aspfree in your exampe) being installed on the IIS box.  I am hoping to use "out of the box" ASP/IIS stuff such as:

Set conn = Server.CreateObject("ADODB.Connection")
conn.Provider = "ADSDSOObject"
conn.Open "ADs Provider"
Set rs = conn.Execute("LDAP://someserver.com:389/CN=SOME%20GROUP;(objectClass=*);ADsPath,objectClass,cn;subtree")

Any thoughts on this approach?

Thanks
I don't have verified code, but see if these gives you a direction. They look about right :)

You will be using System.DirectoryServices .

http://social.msdn.microsoft.com/forums/en-US/vbgeneral/thread/06d43447-f57c-44ef-b38f-195658dd5d01


http://www.vbforums.com/showthread.php?427554-Resolved-LDAP-Authentication-using-Vb.Net