Windows Authentication through Active Directory

[Hriday]

Hi there, Please help me..It is urgent


This is Hriday, working on windows authentication with
Active Directory...
My requirment is when a user sends a request to my web
Applicatoin I want to Pop up windows Authentication box so
that user will give his userId, Password & domain name for
authenticaion. After that I want to take these three info
of user and make a search in Active Directory.

I am able to display Win Authentication Pop up by using
Authentication mode="Windows" and in Authrization tag,
deny user="?" and setting Win Integrated authentication in
IIS.

But I am not able to take user's info from Win
Authenication Pop-up Windows..as I used server variable
AUTH_USER and got userId. but when I use AUTH_PASSWORD I
am getting null value...

Can some one tell me how to get password and domain fields
value form Windows Authenticaion Box....

If this is not posible ... how can I make a search without
password and domain..in Active directory ....

I copy my code for retrieving user info form Active
Directory. Please help me..It is urgent.



Public Sub GetUserDetails(ByVal domain As String, ByVal
username As String, ByVal pwd As String)
Dim domainAndUsername As [String] = domain & "\" &
username

Private path As String
= "LDAP://AD/DC=AD,DC=SOLVERSA,DC=COM"
Dim entry As New DirectoryEntry(path,
domainAndUsername, pwd)



Try
'Bind to the native AdsObject to force
authentication.
Dim obj As Object = entry.NativeObject

Dim search As New DirectorySearcher(entry)

search.Filter = "(SAMAccountName=" & username
& ")"
search.PropertiesToLoad.Add("cn")
Dim result As SearchResult = search.FindOne()

'Update the new path to the user in the
directory.
path = result.Path
filterAttribute = CType(result.Properties("cn")
(0), String)
fullname = CType(result.Properties("cn")(0),
String)
search.PropertiesToLoad.Add("mail")
Dim resultemail As SearchResult =
search.FindOne()
email = CType(resultemail.Properties("mail")
(0), String)

search.PropertiesToLoad.Add("MemberOf")
Dim resultgp As SearchResult = search.FindOne()
groupName = CType(resultgp.Properties
("MemberOf")(0), String)

Catch ex As Exception
'Throw New Exception("Error obtaining user
details. " + ex.Message)
End Try

End Sub 'GetUserDetails

 

[Cor Ligthert]

Hi Hriday,

I use "IsInRole" to find these pages on MSDN, can you use this as a start
place to check if this can help you?

Cor

 

[Paul Clement]

¤ Hi there, Please help me..It is urgent
¤
¤
¤ This is Hriday, working on windows authentication with
¤ Active Directory...
¤ My requirment is when a user sends a request to my web
¤ Applicatoin I want to Pop up windows Authentication box so
¤ that user will give his userId, Password & domain name for
¤ authenticaion. After that I want to take these three info
¤ of user and make a search in Active Directory.
¤
¤ I am able to display Win Authentication Pop up by using
¤ Authentication mode="Windows" and in Authrization tag,
¤ deny user="?" and setting Win Integrated authentication in
¤ IIS.
¤
¤ But I am not able to take user's info from Win
¤ Authenication Pop-up Windows..as I used server variable
¤ AUTH_USER and got userId. but when I use AUTH_PASSWORD I
¤ am getting null value...

You cannot obtain the password from the login dialog when using integrated Windows based
authentication.

If you want to capture the user ID and password you will have to use Forms based authentication:

http://samples.gotdotnet.com/quicks...px?url=/quickstart/aspplus/doc/formsauth.aspx


Paul ~~~ (e-mail address removed)
Microsoft MVP (Visual Basic)

 

[Hriday]

-----Original Message-----

¤ Hi there, Please help me..It is urgent
¤
¤
¤ This is Hriday, working on windows authentication with
¤ Active Directory...
¤ My requirment is when a user sends a request to my web
¤ Applicatoin I want to Pop up windows Authentication box so
¤ that user will give his userId, Password & domain name for
¤ authenticaion. After that I want to take these three info
¤ of user and make a search in Active Directory.
¤
¤ I am able to display Win Authentication Pop up by using
¤ Authentication mode="Windows" and in Authrization tag,
¤ deny user="?" and setting Win Integrated authentication in
¤ IIS.
¤
¤ But I am not able to take user's info from Win
¤ Authenication Pop-up Windows..as I used server variable
¤ AUTH_USER and got userId. but when I use AUTH_PASSWORD

I

¤ am getting null value...

You cannot obtain the password from the login dialog when using integrated Windows based
authentication.

If you want to capture the user ID and password you will

have to use Forms based authentication:

http://samples.gotdotnet.com/quickstart/aspplus/default.as px?url=/quickstart/aspplus/doc/formsauth.aspx


Paul ~~~ (e-mail address removed)
Microsoft MVP (Visual Basic)
.

Thanks Paul for your cooperation,

But My requirment is to use Windows Authentication and
make a search in Active directory and get user's
information. For that I think I don't need user's
Password. Only with UserId I should be able to make a
search in Active Directory. Even I am able to do this when
my Web Application is on Active Directory's IIS. But I
have to make a search in such a senario that both Active
Directory and IIS are located on different phisical
machine. In this senario when I search using only Path and
user name...It raises an exception called
System.Runtime.InteropServices.COMException

I have search in msdn but did not get solution....

Please help me in this senario...

Thanks in adavance..
Hriday.

 

[Cor Ligthert]

Funny I see I did not paste the link in.
http://msdn.microsoft.com/library/d...incipalwindowsprincipalclassisinroletopic.asp

Cor

I use "IsInRole" to find these pages on MSDN, can you use this as a start
place to check if this can help you?

Cor

This is Hriday, working on windows authentication with
Active Directory...
My requirment is when a user sends a request to my web
Applicatoin I want to Pop up windows Authentication box so
that user will give his userId, Password & domain name for
authenticaion. After that I want to take these three info
of user and make a search in Active Directory.

I am able to display Win Authentication Pop up by using
Authentication mode="Windows" and in Authrization tag,
deny user="?" and setting Win Integrated authentication in
IIS.

But I am not able to take user's info from Win
Authenication Pop-up Windows..as I used server variable
AUTH_USER and got userId. but when I use AUTH_PASSWORD I
am getting null value...

Can some one tell me how to get password and domain fields
value form Windows Authenticaion Box....

If this is not posible ... how can I make a search without
password and domain..in Active directory ....

I copy my code for retrieving user info form Active
Directory. Please help me..It is urgent.



Public Sub GetUserDetails(ByVal domain As String, ByVal
username As String, ByVal pwd As String)
Dim domainAndUsername As [String] = domain & "\" &
username

Private path As String
= "LDAP://AD/DC=AD,DC=SOLVERSA,DC=COM"
Dim entry As New DirectoryEntry(path,
domainAndUsername, pwd)



Try
'Bind to the native AdsObject to force
authentication.
Dim obj As Object = entry.NativeObject

Dim search As New DirectorySearcher(entry)

search.Filter = "(SAMAccountName=" & username
& ")"
search.PropertiesToLoad.Add("cn")
Dim result As SearchResult = search.FindOne()

'Update the new path to the user in the
directory.
path = result.Path
filterAttribute = CType(result.Properties("cn")
(0), String)
fullname = CType(result.Properties("cn")(0),
String)
search.PropertiesToLoad.Add("mail")
Dim resultemail As SearchResult =
search.FindOne()
email = CType(resultemail.Properties("mail")
(0), String)

search.PropertiesToLoad.Add("MemberOf")
Dim resultgp As SearchResult = search.FindOne()
groupName = CType(resultgp.Properties
("MemberOf")(0), String)

Catch ex As Exception
'Throw New Exception("Error obtaining user
details. " + ex.Message)
End Try

End Sub 'GetUserDetails

 

[Paul Clement]

¤
¤ >-----Original Message-----
¤ >On Thu, 24 Jun 2004 23:08:12 -0700, "Hriday"
¤ >
¤ >¤ Hi there, Please help me..It is urgent
¤ >¤
¤ >¤
¤ >¤ This is Hriday, working on windows authentication with
¤ >¤ Active Directory...
¤ >¤ My requirment is when a user sends a request to my web
¤ >¤ Applicatoin I want to Pop up windows Authentication box
¤ so
¤ >¤ that user will give his userId, Password & domain name
¤ for
¤ >¤ authenticaion. After that I want to take these three
¤ info
¤ >¤ of user and make a search in Active Directory.
¤ >¤
¤ >¤ I am able to display Win Authentication Pop up by using
¤ >¤ Authentication mode="Windows" and in Authrization tag,
¤ >¤ deny user="?" and setting Win Integrated authentication
¤ in
¤ >¤ IIS.
¤ >¤
¤ >¤ But I am not able to take user's info from Win
¤ >¤ Authenication Pop-up Windows..as I used server variable
¤ >¤ AUTH_USER and got userId. but when I use AUTH_PASSWORD
¤ I
¤ >¤ am getting null value...
¤ >
¤ >You cannot obtain the password from the login dialog when
¤ using integrated Windows based
¤ >authentication.
¤ >
¤ >If you want to capture the user ID and password you will
¤ have to use Forms based authentication:
¤ >
¤ >http://samples.gotdotnet.com/quickstart/aspplus/default.as
¤ px?url=/quickstart/aspplus/doc/formsauth.aspx
¤ >
¤ >
¤ >Paul ~~~ (e-mail address removed)
¤ >Microsoft MVP (Visual Basic)
¤ >.
¤ >
¤
¤ Thanks Paul for your cooperation,
¤
¤ But My requirment is to use Windows Authentication and
¤ make a search in Active directory and get user's
¤ information. For that I think I don't need user's
¤ Password. Only with UserId I should be able to make a
¤ search in Active Directory. Even I am able to do this when
¤ my Web Application is on Active Directory's IIS. But I
¤ have to make a search in such a senario that both Active
¤ Directory and IIS are located on different phisical
¤ machine. In this senario when I search using only Path and
¤ user name...It raises an exception called
¤ System.Runtime.InteropServices.COMException
¤
¤ I have search in msdn but did not get solution....
¤
¤ Please help me in this senario...

If your web server is in the AD domain you should be able to query AD.

What is the line of code that is causing the error?


Paul ~~~ (e-mail address removed)
Microsoft MVP (Visual Basic)

 

[Hriday]

-----Original Message-----

¤
¤ >-----Original Message-----
¤ >On Thu, 24 Jun 2004 23:08:12 -0700, "Hriday"
¤ >
¤ >¤ Hi there, Please help me..It is urgent
¤ >¤
¤ >¤
¤ >¤ This is Hriday, working on windows authentication with
¤ >¤ Active Directory...
¤ >¤ My requirment is when a user sends a request to my web
¤ >¤ Applicatoin I want to Pop up windows Authentication box
¤ so
¤ >¤ that user will give his userId, Password & domain name
¤ for
¤ >¤ authenticaion. After that I want to take these three
¤ info
¤ >¤ of user and make a search in Active Directory.
¤ >¤
¤ >¤ I am able to display Win Authentication Pop up by using
¤ >¤ Authentication mode="Windows" and in Authrization tag,
¤ >¤ deny user="?" and setting Win Integrated authentication
¤ in
¤ >¤ IIS.
¤ >¤
¤ >¤ But I am not able to take user's info from Win
¤ >¤ Authenication Pop-up Windows..as I used server variable
¤ >¤ AUTH_USER and got userId. but when I use AUTH_PASSWORD
¤ I
¤ >¤ am getting null value...
¤ >
¤ >You cannot obtain the password from the login dialog when
¤ using integrated Windows based
¤ >authentication.
¤ >
¤ >If you want to capture the user ID and password you will
¤ have to use Forms based authentication:
¤ >
¤
http://samples.gotdotnet.com/quickstart/aspplus/default.as
¤ px?url=/quickstart/aspplus/doc/formsauth.aspx
¤ >
¤ >
¤ >Paul ~~~ (e-mail address removed)
¤ >Microsoft MVP (Visual Basic)
¤ >.
¤ >
¤
¤ Thanks Paul for your cooperation,
¤
¤ But My requirment is to use Windows Authentication and
¤ make a search in Active directory and get user's
¤ information. For that I think I don't need user's
¤ Password. Only with UserId I should be able to make a
¤ search in Active Directory. Even I am able to do this when
¤ my Web Application is on Active Directory's IIS. But I
¤ have to make a search in such a senario that both Active
¤ Directory and IIS are located on different phisical
¤ machine. In this senario when I search using only Path and
¤ user name...It raises an exception called
¤ System.Runtime.InteropServices.COMException
¤
¤ I have search in msdn but did not get solution....
¤
¤ Please help me in this senario...

If your web server is in the AD domain you should be able to query AD.

What is the line of code that is causing the error?


Paul ~~~ (e-mail address removed)
Microsoft MVP (Visual Basic)
.

Hi Paul,

My web server in the AD domain only, but I am not able to
search user's info by the following code if I pass only
path as parameter to DirectoyEntry class..The same code is
working if I pass all the three parameter as path,userId
and password. but I can't get password from Windows
authenticatoin Popup box.....

I think I should be able to search in AD by only having
complete LDAP path and Username. I copy the complete code
here...I get error on following line
Dim obj As Object = entry.NativeObject

Thanks a lot for your cooparation..

COMPLETE CODE IS LIKE THIS...

Private path As String
= "LDAP://AD/DC=AD,DC=MyComp,DC=COM"
Private filterAttribute As String
Public fullname As String
Public groupName As String
Public email As String

Public Sub GetUserDetails(ByVal domain As String, ByVal
username As String) ', ByVal pwd As String)
Dim domainAndUsername As [String] = domain & "\" &
username


Dim entry As New DirectoryEntry(path) ',
domainAndUsername, pwd)



Try
'Bind to the native AdsObject to force
authentication.
Dim obj As Object = entry.NativeObject

Dim search As New DirectorySearcher(entry)

search.Filter = "(SAMAccountName=" & username
& ")"
search.PropertiesToLoad.Add("cn")
Dim result As SearchResult = search.FindOne()

'Update the new path to the user in the
directory.
path = result.Path
filterAttribute = CType(result.Properties("cn")
(0), String)
fullname = CType(result.Properties("cn")(0),
String)
search.PropertiesToLoad.Add("mail")
Dim resultemail As SearchResult =
search.FindOne()
email = CType(resultemail.Properties("mail")
(0), String)

search.PropertiesToLoad.Add("MemberOf")
Dim resultgp As SearchResult = search.FindOne()
groupName = CType(resultgp.Properties
("MemberOf")(0), String)

Catch ex As Exception
Throw New Exception("Error obtaining user
details. " + ex.Message)
End Try

End Sub 'GetUserDetails

 

[Paul Clement]

¤ >What is the line of code that is causing the error?
¤ >
¤ >
¤ >Paul ~~~ (e-mail address removed)
¤ >Microsoft MVP (Visual Basic)
¤ >.
¤ >
¤
¤ Hi Paul,
¤
¤ My web server in the AD domain only, but I am not able to
¤ search user's info by the following code if I pass only
¤ path as parameter to DirectoyEntry class..The same code is
¤ working if I pass all the three parameter as path,userId
¤ and password. but I can't get password from Windows
¤ authenticatoin Popup box.....
¤
¤ I think I should be able to search in AD by only having
¤ complete LDAP path and Username. I copy the complete code
¤ here...I get error on following line
¤ Dim obj As Object = entry.NativeObject
¤
¤ Thanks a lot for your cooparation..
¤
¤ COMPLETE CODE IS LIKE THIS...
¤
¤ Private path As String
¤ = "LDAP://AD/DC=AD,DC=MyComp,DC=COM"

Is this the root path of your domain? It doesn't look right to me. What is returned as the root when
you execute the following code?

Dim RootDSE As New DirectoryServices.DirectoryEntry("LDAP://RootDSE")
MsgBox(RootDSE.Properties("DefaultNamingContext").Value)


Paul ~~~ (e-mail address removed)
Microsoft MVP (Visual Basic)

 

[Paul Clement]

¤ >¤
¤ >¤ Private path As String
¤ >¤ = "LDAP://AD/DC=AD,DC=MyComp,DC=COM"
¤ >
¤ >Is this the root path of your domain? It doesn't look
¤ right to me. What is returned as the root when
¤ >you execute the following code?
¤ >
¤ > Dim RootDSE As New
¤ DirectoryServices.DirectoryEntry("LDAP://RootDSE")
¤ > MsgBox(RootDSE.Properties
¤ ("DefaultNamingContext").Value)
¤
¤
¤ Hi paul, thank you for your help..
¤
¤ When I execute the above code to get root path of AD, I
¤ get error that The
¤ specified domain either does not exist or could not be
¤ contacted.
¤
¤ But the same code gives my root path of AD as
¤ DC=AD,DC=MyComp,DC=Com when I excute it from a Windows
¤ Applicatoin. Why is it so...?
¤
¤ same code gives right result from Windows App, but gives
¤ above error from my Web Application...is this because of
¤ there is some problem of my IIS ? otherwise what is
¤ different in accessing AD through Windows App and Web App..
¤
¤ How can I get and set my IIS root path to my Active
¤ directory?
¤

Sounds like a permissions problem. I would see the following Microsoft article:

http://msdn.microsoft.com/library/d...tication_problems_on_asp_pages.asp?frame=true


Paul ~~~ (e-mail address removed)
Microsoft MVP (Visual Basic)