ASP.NET and Active Directory


A

Adrian Parker

At the moment, we have a simple user id / password entry screen to login to
our website, the data credentials are held in our database.

We've now been asked to integrate with active directory so that users on the
lan who are already logged in via active directory no longer need to log
into the website, but automatically are logged in using their network userid
(which should match the old website login).

I can see how I could prompt for the userid / pwd again and interogate the
active directory to see if the user is valid, but how can I do it without
asking for the login info ?

Thanks
Adrian Parker
 
Ad

Advertisements

G

Guest

Hi Adrian,

1) Turn the security of the web app to “Integrated Windows Authenticationâ€
2) In the global.ascx, retrieve the userID from the Context.User.Identity.Name
3) Search the Active Directory for the user's information but notice that
you need to query the directory using a hard-coded user id if you are on Win
2000 or to turn on Kerberos authentication if you are on win server 2003
http://www.microsoft.com/windowsserver2003/technologies/security/kerberos/default.mspx

You can search the adsi.general newsgroup for more details on making a query
to the Active Directory
 
W

WJ

Adrian Parker said:
We've now been asked to integrate with active directory so that users on
the lan who are already logged in via active directory no longer need to
log into the website, but automatically are logged in using their network
userid (which should match the old website login).

You will have to make your webserver (IIS) as "member" of the AD. This way,
when an AD client is successfully authenticated to the AD, s/he can use your
website without being prompted for AD credential again. You will have to
switch from anonymous to Integrated Windows in the IIS server. And if you
use MS/SQL, you will also need to use "Integrate Windows security option"
also to take advantage of the AD security system.

John
 
Ad

Advertisements


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top