473,327 Members | 1,920 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,327 software developers and data experts.

Authenticate against Active Directory

Bud
I would like to be able to pass a request to IIS to have a user name and
password authenticated against my Active Directory Users database. I'm
running Server 2003 however my web pages are build using ASP (not .NET).
What I want to do is to open the standard User Name/Password form (I don't
know how to do that either) and then make my request and get back a
True/False result. There must be a way to do that but I haven't found it
after 3 hours of searching the web.
Thanks,
Bud
Nov 9 '05 #1
5 5783
I assume this is on an Intranet (otherwise your going to need to create a
lot of users in AD)

If you set the IIS authentication to "Windows Authentication" and set the
NTFS permissions on the folders on your site, your users will be
automatically authenticated.

If you'd like to capture the username then you can use
Request.ServerVariables("LOGON_USER")

http://www.aspfaq.com/show.asp?id=2046

Tom B

"Bud" <bc*@belles.com> wrote in message
news:%2***************@TK2MSFTNGP15.phx.gbl...
I would like to be able to pass a request to IIS to have a user name and
password authenticated against my Active Directory Users database. I'm
running Server 2003 however my web pages are build using ASP (not .NET).
What I want to do is to open the standard User Name/Password form (I don't
know how to do that either) and then make my request and get back a
True/False result. There must be a way to do that but I haven't found it
after 3 hours of searching the web.
Thanks,
Bud

Nov 10 '05 #2
Bud
Tom - thanks for your suggestion. However, I don't want to have everyone
that visits my site to logon. Some of the pages that are in the site give
the visitor a chance to download files. The files are to be placed there by
"the owner" of that page. So what I want to do it to have an unlock icon on
the page that the "owner" can click on (and so could others but they
wouldn't know the password). An emtpy form field would be presented and the
"owner" would then enter his/her password. I already know the "owner's"
user id associated with that page. Now having the user id and password, I
want to query AD to verify that the password is valid for that user. Sounds
simple to me, but I sure can't figure out how or if it can be done. I could
always create a table in the database that goes with this application and
authenticate using it, however, that would force my users to remember
another password.
Bud
"TomB" <sh*****@Hotmail.com> wrote in message
news:%2****************@tk2msftngp13.phx.gbl...
I assume this is on an Intranet (otherwise your going to need to create a
lot of users in AD)

If you set the IIS authentication to "Windows Authentication" and set the
NTFS permissions on the folders on your site, your users will be
automatically authenticated.

If you'd like to capture the username then you can use
Request.ServerVariables("LOGON_USER")

http://www.aspfaq.com/show.asp?id=2046

Tom B

"Bud" <bc*@belles.com> wrote in message
news:%2***************@TK2MSFTNGP15.phx.gbl...
I would like to be able to pass a request to IIS to have a user name and
password authenticated against my Active Directory Users database. I'm
running Server 2003 however my web pages are build using ASP (not .NET).
What I want to do is to open the standard User Name/Password form (I don't
know how to do that either) and then make my request and get back a
True/False result. There must be a way to do that but I haven't found it
after 3 hours of searching the web.
Thanks,
Bud


Nov 10 '05 #3
"Bud" <bc*@belles.com> wrote in message
news:ew**************@TK2MSFTNGP12.phx.gbl...
Tom - thanks for your suggestion. However, I don't want to have everyone
that visits my site to logon. Some of the pages that are in the site give
the visitor a chance to download files. The files are to be placed there
by "the owner" of that page. So what I want to do it to have an unlock
icon on the page that the "owner" can click on (and so could others but
they wouldn't know the password). An emtpy form field would be presented
and the "owner" would then enter his/her password. I already know the
"owner's" user id associated with that page. Now having the user id and
password, I want to query AD to verify that the password is valid for that
user. Sounds simple to me, but I sure can't figure out how or if it can
be done. I could always create a table in the database that goes with
this application and authenticate using it, however, that would force my
users to remember another password.


Ok - so use the same solution that was suggested but only lock down the
"owner" area ...

--
Tom Kaminski IIS MVP
http://www.microsoft.com/windowsserv...y/centers/iis/
http://mvp.support.microsoft.com/
http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
Nov 10 '05 #4
Bud
Tom,

I would lock down the "owner" area, but those pages still need to be
available to the general public. I might be able to create a completely
different set of pages that would allow my "owners" to go to when they need
to modify the content of their public pages. However, that means
maintaining two sets of pages and I'm sure they would be out of synch real
soon. I have a firewall (Linux based) that offers an option to authenicate
against Active Directory, so I'm thinking there should be some way to do
that in VBScript and ASP. What am I missing here?

Bud
"Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
news:ux*************@TK2MSFTNGP10.phx.gbl...
"Bud" <bc*@belles.com> wrote in message
news:ew**************@TK2MSFTNGP12.phx.gbl...
Tom - thanks for your suggestion. However, I don't want to have everyone
that visits my site to logon. Some of the pages that are in the site
give the visitor a chance to download files. The files are to be placed
there by "the owner" of that page. So what I want to do it to have an
unlock icon on the page that the "owner" can click on (and so could
others but they wouldn't know the password). An emtpy form field would be
presented and the "owner" would then enter his/her password. I already
know the "owner's" user id associated with that page. Now having the
user id and password, I want to query AD to verify that the password is
valid for that user. Sounds simple to me, but I sure can't figure out
how or if it can be done. I could always create a table in the database
that goes with this application and authenticate using it, however, that
would force my users to remember another password.


Ok - so use the same solution that was suggested but only lock down the
"owner" area ...

--
Tom Kaminski IIS MVP
http://www.microsoft.com/windowsserv...y/centers/iis/
http://mvp.support.microsoft.com/
http://www.iistoolshed.com/ - tools, scripts, and utilities for running
IIS

Nov 11 '05 #5

We have an inexpensive product that does exactly this. RadIIS can allow
IIS users to authenticate with IAS (Radius). Its fairly straightforward
to configure IAS to authenticate agains Active Directory.

All users all logged into a user specified NT account (possible the
same as used for Anonymous users). The actual username/password used
can be obtained via asp from RadIIS. You don't need additional CAL's,
you can track the users, the IIS logs contain the AD username in all
entries.

www.tcpdata.com
scott b


Bud wrote:
*I would like to be able to pass a request to IIS to have a user name
and
password authenticated against my Active Directory Users database.
I'm
running Server 2003 however my web pages are build using ASP (not
.NET).
What I want to do is to open the standard User Name/Password form (I
don't
know how to do that either) and then make my request and get back a
True/False result. There must be a way to do that but I haven't
found it
after 3 hours of searching the web.
Thanks,
Bud *


--
sbolton
------------------------------------------------------------------------
Posted via http://www.codecomments.com
------------------------------------------------------------------------

Nov 22 '05 #6

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
by: GC | last post by:
I'm looking to build a web app that authenticates against my current active directory. Anyone have any examples on how to do this? Thanks!
7
by: Sync Walantaji | last post by:
Hi, I would like to write a asp.net winform program to authenticate users on Active Directory. Can I do this with asp.net if the IIS server is not part of the Active directory domain? Is...
0
by: B111Gates | last post by:
OK I know this is a complex question so I will break it up. I know that SSPI is the prefered method of authentication, however if I use the sample provide by MS I cannot authenticate across...
2
by: J-T | last post by:
I need to create a webserivce which is able to talk to the following components: 1) Another webservice which is written by java and talks to its own backend database to authenticate the users...
0
by: Lajus Norvejikus | last post by:
Hi all, I want to develop a web service to authenticate user/pass against a Active Directory domain. I only don't know how to authenticate the credentials user enters against a AD domain. Anyone...
1
by: fomalhaut | last post by:
Hi All, I'm builing an application that requires domain admin access to run, and I'm trying to allow for the application to be run as a normal user and allow the user to provide it with a...
1
by: Michael Howes | last post by:
I would think this would be very, very easy but in the 50 searches I've done I haven't found anything. If our application requires login and that user/password be a local windows account or more...
4
by: Jon | last post by:
I am modifying an app for a customer in ASP.Net 1.1. The app is running on a server outside their network, yet they want to authenticate users against their internal active directory set up (they...
2
by: LIKKLE MAN | last post by:
Can anyone point me to an article that explains how to get an instance of DB2 running on AIX 5.x authenticating against an Active Directory server. There is no issue securing AIX itself in this...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.