I need to authenticate users to enter in a NTLM-protected virtual directory,
but I can't pop up a NT-login dialogue box - I can only do a web-based
username/password form (my client is a "usability" firm!). After searching
and searching, I finally found up with this solution to use ADSI to
authenticate users transparently: http://www.eggheadcafe.com/articles/20010126.asp
I tried the script and I am able to authenticate that the user exists with
the correct password, but when I redirect the user to the virtual directory,
the popup box is still popping up! I think what is happening is that I am
not actually passing the username/password to the NT server.
Is anybody familiar with using ADSI for NT log in's? Am I on the right
track? And if so, how do I actually do this so that the NT login box
doesn't pop up?
I'm so close now...=)
Sophia 9 2255
"Pravin Patil" <pr******@mastek.com> wrote in message
news:6D3D3C57-E508-41A2-B35E- I guess you have not changed authentication settings in IIS. Try to change it to Anonymous.
Thanks Pravin,
But I need the folder(s) to be secure.....each client gets their own
directory and they shouldn't be allowed to browse other client's folders.
Wouldn't changing it to anonymous allow anybody to browse to the virtual
directories if they know what the URL is?
What I'm trying to do is basically give clients a web-based interface to
their individual folders. I can understand how to prevent access to
unauthorized users if this was a webpage, but it's a folder....and that's
different, right?
Also, the virtual directory is a different application from the webpage I'm
redirecting from on IIS - could that be the problem as well? I am
authenticating from http://client.servername.com to the virtual directory on http://client.servername.com/ClientNumber1 based on their username.
Thanks for any assistance - I'm new to all this and was thrown into this
project!
Sophia
"Sophia" <So********@hotmail.invalid> wrote in message
news:10*************@corp.supernews.com... "Pravin Patil" <pr******@mastek.com> wrote in message news:6D3D3C57-E508-41A2-B35E- I guess you have not changed authentication settings in IIS. Try to change it to Anonymous. Thanks Pravin,
But I need the folder(s) to be secure.....each client gets their own directory and they shouldn't be allowed to browse other client's folders. Wouldn't changing it to anonymous allow anybody to browse to the virtual directories if they know what the URL is?
What I'm trying to do is basically give clients a web-based interface to their individual folders. I can understand how to prevent access to unauthorized users if this was a webpage, but it's a folder....and that's different, right?
Also, the virtual directory is a different application from the webpage
I'm redirecting from on IIS - could that be the problem as well? I am authenticating from http://client.servername.com to the virtual directory
on http://client.servername.com/ClientNumber1 based on their username.
Thanks for any assistance - I'm new to all this and was thrown into this project!
The problem is that web-based authentication involves the browser and the
ADSI code does not. IIS cannot control access to resources if you
authenticate in the way your article describes - your web application would
have to handle control access. In other words, you would need to write
something like an ASP application that would use the ADSI code to
authenticate and set a session variable, and then check that session var on
every page to see if a user is authenticated.
As an alternative, you can look at a 3rd party product like Authentix: http://www.flicks.com/flicks/authx.htm
--
Tom Kaminski IIS MVP http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS http://mvp.support.microsoft.com/ http://www.microsoft.com/windowsserv...y/centers/iis/
Hmm...maybe I'm thinking too narrowly-minded. I don't have to use ADSI.
Originally, I was redirecting a user from a login page to a virtual
directory with a URL that looked like https://username:pa******@www.URL.com,
but with Microsoft's new security update, I can no longer pass the login
information in the URL. The user should end up on a page that is basically
an FTP directory that they can view in their browser. Is there any way that
I can do this without the NT login box popping up?
I did some research and it looks like I would be able to do this if I had
Integrated Authentication turned on, but since the server I am working with
is Windows NT, the most I can do is use Basic Authentication or NTLM (am I
correct on this?)
How are other people doing it these days, after Microsoft's security update?
Thanks!!
Sophia
"Sophia" <So********@hotmail.invalid> wrote in message
news:10*************@corp.supernews.com... Hmm...maybe I'm thinking too narrowly-minded. I don't have to use ADSI.
Originally, I was redirecting a user from a login page to a virtual directory with a URL that looked like
https://username:pa******@www.URL.com, but with Microsoft's new security update, I can no longer pass the login information in the URL. The user should end up on a page that is
basically an FTP directory that they can view in their browser. Is there any way
that I can do this without the NT login box popping up?
I did some research and it looks like I would be able to do this if I had Integrated Authentication turned on, but since the server I am working
with is Windows NT, the most I can do is use Basic Authentication or NTLM (am I correct on this?)
No - they are the same thing.
--
Tom Kaminski IIS MVP http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS http://mvp.support.microsoft.com/ http://www.microsoft.com/windowsserv...y/centers/iis/
Hi Sophia!
I am having the same problem as you, but I have just started.
I have a webapp where I have all user data in my sql server, so I check
authentication against the database. That means I use anonymous access.
I have also checked the Integrated windows authentication. (Windows 2000
server SP3.)
Now, I need to develop some addition to the app, so that users can
upload pictures to a folder. Even create their own folders within their
root folder. I have thought the exact same as you. No one should be able
to view each others files, therefore the need to create an nt user for
every user. That way, no others will have access to the folder(s). But,
I wan't to be able to log in the user to the nt account without any
"login to Network" pop-up. Hopefully through VBScript.
Did you ever find a solution too the problem??? I am very interested in
your reply!!
Henning :-)
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
"kongsballa" <ko*********@devdex.com> wrote in message
news:%2******************@TK2MSFTNGP11.phx.gbl... Hi Sophia!
I am having the same problem as you, but I have just started.
I have a webapp where I have all user data in my sql server, so I check authentication against the database. That means I use anonymous access. I have also checked the Integrated windows authentication. (Windows 2000 server SP3.)
Now, I need to develop some addition to the app, so that users can upload pictures to a folder. Even create their own folders within their root folder. I have thought the exact same as you. No one should be able to view each others files, therefore the need to create an nt user for every user. That way, no others will have access to the folder(s). But, I wan't to be able to log in the user to the nt account without any "login to Network" pop-up. Hopefully through VBScript.
Did you ever find a solution too the problem??? I am very interested in your reply!!
Henning :-)
Sorry, I can't help you.....I never found the solution to my problem. =(
I just told my client that I couldn't do it with the way their system is set
up. =P
But if you or anybody else figures it out, I'm still interested in hearing
how to do this!
Sophia
"Sophia" <So********@hotmail.invalid> wrote in message
news:10*************@corp.supernews.com... "kongsballa" <ko*********@devdex.com> wrote in message news:%2******************@TK2MSFTNGP11.phx.gbl... Hi Sophia!
I am having the same problem as you, but I have just started.
I have a webapp where I have all user data in my sql server, so I check authentication against the database. That means I use anonymous access. I have also checked the Integrated windows authentication. (Windows 2000 server SP3.)
Now, I need to develop some addition to the app, so that users can upload pictures to a folder. Even create their own folders within their root folder. I have thought the exact same as you. No one should be able to view each others files, therefore the need to create an nt user for every user. That way, no others will have access to the folder(s). But, I wan't to be able to log in the user to the nt account without any "login to Network" pop-up. Hopefully through VBScript.
Did you ever find a solution too the problem??? I am very interested in your reply!!
Henning :-)
Sorry, I can't help you.....I never found the solution to my problem. =(
I just told my client that I couldn't do it with the way their system is
set up. =P
But if you or anybody else figures it out, I'm still interested in hearing how to do this!
I guess you didn't read my last post?
--
Tom Kaminski IIS MVP http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS http://mvp.support.microsoft.com/ http://www.microsoft.com/windowsserv...y/centers/iis/ This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Miguel Orrego |
last post by:
Hi,
I have found some code that authenticates users agains a domain using ADSI.
I then redirect to another page and pass the username they have entered as a
string. However, it would be nice to...
|
by: Srinivas |
last post by:
Hi,
I've one system in which Active directory is installed.
That system is the domain controller as well as web
server - A test machine.
Trying all following to Authenticate Users using VB as...
|
by: Enigma Webmaster |
last post by:
Hi All,
We've written a couple of functions which, when run in VB6 work fine and
allow AD users to be updated. When we include the code into an ASP Page and
try and update a users information...
|
by: Tom Petersen |
last post by:
My users logon to the Patriot domain, my intranet is on sdsddata01 server.
I have a form that people have to click on a dropdown list to pick their
name from the list when submitting a form. Is...
|
by: Arran Pearce |
last post by:
Hi,
I am looking for a way to use System.DirectoryServices to find all users on
a domain whos accounts are either locked out or disabled. I have used
ADSIEdit and the mmc schema add-in to try...
|
by: mrwoopey |
last post by:
Hi,
I am using the example "Authenticate against the Active Directory by
Using Forms Authentication and Visual Basic .NET":
http://support.microsoft.com/default.aspx?scid=KB;EN-US;326340
...
|
by: msnews.microsoft.com |
last post by:
I have ADSI code that I can make work at the command line. I cannot in
any way get it to work in asp.net. Even using Windows authentication,
impersonation on, and providing the credentials...
|
by: andy |
last post by:
Has anyone ever experienced any problems authenticating with an ADSI application where after so long it stops responding. I can not track down what is causing the problem. I have a login page that...
|
by: John |
last post by:
Hi, gurus,
How can I implement the following feature in C#:
Set objGroup = GetObject("WinNT://" & strComputer & "/" & strGroup & ", group")
For Each objMember In objGroup.Members...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |