Hi,
I've one system in which Active directory is installed.
That system is the domain controller as well as web
server - A test machine.
Trying all following to Authenticate Users using VB as
well as ASP.
I need ASP solution (and no component required etcc..).
Things seems to work fine but stuck badly from past two
days.
Trying to get it done with IADSUser.ChangePassword, thats
throwing error on password policy. So....that way of
authenticating is not being considered though I modified
the security policies to satisify the program to function.
Sub AuthenticateUser()
' VB . Project References : Active DS Type Librabry, ADO
' "Courtesy URL : http://builder.com.com/5100-6388-1045387-
2.html"
Dim oRootDSE As IADs
Dim oDSObj As IADsOpenDSObject
Dim oAuth As IADsContainer
Dim oUser As IADsUser
Dim strUsername As String, strNamingContext As String,
strPassword As String, strUserADSPath As String
Dim blnUserExists As Boolean
Dim adoConnection As New ADODB.Connection
Dim adoRecordset As New ADODB.Recordset
Dim strServerName As String
'test.com : Active directory domain on my system which is
AD domain controller too!
strServerName = "my-system-name.test.com:389/"
strUsername = "test-user-name" '<somedomain>\test-user-
name : domain name is not necessary
strPassword = "test-password"
Set oRootDSE = GetObject("LDAP://" & strServerName
& "RootDSE")
strNamingContext = strServerName & oRootDSE.Get
("defaultNamingContext")
Set oRootDSE = Nothing
strUserADSPath = ""
blnUserExists = False
adoConnection.Provider = "ADSDSOObject"
Set adoRecordset = adoConnection.Execute("<LDAP://" &
strNamingContext & ">;(sAMAccountName=" & strUsername
& ");AdsPath, cn")
If adoRecordset.RecordCount = 0 Then
Debug.Print Now() & " - User Name " & strUsername
& " not exists in the directory."
Else
Debug.Print Now() & " - User Name " & strUsername
& " exists in the directory."
strUserADSPath = adoRecordset.Fields
("ADSPATH").Value
blnUserExists = True
End If
adoRecordset.Close
Set adoRecordset = Nothing
adoConnection.Close
Set adoConnection = Nothing
If Not blnUserExists Then Exit Sub
Set oUser = GetObject(strUserADSPath)
Debug.Print "Account Disabled = " &
oUser.AccountDisabled
' FYI If disabled = true then exit sub
Set oDSObj = GetObject("LDAP:")
Set oAuth = oDSObj.OpenDSObject("LDAP://" &
strNamingContext, strUsername, strPassword,
ADS_SECURE_AUTHENTICATION)
' THIS LINE IS THE CULPRIT LINE THAT IS WORKING FINE
IN VB BUT FAILING WHEN THE SAME CODE TAKEN TO ASP WITH
APPRIOPRIATE CONSTANT VALUES SET
e.g.,ADS_SECURE_AUTHENTICATION
' WHAT IS THAT REASON THAT IS MAKING IT FAIL?????
PLEASE LET ME KNOW ASAP??
THE ERROR NUMBER : -2147016662 is being returned always
for ASP
If Not oAuth Is Nothing Then
MsgBox "Authentication Success", vbInformation
Set oAuth = Nothing
End If
Exit Sub
Err_Hnd:
MsgBox Err.Description, vbCritical, Err.Number
End Sub
' Equivalent ASP Code
Sub AuthenticateUser(strUsername, strPassword)
on error resume next
ADS_SECURE_AUTHENTICATION = 1
ADS_SERVER_BIND = 512
strServerName = "my-system-
name.test.com:389/"
strUsername = "test-user-
name" '<somedomain>\test-user-name : domain name is not
necessary
strPassword = "test-password"
Set oRootDSE = GetObject("LDAP://" &
strServerName & "RootDSE")
strNamingContext = strServerName &
oRootDSE.Get("defaultNamingContext")
Set oRootDSE = Nothing
Response.Write "<BR> strNamingContext = "
& strNamingContext
strUserADSPath = ""
blnUserExists = False
set oADOConn = Server.CreateObject
("ADODB.CONNECTION")
set oADORs = Server.CreateObject
("ADODB.Recordset")
oADOConn.Provider = "ADSDSOObject"
oADOConn.Open
Set oADORs = oADOConn.Execute("<LDAP://" &
strNamingContext & ">;(sAMAccountName=" & strUsername
& ");AdsPath, cn")
If oADORs.RecordCount = 0 Then
Response.Write "<BR> " & Now() & " -
User Name <B>" & strUsername & "</B> not exists in the
active directory."
Else
Response.Write "<BR> " & Now() & " -
User Name <B>" & strUsername & "</B> exists in the active
directory."
strUserADSPath = oADORs.Fields
("ADSPATH").Value
blnUserExists = True
End If
oADORs.Close
Set oADORs = Nothing
oADOConn.Close
Set oADOConn = Nothing
If Not blnUserExists Then Exit Sub
Set oUser = GetObject(strUserADSPath)
Response.Write "<BR> Account Disabled = "
& oUser.AccountDisabled
Set oDSObj = GetObject("LDAP:")
Set oAuth = oDSObj.OpenDSObject("LDAP://"
& strNamingContext, strUsername, strPassword,
ADS_SECURE_AUTHENTICATION + ADS_SERVER_BIND)
' THIS LINE IS THE CULPRIT LINE THAT IS WORKING FINE
IN VB BUT FAILING WHEN THE SAME CODE TAKEN TO ASP WITH
APPRIOPRIATE CONSTANT VALUES SET
e.g.,ADS_SECURE_AUTHENTICATION
' WHAT IS THAT REASON THAT IS MAKING IT FAIL?????
PLEASE LET ME KNOW ASAP??
THE ERROR NUMBER : -2147016662 is being returned always
for ASP
if err.number <> 0 then
Response.Write "<BR>
Authentication Failed with Error Number = " & err.number
exit sub
end if
If Not oAuth Is Nothing Then
Response.Write "<BR> Authentication
Success"
Set oAuth = Nothing
End If
End sub
Suggestions please!
Thanks in advance!
Regards
Srinivas