468,510 Members | 1,733 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,510 developers. It's quick & easy.

Asp Ldap authentication and redirection based on OU

Hi I'm trying to do an ASP authentication using Ldap and would like to have the users directed to pages based on the Organizational Unit. My ASP knowledge is pretty basic but would really like to get this sorted to complete the intranet.
Thx I've found the following code on this website and manage to get the username and password authentication working just need to figure out how to redirect to the OU.

Thanks
Expand|Select|Wrap|Line Numbers
  1. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
  2.  
  3. <html>
  4. <head>
  5. <title>Intranet</title>
  6. </head>
  7.  
  8. <body>
  9.  
  10. <%
  11. dim submit
  12. dim UserName
  13. dim Password
  14.  
  15.  
  16. UserName = "mydoamin/username"
  17. Password = ""
  18. Domain = "mydomain"
  19. submit = request.form("submit")
  20.  
  21. if submit = "Authenticate" then
  22. UserName = request.form("UserName")
  23. Password = request.form("Password")
  24. Domain = request.form("Domain")
  25. result = AuthenticateUser(UserName, Password, Domain)
  26. if result then
  27. Response.Redirect("basic page")
  28. else
  29. response.write "<h3>Authentication Failed!</h3>"
  30. end if
  31. end if
  32.  
  33. response.write "<hr><form method=post>"
  34. response.write "<table>"
  35. response.write "<tr>"
  36. response.write "<td><b>Username:&nbsp;</b></td><td><input type=""text"" name=""UserName"" value=""" & UserName & """>"
  37. response.write "</tr>"
  38. response.write "<tr>"
  39. response.write "<td><b>Password:&nbsp;</b></td><td><input type=""password"" name=""Password"" value=""" & Password & """ </td>"
  40. response.write "</tr>"
  41. response.write "<tr>"
  42. response.write "<td><b>AD Domain:&nbsp;</b></td><td><input type=""text"" name=""Domain"" value=""" & Domain & """ <br></td>"
  43. response.write "</tr>"
  44. response.write "<tr>"
  45. response.write "<td>&nbsp;</td><td><input name=""submit"" type=""submit"" value=""Authenticate""></td>"
  46. response.write "</tr>"
  47. response.write "</table>"
  48. response.write "</form>"
  49. response.end
  50.  
  51. function AuthenticateUser(UserName, Password, Domain)
  52. dim strUser
  53. ' assume failure
  54. AuthenticateUser = false
  55.  
  56. strUser = UserName
  57. strPassword = Password
  58.  
  59.  
  60. strQuery = "SELECT cn FROM 'LDAP://" & Domain & "' WHERE objectClass='*' "
  61. set oConn = server.CreateObject("ADODB.Connection")
  62. oConn.Provider = "ADsDSOOBJECT"
  63. oConn.Properties("User ID") = strUser
  64. oConn.Properties("Password") = strPassword
  65. oConn.Properties("Encrypt Password") = true
  66. oConn.open "DS Query", strUser, strPassword
  67.  
  68. set cmd = server.CreateObject("ADODB.Command")
  69. set cmd.ActiveConnection = oConn
  70. cmd.CommandText = strQuery
  71. on error resume next
  72. set oRS = cmd.Execute
  73. if oRS.bof or oRS.eof then
  74. AuthenticateUser = false
  75. else
  76. AuthenticateUser = true
  77. end if
  78. set oRS = nothing
  79. set oConn = nothing
  80.  
  81. end function
  82.  
  83. %>
  84.  
  85. </body>
  86. </html>
Oct 25 '09 #1
3 5459
jhardman
3,405 Expert 2GB
OK, your query is only pulling up one field (cn) from LDAP. You will need to see what other fields are available (do "Select * ...", the * will pull up every field you have available) whether there is a field you can use. I've never tried it with LDAP, but this code should work:
Expand|Select|Wrap|Line Numbers
  1. response.write "<table><tr>" & vbNewLine
  2. dim x
  3. for each x in oRS.fields
  4.    response.write "<td>" & x.name & "</td>" & vbNewLine
  5. next
  6. response.write "</tr><tr>" & vbNewLine
  7. do until oRS.eof
  8.    for each x in oRS.fields
  9.       response.write "<td>" & x.value & "</td>" & vbNewLine
  10.    next
  11.    response.write "</tr><tr>"
  12.  
  13.    oRS.movenext
  14. loop
  15. response.write "</tr></table>" & vbNewLine
Let me know if this helps.

Jared
Oct 28 '09 #2
Hey Jared
Thanks for the assist. I've changed the "cn" to "*" and tried to pull the organizational Units from the Ldap but still no joy. I'm now seeing the following error when submitted " Error Type:
ADODB.Connection (0x800A0CC1)
Item cannot be found in the collection corresponding to the requested name or ordinal." in the highlighted line.



Attaching modified code

<%
dim submit
dim UserName
dim Password



UserName = ""
Password = ""
Domain = "mydomain"
submit = request.form("submit")

if submit = "Authenticate" then
UserName = request.form("UserName")
Password = request.form("Password")
Domain = request.form("Domain")
result = AuthenticateUser(UserName, Password, Domain, strOU)
if result then
Response.Redirect("http://localhost/intranet/"& strOU &".html")
else
response.write "<h3>Authentication Failed!</h3>"
end if
end if

response.write "<hr><form method=post>"
response.write "<table>"
response.write "<tr>"
response.write "<td><b>Username:&nbsp;</b></td><td><input type=""text"" name=""UserName"" value=""" & UserName & """>"
response.write "</tr>"
response.write "<tr>"
response.write "<td><b>Password:&nbsp;</b></td><td><input type=""password"" name=""Password"" value=""" & Password & """ </td>"
response.write "</tr>"
response.write "<tr>"
response.write "<td><b>AD Domain:&nbsp;</b></td><td><input type=""text"" name=""Domain"" value=""" & Domain & """ <br></td>"
response.write "</tr>"
response.write "<tr>"
response.write "<td>&nbsp;</td><td><input name=""submit"" type=""submit"" value=""Authenticate""></td>"
response.write "</tr>"
response.write "</table>"
response.write "</form>"
response.end

function AuthenticateUser(UserName, Password, strOU, Domain)
dim strUser
' assume failure
AuthenticateUser = false

strUser = UserName
strPassword = Password
StrOU = OU


strQuery = "SELECT * FROM 'LDAP://" & Domain & "' WHERE objectClass='*' "
set oConn = server.CreateObject("ADODB.Connection")
oConn.Provider = "ADsDSOOBJECT"
oConn.Properties("User ID") = strUser
oConn.Properties("Password") = strPassword
oConn.Properties("Organizational Unit") = strOU
oConn.Properties("Encrypt Password") = true
oConn.open "DS Query", strUser, strPassword, strOU



set cmd = server.CreateObject("ADODB.Command")
set cmd.ActiveConnection = oConn
cmd.CommandText = strQuery
on error resume next
set oRS = cmd.Execute
if oRS.bof or oRS.eof then
AuthenticateUser = false
else
AuthenticateUser = true
end if
set oRS = nothing
set oConn = nothing

end function

%>


Maybe you can tell me where I've gone wrong.
Thank for the help
Oct 29 '09 #3
jhardman
3,405 Expert 2GB
@Genius79
The oconn properties are just putting things in the database connection string, definitely not the place to mention the organizational unit. Try this:
Expand|Select|Wrap|Line Numbers
  1. strQuery = "SELECT * FROM 'LDAP://" & Domain & "' WHERE objectClass='*' "
  2. set oConn = server.CreateObject("ADODB.Connection")
  3. oConn.Provider = "ADsDSOOBJECT"
  4. oConn.Properties("User ID") = strUser
  5. oConn.Properties("Password") = strPassword
  6. oConn.Properties("Encrypt Password") = true
  7. oConn.open 
  8. set oRS = server.createobject("adodb.recordset")
  9. oRS.open strQuery, oConn
  10.  
  11. response.write "<table><tr>"
  12. for each x in oRS.fields
  13.    response.write "<th>" & x.name & "</th>" & vbNewLine
  14. next
  15. response.write "</tr>"
  16.  
  17. do until oRS.eof
  18.    response.write "<tr>" & vbNewLine
  19.  
  20.    for each x in oRS.fields
  21.       response.write "<td>" & x.value & "</td>" & vbNewLine
  22.    next
  23.  
  24.    response.write "</tr>"
  25.    oRS.movenext
  26. loop
  27. response.write "</table>"
  28.  
Nov 3 '09 #4

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

5 posts views Thread by dmcconkey | last post: by
reply views Thread by Luis Esteban Valencia | last post: by
2 posts views Thread by duncan beaumont | last post: by
3 posts views Thread by RJN | last post: by
1 post views Thread by jesbuddy07 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.