I am trying to determine if the logged in user belongs to an Active
Directory Group. I have started with these code snippets:
WindowsIdentity id = WindowsIdentity .GetCurrent();
IdentityReferen ceCollection irc = id.Groups;
This only returns the ID of the groups, I need the AD Group Name.
string adPath = "LDAP://MyDom.com";
DirectoryEntry entry = new DirectoryEntry( adPath);
string userName = HttpContext.Cur rent.User.Ident ity.Name.ToStri ng();
string name = userName.Substr ing(userName.In dexOf(@"\") + 1);
DirectorySearch er mySearcher = new DirectorySearch er(entry);
mySearcher.Filt er = "(cn=" + name + ")";
mySearcher.Prop ertiesToLoad.Ad d("memberOf") ;
mySearcher.Prop ertiesToLoad.Ad d("cn");
StringBuilder groupNames = new StringBuilder() ;
SearchResult result = mySearcher.Find One();
DirectoryEntry userEntry = result.GetDirec toryEntry();
int propertyCount = result.Properti es["memberOf"].Count;
The propertyCount comes back as 0.
What am I doing wrong? Any help greatly appreciated.
9  3334 
I am running this in my local test environment. How do I set up full trust?
I am running IIS6 and VS2005
I set the Trust to Full for the System.Director yServices.DLL to no avail.
I kinda agree, that if that was the issue, I would see a security issue.
To test that, I set the web app to "High" vs. "Full" and received a security
error
On Fri, 10 Mar 2006 19:12:35 GMT, Ernest Griffin wrote: I am trying to determine if the logged in user belongs to an Active
Directory Group.
You're going to have to provide a little more information. When you say
"logged in user", what do you mean?
Do you mean the user logged in to their local machine accessing your web
page?
Do you mean the user is logged in to the web page using the ASP.NET 2.0
Login Controls?
Do you mean the user is logged in to the web page using some custom code
you (or someone else) wrote?
I have started with these code snippets:
WindowsIdentity id = WindowsIdentity .GetCurrent();
IdentityReferen ceCollection irc = id.Groups;
This only returns the ID of the groups, I need the AD Group Name.
I assume you're using ASP.NET 2.0, since Groups is a new property added in
2.0 on WindowsIdentity .
Why not just use the role provider methods used by ASP.NET, set the role
provider to use WindowsTokenRol eProvider, then you can just do
Role.GetRolesFo rUser()?
This is running in an internal web site.
External Users will be challenged with windows authentication.
The users will be loggin into the local domain.
The users will browse to pages.
I will determine who they are (I can do that successfully)
I will query the LDAP to see what groups they are in.
Depending on the result, I will show different items.
I am using IIS6
I am using .NET 2.0 and 1.1
I am using VS2005
I am using SQL2000
This is within a WSS Web part.
Here is the code that worked From Start to Finish
WindowsIdentity id = WindowsIdentity .GetCurrent();
IdentityReferen ceCollection irc = WindowsIdentity .GetCurrent().G roups;
string[] strArray = new string[irc.Count];
int t = 0;
foreach(Identit yReference ir in irc)
{
IdentityReferen ce account = ir.Translate(ty peof(NTAccount) );
strArray[t] = account.Value;
t++;
}
On Fri, 10 Mar 2006 21:40:41 GMT, Ernest Griffin wrote: This is running in an internal web site.
External Users will be challenged with windows authentication.
I assume what you mean is you will use basic authentication for external
users. Be aware that this sends passwords in clear text. Hopefully,
you're using SSL.
The users will be loggin into the local domain.
External users will have to use a domain qualifier, and this can be
annoying to many users. For example, they may have to type
"DOMAIN\usernam e" rather than just "username". There is no reliable method
to avoid this other than using Forms Authentication, and then you don't get
the automatic WindowsIdentity .
I see below that you already have a solution that works for you. Just be
aware that there are several gotcha's when dealing with Windows Identities
when using external (non-domain attached) computers. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Jay Chan |
last post by:
We have just installed a SQL Server 2000 (SP 3A) onto a computer that
has Windows-2003 Server on it. Now, we cannot get access to that
database server from other computers. Seem like this may be an issue
with Active Directory.
Our network consists of Windows-2000 Servers (SP 4) and Windows-2000
workstations and Windows-XP workstations. We also have SQL Server 2000
(SP2) in three Windows-2000 servers. All work fine. Recently, we get a...
|
by: microsoft |
last post by:
Hi People, when I try to modify an active directory user programatically, I
receive the following exception:
The server is unwilling to process the request
Reading the microsoft web site, I found this article:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;248717 that says the
following:
..........................
|
by: Mario Rodriguez |
last post by:
Hi people. I have a problem adding users to Win2003 active directory
programatically. When I execute my app throws the following exception:
.................The specified directory service attribute or value does not
exist...........
Exactly the same code works fine on my win2000 active directory. My app
include the use of the extensionAtributes and I'm not sure if the
extensionAttributes feature was removed from win2003 Active...
|
by: ASGMikeG |
last post by:
Hi,
How do I find the user object for the current user in Active Directory i.e.
the user running my program ?
Regards
Michael
|
by: Andrew |
last post by:
Hey all,
Working on revamping our Intranet here and making use of the LDPA, Active
Directory, Directory Services, etc. that .Net provides. I am still fairly
new on this subject, so the problem I have run into I am not sure how to
fix, and really not sure what is causing it.
Here's what is going on (test server - Windows 2003 Server):
I have a page in a folder (under anonymous authentication in IIS6) that has
a link on it that...
| | |
by: Leo_Surf |
last post by:
Hello,
I need your help adding user in Active Directory from ASP.net website. Could
any one provide me the complete code for the html page. As this is my
curriculam project and I dont have any Idea about ASP.net
Please Help
Thanks in Advance.
|
by: tangus via DotNetMonster.com |
last post by:
Hello all, I'm really struggling with getting some Active Directory code to
work in ASP.NET. Can you please provide assistance? I am executing the
following code:
Dim enTry As DirectoryEntry = New DirectoryEntry("LDAP://domain")
Dim mySearcher As New DirectorySearcher(enTry)
Dim resEnt As SearchResult
mySearcher.Filter = ("(objectClass=*)")
mySearcher.SearchScope = SearchScope.Subtree
|
by: Hriday |
last post by:
Hi there, Please help me..It is urgent
This is Hriday, working on windows authentication with
Active Directory...
My requirment is when a user sends a request to my web
Applicatoin I want to Pop up windows Authentication box so
that user will give his userId, Password & domain name for
authenticaion. After that I want to take these three info
of user and make a search in Active Directory.
|
by: RTT |
last post by:
here is my current situation. I develop a program on my computer's
localhost. From there i contact Active directory succesfull using a
connectionstring like: LDAP://OU=BE,OU=SE,DC=eu,DC=aagp,DC=corp. This works
fine. My computer is in and OU under the BE folder, and so is my User. I
have no problems connecting to the Active Directory.
But now that my code is finished i want to put it online on one of the
company servers. but when i...
|
by: Jim in Arizona |
last post by:
My goal, somehow, is to populate a dropdownlist with all the user names
in active directory. I don't even know where to begin, really.
I added a reference to System.DirectoryServices so I could use the
System.DirectoryServices.ActiveDirectory namespace. I don't even know if
this is the right way to go as I can't seem to find anything in that
namespace that would help me query active directory for names.
I can't use an LDAP query...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| | |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| | |
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
