473,385 Members | 1,806 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > active directory

Join Bytes to post your question to a community of 473,385 software developers and data experts.

Active Directory

I am trying to determine if the logged in user belongs to an Active
Directory Group. I have started with these code snippets:

WindowsIdentity id = WindowsIdentity.GetCurrent();
IdentityReferenceCollection irc = id.Groups;

This only returns the ID of the groups, I need the AD Group Name.

string adPath = "LDAP://MyDom.com";
DirectoryEntry entry = new DirectoryEntry(adPath);
string userName = HttpContext.Current.User.Identity.Name.ToString();
string name = userName.Substring(userName.IndexOf(@"\") + 1);
DirectorySearcher mySearcher = new DirectorySearcher(entry);
mySearcher.Filter = "(cn=" + name + ")";
mySearcher.PropertiesToLoad.Add("memberOf");
mySearcher.PropertiesToLoad.Add("cn");
StringBuilder groupNames = new StringBuilder();
SearchResult result = mySearcher.FindOne();
DirectoryEntry userEntry = result.GetDirectoryEntry();
int propertyCount = result.Properties["memberOf"].Count;

The propertyCount comes back as 0.

What am I doing wrong? Any help greatly appreciated.
Mar 10 '06 #1
9 3287
Is your application running with full trust? The PropertiesToLoad
property requires full trust. Check out this link, at the bottom it
has the security requirements.

http://msdn.microsoft.com/library/de...oloadtopic.asp

HTH,
Darren Kopp
http://blog.secudocs.com/

Mar 10 '06 #2
I am running this in my local test environment. How do I set up full trust?
Mar 10 '06 #3
I am running IIS6 and VS2005
Mar 10 '06 #4
Check out these links, they have good descriptions of what you need to
do (both in code and framework configuration).

http://cyberforge.com/weblog/aniltj/...04/27/486.aspx
http://msdn.microsoft.com/library/de...aght000017.asp
(asp.net 2.0)
http://msdn.microsoft.com/library/de...AGHT000020.asp
(asp.net 2.0)
http://support.microsoft.com/default...b;en-us;815164

I'm not positive that is your problem, though it may be suspect. I
would think it would throw a security exception or something, but
documentation says that it may just "not work correctly".

HTH,
Darren Kopp
http://blog.secudocs.com/

Mar 10 '06 #5
I set the Trust to Full for the System.DirectoryServices.DLL to no avail.

I kinda agree, that if that was the issue, I would see a security issue.

To test that, I set the web app to "High" vs. "Full" and received a security
error
Mar 10 '06 #6
On Fri, 10 Mar 2006 19:12:35 GMT, Ernest Griffin wrote:
I am trying to determine if the logged in user belongs to an Active
Directory Group.
You're going to have to provide a little more information. When you say
"logged in user", what do you mean?

Do you mean the user logged in to their local machine accessing your web
page?

Do you mean the user is logged in to the web page using the ASP.NET 2.0
Login Controls?

Do you mean the user is logged in to the web page using some custom code
you (or someone else) wrote?
I have started with these code snippets:

WindowsIdentity id = WindowsIdentity.GetCurrent();
IdentityReferenceCollection irc = id.Groups;

This only returns the ID of the groups, I need the AD Group Name.


I assume you're using ASP.NET 2.0, since Groups is a new property added in
2.0 on WindowsIdentity.

Why not just use the role provider methods used by ASP.NET, set the role
provider to use WindowsTokenRoleProvider, then you can just do
Role.GetRolesForUser()?
Mar 10 '06 #7
This is running in an internal web site.
External Users will be challenged with windows authentication.
The users will be loggin into the local domain.
The users will browse to pages.
I will determine who they are (I can do that successfully)
I will query the LDAP to see what groups they are in.
Depending on the result, I will show different items.
I am using IIS6
I am using .NET 2.0 and 1.1
I am using VS2005
I am using SQL2000
This is within a WSS Web part.
Mar 10 '06 #8
Here is the code that worked From Start to Finish

WindowsIdentity id = WindowsIdentity.GetCurrent();
IdentityReferenceCollection irc = WindowsIdentity.GetCurrent().Groups;
string[] strArray = new string[irc.Count];
int t = 0;
foreach(IdentityReference ir in irc)
{
IdentityReference account = ir.Translate(typeof(NTAccount));
strArray[t] = account.Value;
t++;
}
Mar 10 '06 #9
On Fri, 10 Mar 2006 21:40:41 GMT, Ernest Griffin wrote:
This is running in an internal web site.
External Users will be challenged with windows authentication.
I assume what you mean is you will use basic authentication for external
users. Be aware that this sends passwords in clear text. Hopefully,
you're using SSL.
The users will be loggin into the local domain.


External users will have to use a domain qualifier, and this can be
annoying to many users. For example, they may have to type
"DOMAIN\username" rather than just "username". There is no reliable method
to avoid this other than using Forms Authentication, and then you don't get
the automatic WindowsIdentity.

I see below that you already have a solution that works for you. Just be
aware that there are several gotcha's when dealing with Windows Identities
when using external (non-domain attached) computers.
Mar 11 '06 #10
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
Cannot See a Newly Installed SQL Server 2000 (No Active Directory)
by: Jay Chan | last post by:
We have just installed a SQL Server 2000 (SP 3A) onto a computer that has Windows-2003 Server on it. Now, we cannot get access to that database server from other computers. Seem like this may be an...
Microsoft SQL Server
0
Active Directory Error - The server is unwilling to process the request
by: microsoft | last post by:
Hi People, when I try to modify an active directory user programatically, I receive the following exception: The server is unwilling to process the request Reading the microsoft web site, I...
.NET Framework
9
windows2003 active directory problems
by: Mario Rodriguez | last post by:
Hi people. I have a problem adding users to Win2003 active directory programatically. When I execute my app throws the following exception: .................The specified directory service...
.NET Framework
4
current user in Active Directory
by: ASGMikeG | last post by:
Hi, How do I find the user object for the current user in Active Directory i.e. the user running my program ? Regards Michael
.NET Framework
1
Problem querying LDAP and/or Active Directory
by: Andrew | last post by:
Hey all, Working on revamping our Intranet here and making use of the LDPA, Active Directory, Directory Services, etc. that .Net provides. I am still fairly new on this subject, so the problem...
ASP.NET
6
adding user in active directory
by: Leo_Surf | last post by:
Hello, I need your help adding user in Active Directory from ASP.net website. Could any one provide me the complete code for the html page. As this is my curriculam project and I dont have any...
ASP.NET
1
Problem retrieving Active Directory users
by: tangus via DotNetMonster.com | last post by:
Hello all, I'm really struggling with getting some Active Directory code to work in ASP.NET. Can you please provide assistance? I am executing the following code: Dim enTry As DirectoryEntry =...
ASP.NET
10
Windows Authentication through Active Directory
by: Hriday | last post by:
Hi there, Please help me..It is urgent This is Hriday, working on windows authentication with Active Directory... My requirment is when a user sends a request to my web Applicatoin I want to...
Visual Basic .NET
0
[Active Directory] On what ground does LDAP connect to Active Directory
by: RTT | last post by:
here is my current situation. I develop a program on my computer's localhost. From there i contact Active directory succesfull using a connectionstring like:...
Visual Basic .NET
2
Populating a DDL with users from Active Directory
by: Jim in Arizona | last post by:
My goal, somehow, is to populate a dropdownlist with all the user names in active directory. I don't even know where to begin, really. I added a reference to System.DirectoryServices so I could...
ASP.NET
1
Cloud Servers without Credit Card and Email Registration: A Simpler Way to Get on the Cloud
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
General
0
Wordpress or something else?
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
Content Management Systems
0
One-click Importing Excel Data into a*Database
by: ryjfgjl | last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
Microsoft Excel
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!