By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
443,866 Members | 1,660 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 443,866 IT Pros & Developers. It's quick & easy.

Urgent: Connecting to active directory using cached credentials

P: n/a
Hello,

I'm hoping to find out if it is possible to connect
within an ASP.NET application to Active Directory with
the credentials of the person who accessed the ASP.NET
application via IIS, using windows integrated
authentication.

I've tried using ADO, ADSI, and Directory Services, but I
have yet to find a way to connect to active directory
with the security token created by IIS, when the user
accesses the ASP.NET application with windows integrated
authentication.

Being able to do this is a pretty urgent problem, so any
help anyone could provide would be extremely appreciated.

Thank you!
-Chris
Nov 18 '05 #1
Share this Question
Share on Google+
3 Replies


P: n/a
> I'm hoping to find out if it is possible to connect
within an ASP.NET application to Active Directory with
the credentials of the person who accessed the ASP.NET
application via IIS, using windows integrated
authentication.

I've tried using ADO, ADSI, and Directory Services, but I
have yet to find a way to connect to active directory
with the security token created by IIS, when the user
accesses the ASP.NET application with windows integrated
authentication.

Being able to do this is a pretty urgent problem, so any
help anyone could provide would be extremely appreciated.


I also posted this question to general.adsi.

-Chris
Nov 18 '05 #2

P: n/a
Are u interested in Forms or wINDOWS aUTHENTICATION?'
<an*******@discussions.microsoft.com> wrote in message
news:0a****************************@phx.gbl...
I'm hoping to find out if it is possible to connect
within an ASP.NET application to Active Directory with
the credentials of the person who accessed the ASP.NET
application via IIS, using windows integrated
authentication.

I've tried using ADO, ADSI, and Directory Services, but I
have yet to find a way to connect to active directory
with the security token created by IIS, when the user
accesses the ASP.NET application with windows integrated
authentication.

Being able to do this is a pretty urgent problem, so any
help anyone could provide would be extremely appreciated.


I also posted this question to general.adsi.

-Chris

Nov 18 '05 #3

P: n/a
Hi Chris:

The problem you are probably facing is the one hop limit of NTLM
authentication. The user's credentials make one hop from the browser
to the web server, and the web server can use those credentials
impersonate the user on the web server. However, the server cannot use
those credentials to make a second hop to the AD controller.

One way around this is to move up one step from impersonation to
delegation.

See:
How To Configure an ASP.NET Application for a Delegation Scenario.
http://support.microsoft.com/default...b;en-us;810572

HTH

--
Scott
http://www.OdeToCode.com/

On Wed, 6 Oct 2004 23:28:48 -0700, "Chris L" <ri********@hotmail.com>
wrote:
Hello,

I'm hoping to find out if it is possible to connect
within an ASP.NET application to Active Directory with
the credentials of the person who accessed the ASP.NET
application via IIS, using windows integrated
authentication.

I've tried using ADO, ADSI, and Directory Services, but I
have yet to find a way to connect to active directory
with the security token created by IIS, when the user
accesses the ASP.NET application with windows integrated
authentication.

Being able to do this is a pretty urgent problem, so any
help anyone could provide would be extremely appreciated.

Thank you!
-Chris


Nov 18 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.