Hi,
I've been trying to use FormsAuthentication agains windows users and
groups - not Active Directory.
I couldn't find any articles on this directly, not to say that there aren't
any out there, if you know of one - please let me know.
Anyways - the problem I'm having is that only Administrators can logon,
probably since they're the only ones allowed to open users and groups (even
their own user account).
The code I've used is as follows:
private SortedList ListMembersInGroup() {
string dirPath = ConfigurationSettings.AppSettings["ADGroupRoot"];
SortedList userList = new SortedList();
using (DirectoryEntry _groupEntry = new DirectoryEntry(dirPath, {working
user}, {working pass})) {
IADsGroup gr = _groupEntry.NativeObject as IADsGroup;
IADsMembers MembersCollection = gr.Members();
MembersCollection.Filter = new object[] {"user"};
foreach (IADsUser member in MembersCollection) {
DirectoryEntry _user = new DirectoryEntry(member.ADsPath, {working user},
{working pass});
userList.Add(_user.Name, _user.Properties);
}
}
return userList;
}
public bool IsAuthenticated(string username, string pwd) {
string pathAndUserName = ConfigurationSettings.AppSettings["ADUserRoot"]
.Replace("%USERNAME%", username);
using (DirectoryEntry entry = new DirectoryEntry(pathAndUserName, username,
pwd)) {
try {
// Here I get an Unknown exception when the user is not an
administrator...
Object obj = entry.NativeObject;
} catch { return false; }
if (!entry.Path.Equals(pathAndUserName))
return false;
}
return this.ListMembersInGroup().ContainsKey(username);
}
Where
ConfigurationSettings.AppSettings["ADGroupRoot"]="WinNT://ELESTEDT/server/{group}"
ConfigurationSettings.AppSettings["ADUserRoot"]="WinNT://ELESTEDT/server/%USERNAME%"
{working user} is a Administrator account,
{working pass} is the password to the Administrator account,
{group} is the group users have to be in to be allowed to logon.
Any help is appriciated...
3  1215 
The first option that comes to mind is using Enterprise Services (ie, COM+)
for the authentication and setting the user of the application to a
priveleged acount that can run the user check). The web app is then divorced
from the authentication process, allowing it more authority to do the check.
Giving the web app more priveges (not easy) is not a good option, however.
---
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA
***************************
Think Outside the Box!
***************************
"Fredrik Elestedt" wrote: Hi,
I've been trying to use FormsAuthentication agains windows users and
groups - not Active Directory.
I couldn't find any articles on this directly, not to say that there aren't
any out there, if you know of one - please let me know.
Anyways - the problem I'm having is that only Administrators can logon,
probably since they're the only ones allowed to open users and groups (even
their own user account).
The code I've used is as follows:
private SortedList ListMembersInGroup() {
string dirPath = ConfigurationSettings.AppSettings["ADGroupRoot"];
SortedList userList = new SortedList();
using (DirectoryEntry _groupEntry = new DirectoryEntry(dirPath, {working
user}, {working pass})) {
IADsGroup gr = _groupEntry.NativeObject as IADsGroup;
IADsMembers MembersCollection = gr.Members();
MembersCollection.Filter = new object[] {"user"};
foreach (IADsUser member in MembersCollection) {
DirectoryEntry _user = new DirectoryEntry(member.ADsPath, {working user},
{working pass});
userList.Add(_user.Name, _user.Properties);
}
}
return userList;
}
public bool IsAuthenticated(string username, string pwd) {
string pathAndUserName = ConfigurationSettings.AppSettings["ADUserRoot"]
.Replace("%USERNAME%", username);
using (DirectoryEntry entry = new DirectoryEntry(pathAndUserName, username,
pwd)) {
try {
// Here I get an Unknown exception when the user is not an
administrator...
Object obj = entry.NativeObject;
} catch { return false; }
if (!entry.Path.Equals(pathAndUserName))
return false;
}
return this.ListMembersInGroup().ContainsKey(username);
}
Where
ConfigurationSettings.AppSettings["ADGroupRoot"]="WinNT://ELESTEDT/server/{group}"
ConfigurationSettings.AppSettings["ADUserRoot"]="WinNT://ELESTEDT/server/%USERNAME%"
{working user} is a Administrator account,
{working pass} is the password to the Administrator account,
{group} is the group users have to be in to be allowed to logon.
Any help is appriciated...
Well then,
I can see only one way out - SQL auth.
Thanks anyway.
// Fredrik
"Cowboy (Gregory A. Beamer) - MVP" <No************@comcast.netNoSpamM> wrote
in message news:51**********************************@microsof t.com... The first option that comes to mind is using Enterprise Services (ie,
COM+)
for the authentication and setting the user of the application to a
priveleged acount that can run the user check). The web app is then
divorced
from the authentication process, allowing it more authority to do the
check.
Giving the web app more priveges (not easy) is not a good option, however.
---
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA
***************************
Think Outside the Box!
***************************
"Fredrik Elestedt" wrote:
Hi,
I've been trying to use FormsAuthentication agains windows users and
groups - not Active Directory.
I couldn't find any articles on this directly, not to say that there
aren't
any out there, if you know of one - please let me know.
Anyways - the problem I'm having is that only Administrators can logon,
probably since they're the only ones allowed to open users and groups
(even
their own user account).
The code I've used is as follows:
private SortedList ListMembersInGroup() {
string dirPath = ConfigurationSettings.AppSettings["ADGroupRoot"];
SortedList userList = new SortedList();
using (DirectoryEntry _groupEntry = new DirectoryEntry(dirPath, {working
user}, {working pass})) {
IADsGroup gr = _groupEntry.NativeObject as IADsGroup;
IADsMembers MembersCollection = gr.Members();
MembersCollection.Filter = new object[] {"user"};
foreach (IADsUser member in MembersCollection) {
DirectoryEntry _user = new DirectoryEntry(member.ADsPath, {working
user},
{working pass});
userList.Add(_user.Name, _user.Properties);
}
}
return userList;
}
public bool IsAuthenticated(string username, string pwd) {
string pathAndUserName = ConfigurationSettings.AppSettings["ADUserRoot"]
.Replace("%USERNAME%", username);
using (DirectoryEntry entry = new DirectoryEntry(pathAndUserName,
username,
pwd)) {
try {
// Here I get an Unknown exception when the user is not an
administrator...
Object obj = entry.NativeObject;
} catch { return false; }
if (!entry.Path.Equals(pathAndUserName))
return false;
}
return this.ListMembersInGroup().ContainsKey(username);
}
Where
ConfigurationSettings.AppSettings["ADGroupRoot"]="WinNT://ELESTEDT/server/{group}"
ConfigurationSettings.AppSettings["ADUserRoot"]="WinNT://ELESTEDT/server/%USERNAME%"
{working user} is a Administrator account,
{working pass} is the password to the Administrator account,
{group} is the group users have to be in to be allowed to logon.
Any help is appriciated...
Fredrik Elestedt,
Why don't u use Windows Auth against Active Directory..Looking at
the code u posted ..i figured u were using NT provider against Active
Directory!
** Forms Auth also couls be considered against A.Directory..
Hope this helps..
Patrick
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it! This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: George Durzi |
last post by:
When you call FormsAuthentication.SignOut(), is the FormsAuthentication
cookie supposed to be destroyed automatically?
I'm creating my FormsAuthentication cookie by doing:
HttpCookie oCookie =...
|
by: Jeff B |
last post by:
I am having a very perplexing problem with setting the user's roles. I have
tried to figure this out for 2 days now.
When the user logs in to the site, I retrieve the roles from the database
and...
|
by: Phil Certain |
last post by:
Hi
I'm building a site that has publicly available pages and password
protected pages. Publicly available pages reside in:
/public
and password protected pages reside in:
/private
|
by: Grant Merwitz |
last post by:
Hi, i am using forms authentication in an ASP.NET project
I am setting the Forms authentication cookie by using:
FormsAuthentication.RedirectFromLoginPage(UserName.Text, false);
Now when i...
|
by: Matthias S. |
last post by:
Hi there,
I've created an application which is using Forms-based authentification.
My Login-Button event handler looks somewhat like this:
// validate the input, etc...
// sUserName holds now...
|
by: Dean R. Henderson |
last post by:
I setup FormsAuthentication on a couple websites where it has been working
as expected for a long time. I used this code to setup the same type of
authentication on a new website I am working on...
|
by: Åženol Akbulak |
last post by:
Hello;
I use in my web application FormsAuthentication. Also I use Session state
(InProc).
When a user logged in, I can read Session parameters. (For example
Session). Problem is that, when...
|
by: Kim André Akerø |
last post by:
I'm trying to make my PHP scripts communicate with a ASP.NET based
authentication solution.
I have $_COOKIE, but it's encrypted using the
FormsAuthentication.Encrypt method.
This is the...
|
by: Rodrigo m. Ferreira |
last post by:
Can you help me to solve the following problem?
on my loggin page I have the code:
protected void LoginButton_Click(object sender, EventArgs e)
{
if(Membership.ValidateUser(TXTUsuario.Text,...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
| |
