Thanks for your reply. Actually, I have the code block work fine in WinApps
to access to LDAP. It also works in ASP.Net with windows authentication and
imperonation enabled. I just cannot make it work in form authentication
without imperonation. The problem is how to set the security context.
Here is the method:
public static bool FindUser(string identification, ref string FirstName,
ref string LastName)
{
bool result = false;
string _path = "GC://";
// Setup the filter
identification = identification.Substring(identification.LastIndexO f(@"\")
+ 1,
identification.Length - identification.LastIndexOf(@"\")-1);
string userNameFilter =
string.Format("(&(ObjectClass=Person)(SAMAccountNa me={0}))",
identification);
// Get a Directory Searcher to the LDAPPath
DirectorySearcher searcher = new DirectorySearcher(_path);
if (searcher == null)
{
return false;
}
// Add the properties that need to be retrieved
searcher.PropertiesToLoad.Add("givenName");
searcher.PropertiesToLoad.Add("sn");
// Set the filter for the search
searcher.Filter = userNameFilter;
try
{
// Execute the search
SearchResult search = searcher.FindOne();
if (search != null)
{
FirstName = SearchResultProperty(search, "givenName");
LastName = SearchResultProperty(search, "sn");
result = true;
}
else
result = false;
}
catch (Exception ex)
{
result = false;
}
return result;
}
Thanks,
--Capsy
"Kannan.V [MCSD.net]" <Ka************@discussions.microsoft.com> wrote in
message news:4D**********************************@microsof t.com...
hi,
These links were useful for a similar scenario for me.
http://www.dotnet247.com/247reference/msgs/4/20782.aspx
http://www.dotnet247.com/247referenc...51/256427.aspx
http://www.dotnet247.com/247referenc.../__discussions
hope this helps
--
Kannan.V
Home : http://www.kannanv.com
Blog : http://kannanv.blogspot.com
Web : http://www.DotnetLounge.net
"Any one who has never made a mistake has never tried anything new" -
Einstein
"Caspy" wrote:
I just get stuck on how to check if a user is a member of network
(domain). I am building an internal tracking system with ASP.Net with Form
authentication. When an user is added into the system, it check if the
user is a member of the domain account against Global Catalog. If not, the
user is not allowed to added in. If is, get the user's first name and last
name and insert into the database.
Because the system need access to other resource, I don't want to use
impersonation. Changing WindonIdentity with impersonation at run time is
also not a choice because the web server is running on Windows 2000.
Based on the Security context, how to check if a user in the system or not?
Thank you in advance.
--Caspy