How do I create a Automatic Login system to Intranet using LDAP and Active Directory, ASP.NET ?

Question

0.00/5 (No votes)

See more:

I am looking to implement Automatic Active Directory Logon to one of our intranet Applications.

Groups and information needs to extracted from Active Directory

The app was coded in CodeCharge Studio 4.3 so I am unable to open of export the project to Visual Studio (Witch in itself is a problem for me)

It only runs on Chrome and Firefox

My Setup:
Win 2008 R2 Enterprise
IIS7

Tried the example:

Imports System.DirectoryServices

VB

Public Class Test1
    Inherits System.Web.UI.Page

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        REM Handles Me.Load
        Dim strUser As String
        Dim binFlag As Boolean

        REM This is equivalent to adsRoot=GetObject("LDAP://OU=ADSI,DC=ds,DC=microsoft,DC=com")
        REM and opens a connection to the root of the directory that you
        REM would want to search. Replace the string with your directory service root.
        Dim adsRoot As New DirectoryEntry("LDAP://OU=ADSI,DC=...,DC=...,DC=...")

        REM This sets up the filter to be used in searching for the user in AD.
        Dim adsSearch As DirectorySearcher = New DirectorySearcher(adsRoot)

        REM Grab the User ID of the person pulling the page, or the sAMAccountName
        strUser = Page.User.Identity.Name

        REM Strip off domain name (we already know it, although in multi-domain
        REM environments you might find that useful.
        strUser = Mid(strUser, InStr(1, strUser, "\") + 1)

        REM Search Active Directory For the user via
        REM System.DirectoryServices.DirectorySearcher
        Try
            REM We'll load the filter with the items we want to fetch,
            REM similar to a SQL statement.
            REM The first is what we are looking for, the sAMAccountName.
            adsSearch.PropertiesToLoad.Add("sAMAccountName")
            REM We will also need the group membership of the user once
            REM we have found the user.
            adsSearch.PropertiesToLoad.Add("memberof")
            REM We are likely to also need the common name, although
            REM it's not needed for this example.
            adsSearch.PropertiesToLoad.Add("cn")
            REM We don't need the .FullName property for this example,
            REM but you might, so I show it here.
            adsSearch.PropertiesToLoad.Add("FullName")
            REM build the search filter (looking for the user with a login
            REM name that matches who connected to the page.
            adsSearch.Filter = "sAMAccountName=" & strUser

            REM Get some variables ready to receive the results
            Dim oResult As SearchResult
            Dim RetArray As New Hashtable()
            Dim adsGrpcn As String
            binFlag = False

            REM Now get the results (just one), what you get back is 
            REM an object that points to the found user
            oResult = adsSearch.FindOne
            REM You can now loop through the list of groups
            For Each adsGrpcn In oResult.GetDirectoryEntry().Properties("memberof").Value
                REM You'll want to splice this string a bit to match a specific group
                REM Then test to see if it matches your application group. Make sure to
                REM use TRIM() to avoid embedded spaces in the common name of the group.
                Response.Write(adsGrpcn)
                If adsGrpcn = "MyGroup" Then binFlag = True
            Next
        Catch ex As Exception
            Response.Write("I got the following error while trying to authenticate you: " & ex.Message)
            Response.End()
        End Try
        If binFlag Then
            Response.Write("You are authorized!")
        Else
            Response.Write("You are not authorized!")
        End If
    End Sub

End Class

Error I got:
I got the following error while trying to authenticate you: There is no such object on the server.

I am not an .Net expert and need some help.

Had a look at most of the articles and none of them helps me exactly.

Thanks for you help and time

Posted 4-Apr-13 3:48am

Canafunk

Updated 4-Apr-13 22:04pm

v4

Add a Solution

Comments

[no name] 4-Apr-13 9:51am

I you want some help, you would first have to explain what "Could not get it to work" means.

Canafunk 4-Apr-13 10:14am

Added some more details to the Question, does this help?

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

José Amílcar Casimiro · Answer 1 · 2013-04-04T05:43:00

Solution 1

Hi,

This code:

C#

strUser = Page.User.Identity.Name

Returns the domain and username of current user.

When you make a ldap search like this:

C#

adsSearch.Filter = "sAMAccountName=" & strUser

You need to remove the domain name from strUser, because you are already querying the domain.

Hope it helps.

Good luck.

Posted 4-Apr-13 5:43am

José Amílcar Casimiro

Comments

Canafunk 5-Apr-13 3:01am

strUser = Mid(strUser, InStr(1, strUser, "\") + 1)

This should take care of the domain name? Or is that not what you mean?

José Amílcar Casimiro 5-Apr-13 10:41am

You should not use the domain name.