user authentication form AD

Question

1.00/5 (1 vote)

See more:

i have an application in which i create security module

which will check that current login user is valid in active diractory or not

but i didnt get how to authenticate the user from active diractory

Posted 23-Jul-11 21:44pm

kami124

Updated 23-Jul-11 22:48pm

v2

Add a Solution

Comments

dan!sh 24-Jul-11 4:02am

Your question is not clear. Can you describe the problem?

kami124 24-Jul-11 4:08am

i want to create an application in which that application is only for the domain user
if someone has that application so my security module will authenticate that user from active diractory
that current login user is member of domain or not
in simple
authentication user from active diractory

DaveAuld 24-Jul-11 8:12am

If the user has already logged into the domain, then they are already authenticated/validated???

kami124 24-Jul-11 4:26am

hav you understand my question or not

OriginalGriff 24-Jul-11 5:01am

And stop bumping it as well!

kami124 24-Jul-11 5:11am

what do you mean, i didnt understand

3 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

TheyCallMeMrJames · Answer 1 · 2011-07-24T05:41:00

If the user is logged into the domain when they run the app then you can access their credentials as such:

System.Environment.UserName

If they are not logged into the domain, i.e. if you do not detect a domain user in the string that returns from the above property, then don't let them use the application.

Users can always "right-click -> run as". I don't think I could make a good case to my manager to rewrite this functionality that is provided free from Windows.

Cheers.

#realJSOP · Answer 2 · 2011-07-24T05:46:00

If you want it to be used only by the person that installed it, just make the setup project force that setting instead of asking "Allow all users".

At that point, only the person that installed it will even see it on their desktop, in their start menu, and in Programs & Features (Add/Remove Programs).

Mycroft Holmes · Answer 3 · 2011-07-24T12:45:00

You need to reference System.DirectoryServices
You also need to know the ActiveDirectory path (ADPath)

We use this code to authenticate a user

public static bool IsADSUser(string userAlias, string pwd)
{
    #region Source
    bool isADSUser = false;
    if (userAlias.Trim().Length == 0 || pwd.Length == 0)
    {
        isADSUser = false;
    }
    else
    {
        //call ADQuery to get UserInformation
        string filter = String.Format("(&(objectCategory=organizationalPerson)(samaccountname={0}))", userAlias);
        DirectoryEntry de = new DirectoryEntry(ADPath, userAlias, pwd, AuthenticationTypes.Secure);
        DirectorySearcher ds = new DirectorySearcher(de);
        ds.ReferralChasing = ReferralChasingOption.All;
        ds.Filter = filter;
        SearchResult result = null;
        using (de)
        {
            using (ds)
            {
                try
                {
                    result = ds.FindOne();
                }
                catch (Exception ex)
                {
                    if (ex.Message.Contains("Logon failure:"))
                    {
                        result = null;
                    }
                    else
                    {
                        throw ex;
                    }
                }
            }
        }
        if (result != null)
        {
            isADSUser = true;
        }
        else
        {
            isADSUser = false;
        }
    }
    return isADSUser;
    #endregion
}

user authentication form AD

3 solutions

Solution 1

Solution 2

Solution 3

Add your solution here

Preview 0