Active Directory: Authenticating

  • Thread starter Thread starter jp2msft
  • Start date Start date
J

jp2msft

Currently, I let our employees log in using their network login id, password,
and domain.

Our employees keep forgetting how to input their logon id, and I have
already modified the code so that the domain name is set for them by default.

Is there a way I can authenticate a user with their Display Name instead of
the logon id? Where would I find information on this?

Thanks,
Joe
 
Hello jp2msft,
Currently, I let our employees log in using their network login id,
password, and domain.

Our employees keep forgetting how to input their logon id, and I have
already modified the code so that the domain name is set for them by
default.

Is there a way I can authenticate a user with their Display Name
instead of the logon id? Where would I find information on this?

Thanks,
Joe
Click to expand...

Joe;

Since you don't mention what you "let them" login to, it will be difficult
to answer this.

Now, assuming you mean an application you are writing in c# - I'm confused.

"Our employees keep forgetting how to input their logon id,"

How do they manage to login to the domain on a daily basis?

If the user does somehow login to the domain, and then forget their logon
ID before launching your program, google ds_name_translate (perhas just "name
translate" c#

Karl
 
Hello jp2msft,
Currently, I let our employees log in using their network login id,
password, and domain.

Our employees keep forgetting how to input their logon id, and I have
already modified the code so that the domain name is set for them by
default.

Is there a way I can authenticate a user with their Display Name
instead of the logon id? Where would I find information on this?

Thanks,
Joe
Click to expand...

Joe;

Since you don't mention what you "let them" login to, it will be difficult
to answer this.

Now, assuming you mean an application you are writing in c# - I'm confused.

"Our employees keep forgetting how to input their logon id,"

How do they manage to login to the domain on a daily basis?

If the user does somehow login to the domain, and then forget their logon
ID before launching your program, google ds_name_translate (perhas just "name
translate" c#

Karl
 
Karl,

These are public PCs out on the manufacturing floor. Most employees are only
privy to basic data, whereas management sees more information through our
applications.

A management title does not ensure PC literacy, and most manufacturing
employees with a management title log in to a PC at their desk that always
has their User ID filled in (they supply the password and hit OK).

Our current "safeguard" requires employees to enter their 6 digit badge
number, at which time that employee id is looked up in the database, and
employees with a management job title are granted access. The problem is that
the 6 digit number is not difficult to memorize by others.

To increase the level of security, after a badge number has been entered,
the employee is authenticated through Active Directory:

Now I have explained myself to you, but your comment has gotten me none
closer to how to address my main question: How do I authenticate a user using
their Display Name and Password instead of their User ID (logon name) and
Password?

This is for a Windows Application, not an ASP.NET Application.

Below is what I currently use:

string path = "LDAP://DC=SERVER1,DC=local";
string user = string.Format("SERVER1.local\\{0}", UserName.Text);
try {
using (DirectoryEntry rootEntry = new DirectoryEntry(path, user,
txtPassword.Text)) {
DirectorySearcher Searcher = new DirectorySearcher(rootEntry);
Searcher.PropertiesToLoad.AddRange(new string[] { "cn", "mail" });
Searcher.Filter = string.Format("(&(anr={0})(objectCategory=person))",
UserNames.Text);
SearchResultCollection Results = Searcher.FindAll();
foreach (SearchResult result in Results) {
Console.WriteLine("Name = " + result.Properties["cn"][0] + ", E-mail =
" + result.Properties["mail"][0]);
_adName = result.Properties["cn"][0].ToString();
}
rootEntry.Dispose();
}
return DialogResult.OK;
} catch (Exception err) {
MessageBox.Show(err.Message, "Authentication", MessageBoxButtons.OK,
MessageBoxIcon.Error);
throw err;
}
 
Karl,

These are public PCs out on the manufacturing floor. Most employees are only
privy to basic data, whereas management sees more information through our
applications.

A management title does not ensure PC literacy, and most manufacturing
employees with a management title log in to a PC at their desk that always
has their User ID filled in (they supply the password and hit OK).

Our current "safeguard" requires employees to enter their 6 digit badge
number, at which time that employee id is looked up in the database, and
employees with a management job title are granted access. The problem is that
the 6 digit number is not difficult to memorize by others.

To increase the level of security, after a badge number has been entered,
the employee is authenticated through Active Directory:

Now I have explained myself to you, but your comment has gotten me none
closer to how to address my main question: How do I authenticate a user using
their Display Name and Password instead of their User ID (logon name) and
Password?

This is for a Windows Application, not an ASP.NET Application.

Below is what I currently use:

string path = "LDAP://DC=SERVER1,DC=local";
string user = string.Format("SERVER1.local\\{0}", UserName.Text);
try {
using (DirectoryEntry rootEntry = new DirectoryEntry(path, user,
txtPassword.Text)) {
DirectorySearcher Searcher = new DirectorySearcher(rootEntry);
Searcher.PropertiesToLoad.AddRange(new string[] { "cn", "mail" });
Searcher.Filter = string.Format("(&(anr={0})(objectCategory=person))",
UserNames.Text);
SearchResultCollection Results = Searcher.FindAll();
foreach (SearchResult result in Results) {
Console.WriteLine("Name = " + result.Properties["cn"][0] + ", E-mail =
" + result.Properties["mail"][0]);
_adName = result.Properties["cn"][0].ToString();
}
rootEntry.Dispose();
}
return DialogResult.OK;
} catch (Exception err) {
MessageBox.Show(err.Message, "Authentication", MessageBoxButtons.OK,
MessageBoxIcon.Error);
throw err;
}
 
Hello jp2msft,
Karl,

These are public PCs out on the manufacturing floor. Most employees
are only privy to basic data, whereas management sees more information
through our applications.

A management title does not ensure PC literacy, and most manufacturing
employees with a management title log in to a PC at their desk that
always has their User ID filled in (they supply the password and hit
OK).

Our current "safeguard" requires employees to enter their 6 digit
badge number, at which time that employee id is looked up in the
database, and employees with a management job title are granted
access. The problem is that the 6 digit number is not difficult to
memorize by others.

To increase the level of security, after a badge number has been
entered, the employee is authenticated through Active Directory:

Now I have explained myself to you, but your comment has gotten me
none closer to how to address my main question: How do I authenticate
a user using their Display Name and Password instead of their User ID
(logon name) and Password?

This is for a Windows Application, not an ASP.NET Application.

Below is what I currently use:

string path = "LDAP://DC=SERVER1,DC=local";
string user = string.Format("SERVER1.local\\{0}", UserName.Text);
try {
using (DirectoryEntry rootEntry = new DirectoryEntry(path, user,
txtPassword.Text)) {
DirectorySearcher Searcher = new DirectorySearcher(rootEntry);
Searcher.PropertiesToLoad.AddRange(new string[] { "cn", "mail" });
Searcher.Filter =
string.Format("(&(anr={0})(objectCategory=person))",
UserNames.Text);
SearchResultCollection Results = Searcher.FindAll();
foreach (SearchResult result in Results) {
Console.WriteLine("Name = " + result.Properties["cn"][0] + ",
E-mail =
" + result.Properties["mail"][0]);
_adName = result.Properties["cn"][0].ToString();
}
rootEntry.Dispose();
}
return DialogResult.OK;
} catch (Exception err) {
MessageBox.Show(err.Message, "Authentication", MessageBoxButtons.OK,
MessageBoxIcon.Error);
throw err;
}
Karl Mitschke said:
Hello jp2msft,

Joe;

Since you don't mention what you "let them" login to, it will be
difficult to answer this.

Now, assuming you mean an application you are writing in c# - I'm
confused.

"Our employees keep forgetting how to input their logon id,"

How do they manage to login to the domain on a daily basis?

If the user does somehow login to the domain, and then forget their
logon ID before launching your program, google ds_name_translate
(perhas just "name translate" c#

Karl
Click to expand...
Click to expand...

http://directoryprogramming.net/forums/thread/157.aspx
 
Hello jp2msft,
Karl,

These are public PCs out on the manufacturing floor. Most employees
are only privy to basic data, whereas management sees more information
through our applications.

A management title does not ensure PC literacy, and most manufacturing
employees with a management title log in to a PC at their desk that
always has their User ID filled in (they supply the password and hit
OK).

Our current "safeguard" requires employees to enter their 6 digit
badge number, at which time that employee id is looked up in the
database, and employees with a management job title are granted
access. The problem is that the 6 digit number is not difficult to
memorize by others.

To increase the level of security, after a badge number has been
entered, the employee is authenticated through Active Directory:

Now I have explained myself to you, but your comment has gotten me
none closer to how to address my main question: How do I authenticate
a user using their Display Name and Password instead of their User ID
(logon name) and Password?

This is for a Windows Application, not an ASP.NET Application.

Below is what I currently use:

string path = "LDAP://DC=SERVER1,DC=local";
string user = string.Format("SERVER1.local\\{0}", UserName.Text);
try {
using (DirectoryEntry rootEntry = new DirectoryEntry(path, user,
txtPassword.Text)) {
DirectorySearcher Searcher = new DirectorySearcher(rootEntry);
Searcher.PropertiesToLoad.AddRange(new string[] { "cn", "mail" });
Searcher.Filter =
string.Format("(&(anr={0})(objectCategory=person))",
UserNames.Text);
SearchResultCollection Results = Searcher.FindAll();
foreach (SearchResult result in Results) {
Console.WriteLine("Name = " + result.Properties["cn"][0] + ",
E-mail =
" + result.Properties["mail"][0]);
_adName = result.Properties["cn"][0].ToString();
}
rootEntry.Dispose();
}
return DialogResult.OK;
} catch (Exception err) {
MessageBox.Show(err.Message, "Authentication", MessageBoxButtons.OK,
MessageBoxIcon.Error);
throw err;
}
Karl Mitschke said:
Hello jp2msft,

Joe;

Since you don't mention what you "let them" login to, it will be
difficult to answer this.

Now, assuming you mean an application you are writing in c# - I'm
confused.

"Our employees keep forgetting how to input their logon id,"

How do they manage to login to the domain on a daily basis?

If the user does somehow login to the domain, and then forget their
logon ID before launching your program, google ds_name_translate
(perhas just "name translate" c#

Karl
Click to expand...
Click to expand...

http://directoryprogramming.net/forums/thread/157.aspx
 
Back
Top