DirectoryEntry and single sign on

  • Thread starter Thread starter Stephan Steiner
  • Start date Start date
S

Stephan Steiner

Hi

I'm wondering.. if I construct a DirectoryEntry with just one parameter..

(e.g. LDAP://mydomaincontroller/dc=mydomain,dc=com)

what kind of authenticatinon is performed against the request (e.g. when
calling CommitChanges())? Is it anonymous? If so, is there a way to use the
credentials of the user account running the application without having to
specify the login and password?

Regards
Stephan
 
Hi

I'm wondering.. if I construct a DirectoryEntry with just one parameter..

(e.g. LDAP://mydomaincontroller/dc=mydomain,dc=com)

what kind of authenticatinon is performed against the request (e.g. when
calling CommitChanges())? Is it anonymous? If so, is there a way to use the
credentials of the user account running the application without having to
specify the login and password?

Regards
Stephan
Click to expand...


I recommend looking at this the DirectoryServicesPermission class. I'm
no LDAP expert by any means, but I do know that credentials are
validated against Active Directory objects. CommitChanges() will fail
unless credentials with administrative rights are provided. As for the
second question, there are objects in .NET that can retreive the user
name of the active account but the password must be entered manually.

T. Comer
 
Back
Top