M
Mike Murdock
I am sure this is a common question but I cannot seem to find the
answer. I am trying to authenticating web users via Active Directory.
I have a basic form where the user types in his username and password
and I need to authenticate the username (sAMAccountName) and password
before letting them into the secure part of the site. Because this is
an classic ASP application I cannot simply apply IIS security to specific
folders and don't want to rely on IIS security at all.
I have seen the example below in several message boards but found that
it only works IF the users CN in the directory is the same as the SAM
account. For example CN=Test and sAMAccountName=Test works but CN=Test
User and
sAMAccountName=Test fails. I surely don't want to have to ask users
for
both names in order to validate them.
What is the proper way to validate the SAM if you do not know the
users CN?
Mike Murdock
Starphire Technologies, LLC
www.starphire.com
email: mmurdock (at) starphire (dot) com
<%
Dim UserName, Password, ldapserver, ldap_path
' Construct the FQDN
ldap_path = "LDAP://192.168.1.123/cn=##,DC=domain,DC=starphire,DC=com;"
'get the ldap server name into local variable by replacing the
special charcter with the username
ldapserver = Replace(ldap_path,"##","testuser")
' Connect to the LDAP Directory
Set dso = GetObject("LDAP:")
'parse the username from the ldap path
userName = Mid(ldapserver, InStr(8, ldapserver, "/") + 1)
'get the password
Password = "testpass"
'Validate the User Name and Password
on error resume next
Set lobjUser = dso.OpenDSObject(ldapserver, UserName, password, 0)
'exit with error - Incorrect username & password - return to
login.asp page
If Err.number <> 0 Then
Response.Write "AUTHENTICATION FAILURE!"
Set lobjUser = nothing
Set dso = nothing
Else
Response.Write "SUCCESS!!"
end if
'To get information from the LDAP directory you need to know the
"attributes"
'available and then you can reference them. Ex:
'strUserName = lobjUser.Get("cn")
%>
answer. I am trying to authenticating web users via Active Directory.
I have a basic form where the user types in his username and password
and I need to authenticate the username (sAMAccountName) and password
before letting them into the secure part of the site. Because this is
an classic ASP application I cannot simply apply IIS security to specific
folders and don't want to rely on IIS security at all.
I have seen the example below in several message boards but found that
it only works IF the users CN in the directory is the same as the SAM
account. For example CN=Test and sAMAccountName=Test works but CN=Test
User and
sAMAccountName=Test fails. I surely don't want to have to ask users
for
both names in order to validate them.
What is the proper way to validate the SAM if you do not know the
users CN?
Mike Murdock
Starphire Technologies, LLC
www.starphire.com
email: mmurdock (at) starphire (dot) com
<%
Dim UserName, Password, ldapserver, ldap_path
' Construct the FQDN
ldap_path = "LDAP://192.168.1.123/cn=##,DC=domain,DC=starphire,DC=com;"
'get the ldap server name into local variable by replacing the
special charcter with the username
ldapserver = Replace(ldap_path,"##","testuser")
' Connect to the LDAP Directory
Set dso = GetObject("LDAP:")
'parse the username from the ldap path
userName = Mid(ldapserver, InStr(8, ldapserver, "/") + 1)
'get the password
Password = "testpass"
'Validate the User Name and Password
on error resume next
Set lobjUser = dso.OpenDSObject(ldapserver, UserName, password, 0)
'exit with error - Incorrect username & password - return to
login.asp page
If Err.number <> 0 Then
Response.Write "AUTHENTICATION FAILURE!"
Set lobjUser = nothing
Set dso = nothing
Else
Response.Write "SUCCESS!!"
end if
'To get information from the LDAP directory you need to know the
"attributes"
'available and then you can reference them. Ex:
'strUserName = lobjUser.Get("cn")
%>