locked
Webpage with check against Active Directory RRS feed

  • Question

  • User-240601160 posted

    Hi all ASP Gurus!

    I am quite new to ASP and ASP.NET, I have my experience with PHP, but now I am in need to also get to figure out ASP and ASP.NET.

    What do I want to accomplish? (The QUESTION)

    I have a webpage that I want to communicate with three different domains (Active Directory), lets call them DomainA, DomainB and DomainC. On this webpage, I would like to performe a query against all the three domains to se if I get a hit. By hit I mean if there exists a UserAccount. There are two criterias that has to go through the search, first one is to look for a UserID (ie e456784) and after that to search if an e-mail address exists in those three domains (ie myname@domain.com).

    Now, how do I code a script that performes this?

    Anyone who can assist me with code or perhaps a webpage for reference!

    Thanks in advance!

    Sincerely,

    Andreas

    Wednesday, July 4, 2007 4:22 AM

All replies

  • User-351429265 posted

    Hi Andreas,

    you have to use Directory Services classes in .NET. You can get some good starting pointers in the following links.

    http://www.codeproject.com/aspnet/adsi2.asp

    http://www.codeproject.com/dotnet/QueryADwithDotNet.asp

     

    Hope it helps!!!!

    Bhaskar

    Wednesday, July 4, 2007 4:55 AM
  • User-240601160 posted

    Hi Andreas,

    you have to use Directory Services classes in .NET. You can get some good starting pointers in the following links.

    http://www.codeproject.com/aspnet/adsi2.asp

    http://www.codeproject.com/dotnet/QueryADwithDotNet.asp

     

    Hope it helps!!!!

    Bhaskar

    I thank you so much for your reply, but it didn't make too much sense for me. Remember, I am very novice on ASP and .NET. Perhaps you got a link to a great "get started" and reference page so I know what predefined functions to be able to call. Are there big differences between ASP and PHP?

    Again, thank you for your time to answer!

    Sincerely,

    Andreas

    Wednesday, July 4, 2007 7:28 AM
  • User-968139384 posted
    Hi Andreas!

    You can download the demo projects on the codeproject-links that Bhaskar provided. Source code-example of how to use the framework.
    Have you checked out the three first threads/notes in the LDAP-list of this site?
    The System.DirectoryServices' DirectoryEntry and DirectorySearcher is pretty much all you need, if you already know LDAP-programming.
    I'm not that familiar with php, but I think I'd read some about ASP.NET 2.0 in general before starting to code.
    
    quickstarts.asp.net ain't that bad a place to get a quick intro to general asp.net 2.0.

    Anders
    Friday, July 6, 2007 3:54 AM
  • User1588321482 posted

    The .Net DirectoryServices class is the way to go for what you describe. You would then make use of the directoryentry and directorysearch methods.

    So,

    Dim DirEntry As New DirectoryServices.DirectoryEntry(Path)

    where path is the LDAP location you are interested in i.e. DNS namespace of your AD (e.g subdomain.domain.com) followed by where the search starts normally the AD root (dc=subdomain,dc=domain,dc=com)

    putting this together path becomes something like (LDAP://subdomain.domain.com/dc=subdomain,dc=domain,dc=com) which is a serverless bind, you can replace the first part with a server if you wish.

    Dim SearchDir As New DirectoryServices.DirectorySearcher(DirEntry)

    SearchDir.Filter = strFilter

    Where strFilter is the search in LDAP query format so yours would be something like (&(samAccountName=12345)), samaccountName is the NT UserID

    SearchDir.PropertiesToLoad.Add("samaccountname")

    searchDir.PropertiesToLoad.Add("mail")

    searchdir.PropertiesToLoad.Add("proxyAddresses")

    The three lines above query for the attributes on the object that is found (assuming the object exists and is unique from your search), the attributes represent the NT User ID, mail (Primary or Reply-to SMTP alias) and proxyAddresses (collection of secondary SMTP addresses that are associated with the object)

    You have now formed the full query with the starting point, the filter and things to return. You need to run the query and collect the result to iterate.

    Dim searchReturn As DirectoryServices.SearchResultCollection

    searchReturn = SearchDir.FindAll()

    You then have a search result collection which you can iterate and request the values of the attributes you included in the propertiesToLoad

    such as:

    Dim object As DirectoryServices.SearchResult

    strPrimarySMTP = object.Properties("mail").Value

    The above is an overview of the whole thing but hope it may give you some idea and you can always serach on some of the methods I have mentioned. Also grab a LDAP browsing tool such as LDP.exe and also maybe useful to add the ADSIEdit.msc snap-in to your MMC

     

    One further point if you really have three domains to search rather than three forests you can bind to a Global Catalogue using the GC port rather than LDAP and search all three domains at the same time. A global catalogue has a limited replica set of attributes of all objects in the Forest (it will include samaccountname and mail). Just remember not all Domain Controllers in AD are necessarily Global Catalogues.

    HTH

    Paul

    Friday, July 6, 2007 7:09 AM