ASP.NET Web and checking Username and Password using Active Directory

Question

User-200615377 posted

I have a client which needs ASP.NET application authenticate using Active Directory. I downloaded ADAM and installed it and everything looks fine. I created two users and enabled them, changed their password and now I want to use those two users authenticate from ASP.NET application, that is where things are not working out.

I want to know what kind of binding ADAM does and how should my connection string look like ? Secondly, I just want to authenticate user and get its membership. Do I need a username and password to go along with Active Directory ?

<property name="ADsPath">

<value>LDAP://localhost:389/CN=Sandbox,DC=IT</value>

</property>

<property name="context_name">

<value>CN=Users,CN=Sandbox,DC=IT</value>

Other than that can someone please let me know what I'm missing.....

Answer 1

User-319574463 posted
Are they using IE exclusively as their browser on your client's system? If so just switch to windows authentication and pick up the domain and user name. Your LDAP query should then be to check if the user is a member of a group allowed to access the application. (This is assuming of course that that the network admins are prepared to maintain an AD group for access to an application. If not you just look up their domain/username in your own usertable and check ther rights(if any).

Answer 2

User-319574463 posted
Your LDAP access should allow queries to be run by any logged on domain user. What you are very unlikely to be able to do, is to pass the user's username and password and check that they are correct (did you mean this?) - if so the system would be open to a dictionary attack.