locked
Active directory Authentication using Email id instead of username RRS feed

  • Question

  • User1636150863 posted

    Hi,

    In one of my project (web application) I have to authenticate user using Active Directory. I am using System.DirectoryServices.DirectoryEntry to validate user using username and password.

    But, along with this I also need to validate user based on his emails id and password. Is there any Tutorial on help present to validate user based on Domain email id and password.

    I am thinking about using System.DirectoryServices.AccountManagement. PrincipalContext to extract username based on email id provided and then validate user based on username and password.

    But, if there already any API available for this, then I will use that.

    Please provide your view on this.

    Regards,

    Ajay

    Monday, November 24, 2014 12:21 AM

Answers

  • User-166373564 posted

    HI Ajay,

    validate user based on his emails id and password. Is there any Tutorial on help present to validate user based on Domain email id and password.

    For this issue, how about using membership your application, it create an ASP.NET Web page that contains TextBox controls to obtain the user name and password (and, optionally, the user's e-mail address), and then use the CreateUser Membership API method to programmatically create the new user. see: How To: Use Membership in ASP.NET 2.0 http://msdn.microsoft.com/en-us/library/ff648345.aspx 

    Please let me know if there is anything that I can do to help.

    Best regards,

    Angie

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, November 28, 2014 2:06 AM

All replies

  • User-166373564 posted

    HI Ajay,

    validate user based on his emails id and password. Is there any Tutorial on help present to validate user based on Domain email id and password.

    For this issue, how about using membership your application, it create an ASP.NET Web page that contains TextBox controls to obtain the user name and password (and, optionally, the user's e-mail address), and then use the CreateUser Membership API method to programmatically create the new user. see: How To: Use Membership in ASP.NET 2.0 http://msdn.microsoft.com/en-us/library/ff648345.aspx 

    Please let me know if there is anything that I can do to help.

    Best regards,

    Angie

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, November 28, 2014 2:06 AM
  • User75903138 posted

    What I would do is return the email address from the Domain and compare it to what is enter. See code below:

    public bool isActiveDirectoryUser(string userName, string password, string domain, string email)
    {
        string domainName = domain;
        string ldapPath = ConfigurationManager.AppSettings[domain + "LDAPPath"].ToString();
        string domainAndUsername = domainName + @"\" + userName;
    
        DirectoryEntry entry = new DirectoryEntry(ldapPath, domainAndUsername, password); 
    
        Object obj = entry.NativeObject;
        DirectorySearcher search = new DirectorySearcher(entry);
        search.Filter = "(SAMAccountName=" + userName + ")";
        search.PropertiesToLoad.Add("displayName");
    
        SearchResult result = search.FindOne();
        DirectoryEntry obUser = new DirectoryEntry(result.Path);
    
        if(email == getUserProperty(obUser, "mail"))
        {
            //User Email match
        }
        else
        {
           //User Email not match
        }
    }
    
    private String getUserProperty(DirectoryEntry entry, String propName)
    {
         if (entry.Properties[propName] == null || entry.Properties[propName].Count==0 ) return String.Empty;
         if (entry.Properties[propName][0] == null) return String.Empty;
                
         return entry.Properties[propName][0].ToString();
    }

    Wednesday, December 10, 2014 2:41 PM