Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Active Directory Authentication
0 views
Skip to first unread message
StillStuckOnJava
Jun 24, 2005, 11:54:04 AM6/24/05
to
I need help writing a method to check a username and password in AD. I know;
I've seen forms authentication methods, but I want a simpler way. How can I
search for a user object and compare the name and password against it?
I've seen forms authentication methods, but I want a simpler way. How can I
search for a user object and compare the name and password against it?
Can someone please offer a simple solution to validate the password and
username in AD? thanks.
Brendan Grant
Jun 24, 2005, 12:04:04 PM6/24/05
to
Take a look at
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT02.asp
and http://www.codeproject.com/csharp/arbauthentication.asp for a couple of
examples on how to do it from ASP.NET a standalone application.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT02.asp
and http://www.codeproject.com/csharp/arbauthentication.asp for a couple of
examples on how to do it from ASP.NET a standalone application.
Brendan
StillStuckOnJava
Jun 24, 2005, 1:37:04 PM6/24/05
to
Thank you for the response. Like I said, I tried forms based authentication,
but I don't like it that way. I've also seen the code project sample, but
that wasn't it either. Users don't know LDAP naming conventions.
but I don't like it that way. I've also seen the code project sample, but
that wasn't it either. Users don't know LDAP naming conventions.
There should be a way to enumerate users, find the one I want, and check if
the passwords match. Can anyone think of a better way?
![Willy Denoyette [MVP]'s profile photo](http://lh3.googleusercontent.com/a-/ALV-UjXfXiAXGhHYcXf-iOUYGXHMIHmtAw4w01ItpjRcuAnrUu-vVQ=s40-c)
Willy Denoyette [MVP]
Jun 24, 2005, 1:56:54 PM6/24/05
to
You can't check if passwords match, there no way to retrieve passwords from
the AD.
What's more the AD is not a windows authentication service, it's a
directory, some people suggest (even MSFT) to use it to authenticate but
it's plain wrong to do this, you don't connect with SQL to authenticate a
user neither don't you.
That said, if you need to check a windows user credentials, one could call
"LogonUser" Win32 API. Note that this implies TCB privileges on W2K and
lower.
the AD.
What's more the AD is not a windows authentication service, it's a
directory, some people suggest (even MSFT) to use it to authenticate but
it's plain wrong to do this, you don't connect with SQL to authenticate a
user neither don't you.
That said, if you need to check a windows user credentials, one could call
"LogonUser" Win32 API. Note that this implies TCB privileges on W2K and
lower.
Willy.
"StillStuckOnJava" <StillStu...@discussions.microsoft.com> wrote in
message news:8B957120-52D6-4DB7...@microsoft.com...
0 new messages