1,105,556 Community Members

Auto-authenticate against Active Directory over web

Member Avatar
@theDatagame
Newbie Poster
3 posts since Aug 2009
Reputation Points: 0 [?]
Q&As Helped to Solve: 0 [?]
Skill Endorsements: 0 [?]
 
0
 

Hello DaniWeb,

C#/ASP.Net

I have a user and a server. The server has an intranet page/site I need the user(off-site) to be able to see if they are a part of a user group(domain\CN) on the server.

Using ASP.Net, and Active Directory search classes(Directory Services, etc) is there a way for the user to navigate to the server/intranet site ... Have info about themselves available so that when they hit the IP/intranet site, the site will have a small gateway that will check for the user name on the machine, compare to what is in ActiveDir(common name) and then pass them to the site. But if there is no record for them they get a page saying "Sorry you are not in the proper group to view this page"? All this w/o login screen.

So short version: User(off-site) navigates to company server that has intranet site. Client broadcast info to server. Server grabs info checks against AD for common name. Server "routes to requested page/does not route to requested page" based on result of LDAP query. Check against AD should not require manual login process in this particular case.

Please let me know if I need to provide more info. Thank you in advance for your time/responses.

-Regards
@theDatagame

PS - Should I capture the UserDomainName or UserName for the environment property? I would think that one of those would have to match exactly against the common name I'm looking for on the server.

PSS - I know of VPN but this was not a part of the solution asked of me. I am trying to sneak it in though ...

Member Avatar
|-|x
Posting Whiz
353 posts since Apr 2008
Reputation Points: 113 [?]
Q&As Helped to Solve: 56 [?]
Skill Endorsements: 8 [?]
 
1
 

if you are using Windows authentication, rather than Forms (in your web.config)

<authentication mode="Windows">

Then the User.Identity.Name == "DOMAIN\\UserName" which you can split and use to validate via the DirectorySearcher class.

Hope this helps
/H

You
This article has been dead for over three months: Start a new discussion instead
Post:
Start New Discussion
View similar articles that have also been tagged: