I've successfully gotten authentication to work on my web application using LDAP. So nothing is technically wrong with my login.

What I'm having trouble with is once I have verified that a user is in active directory, I need to check a database to see if they have an account in it and/or if they are marked active or not. Then I need to store some basic information (username and id) that will be used on other pages to query my database and return information about the user.

This is all on an intranet site so unfortunately I can not post a link to the site here.

Thanks for any help.

Recommended Answers

All 6 Replies

Out of curiosity, since you're authenticating with LDAP, why not use LDAP for gathering user information as well? It sounds like the basic information is already part of an AD user record, so there's no point duplicating that information in another database.

Well we a storing a lot more information that what we can in AD. This app is for an online user directory that has their employment history, education history, contact information. I'm currently only using AD for authentication so people only have to use a single signon across all platforms.

You can pass through the identity and use it as a key into the database. Seems to me this is really a matter of finding a good piece of information from the authentication result that can be used to pull back a unique record from the database.

So the question might be how are you querying for a user record?

Sounds like what you are really going to be storing is an "extended profile/account info". there are quite a bit of unused attributes in the directory to store info and of course, the schema can be extended, but anyways... So, regarding the database portion, what do you need help with?

just as a thought regarding storing user information in your database, rather than storing the userID, you may consider storing the GUID since users from time to time have their user IDs changed. The user's GUID will not change, not even if the user is migrated from domain to domain within the Active Directory forest.

Okay. I take the login name that the user authenticates with and I can do a lookup in my db for them and I can get the information. What I'm trying to do is then store the username and id from my db in a variable, cookie, session, or whatever so that I can access it on any page in my project. All my tables reference the users id as the relationship.

I'm also in live chat if anyone want's to chat with me directly about this.

Just as an update. I'm trying to accomplish a few things on my login page.

  1. Once a user has been "authenticated" using LDAP, I want to check to see if they eithe have a profile and then if it is active or not. Not sure how to code this into my Login page since everything is being handled through LDAP and my web.config file.
  2. Once I have successfully verified that a user exists in my profile database I then need to lookup their id number and store it so that any page in my project can access that value.
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.