Authenticate against Active Directory
in [ASP]
|
From: Bud on 9 Nov 2005 11:37 I would like to be able to pass a request to IIS to have a user name and password authenticated against my Active Directory Users database. I'm running Server 2003 however my web pages are build using ASP (not .NET). What I want to do is to open the standard User Name/Password form (I don't know how to do that either) and then make my request and get back a True/False result. There must be a way to do that but I haven't found it after 3 hours of searching the web. Thanks, Bud
From: TomB on 9 Nov 2005 19:41 I assume this is on an Intranet (otherwise your going to need to create a lot of users in AD) If you set the IIS authentication to "Windows Authentication" and set the NTFS permissions on the folders on your site, your users will be automatically authenticated. If you'd like to capture the username then you can use Request.ServerVariables("LOGON_USER") http://www.aspfaq.com/show.asp?id=2046 Tom B "Bud" <bc1(a)belles.com> wrote in message news:%231zAUvU5FHA.476(a)TK2MSFTNGP15.phx.gbl... >I would like to be able to pass a request to IIS to have a user name and >password authenticated against my Active Directory Users database. I'm >running Server 2003 however my web pages are build using ASP (not .NET). >What I want to do is to open the standard User Name/Password form (I don't >know how to do that either) and then make my request and get back a >True/False result. There must be a way to do that but I haven't found it >after 3 hours of searching the web. > Thanks, > Bud >
From: Bud on 10 Nov 2005 09:52 Tom - thanks for your suggestion. However, I don't want to have everyone that visits my site to logon. Some of the pages that are in the site give the visitor a chance to download files. The files are to be placed there by "the owner" of that page. So what I want to do it to have an unlock icon on the page that the "owner" can click on (and so could others but they wouldn't know the password). An emtpy form field would be presented and the "owner" would then enter his/her password. I already know the "owner's" user id associated with that page. Now having the user id and password, I want to query AD to verify that the password is valid for that user. Sounds simple to me, but I sure can't figure out how or if it can be done. I could always create a table in the database that goes with this application and authenticate using it, however, that would force my users to remember another password. Bud "TomB" <shuckle(a)Hotmail.com> wrote in message news:%23jKYJ6Y5FHA.1000(a)tk2msftngp13.phx.gbl... >I assume this is on an Intranet (otherwise your going to need to create a >lot of users in AD) > > If you set the IIS authentication to "Windows Authentication" and set the > NTFS permissions on the folders on your site, your users will be > automatically authenticated. > > If you'd like to capture the username then you can use > Request.ServerVariables("LOGON_USER") > > http://www.aspfaq.com/show.asp?id=2046 > > Tom B > > "Bud" <bc1(a)belles.com> wrote in message > news:%231zAUvU5FHA.476(a)TK2MSFTNGP15.phx.gbl... >>I would like to be able to pass a request to IIS to have a user name and >>password authenticated against my Active Directory Users database. I'm >>running Server 2003 however my web pages are build using ASP (not .NET). >>What I want to do is to open the standard User Name/Password form (I don't >>know how to do that either) and then make my request and get back a >>True/False result. There must be a way to do that but I haven't found it >>after 3 hours of searching the web. >> Thanks, >> Bud >> > >
From: "Tom Kaminski [MVP]" <tomk mvps on 10 Nov 2005 10:26 "Bud" <bc1(a)belles.com> wrote in message news:ewTYxZg5FHA.1864(a)TK2MSFTNGP12.phx.gbl... > Tom - thanks for your suggestion. However, I don't want to have everyone > that visits my site to logon. Some of the pages that are in the site give > the visitor a chance to download files. The files are to be placed there > by "the owner" of that page. So what I want to do it to have an unlock > icon on the page that the "owner" can click on (and so could others but > they wouldn't know the password). An emtpy form field would be presented > and the "owner" would then enter his/her password. I already know the > "owner's" user id associated with that page. Now having the user id and > password, I want to query AD to verify that the password is valid for that > user. Sounds simple to me, but I sure can't figure out how or if it can > be done. I could always create a table in the database that goes with > this application and authenticate using it, however, that would force my > users to remember another password. Ok - so use the same solution that was suggested but only lock down the "owner" area ... -- Tom Kaminski IIS MVP http://www.microsoft.com/windowsserver2003/community/centers/iis/ http://mvp.support.microsoft.com/ http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
From: Bud on 10 Nov 2005 21:05 Tom, I would lock down the "owner" area, but those pages still need to be available to the general public. I might be able to create a completely different set of pages that would allow my "owners" to go to when they need to modify the content of their public pages. However, that means maintaining two sets of pages and I'm sure they would be out of synch real soon. I have a firewall (Linux based) that offers an option to authenicate against Active Directory, so I'm thinking there should be some way to do that in VBScript and ASP. What am I missing here? Bud "Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message news:uxH3Vsg5FHA.204(a)TK2MSFTNGP10.phx.gbl... > "Bud" <bc1(a)belles.com> wrote in message > news:ewTYxZg5FHA.1864(a)TK2MSFTNGP12.phx.gbl... >> Tom - thanks for your suggestion. However, I don't want to have everyone >> that visits my site to logon. Some of the pages that are in the site >> give the visitor a chance to download files. The files are to be placed >> there by "the owner" of that page. So what I want to do it to have an >> unlock icon on the page that the "owner" can click on (and so could >> others but they wouldn't know the password). An emtpy form field would be >> presented and the "owner" would then enter his/her password. I already >> know the "owner's" user id associated with that page. Now having the >> user id and password, I want to query AD to verify that the password is >> valid for that user. Sounds simple to me, but I sure can't figure out >> how or if it can be done. I could always create a table in the database >> that goes with this application and authenticate using it, however, that >> would force my users to remember another password. > > Ok - so use the same solution that was suggested but only lock down the > "owner" area ... > > -- > Tom Kaminski IIS MVP > http://www.microsoft.com/windowsserver2003/community/centers/iis/ > http://mvp.support.microsoft.com/ > http://www.iistoolshed.com/ - tools, scripts, and utilities for running > IIS >
|
Next
|
Last
Pages: 1 2 Prev: how to create menu with sub menus dynamicly Next: WWW-Authenticate header field. |