Active Directory Authentication in ASP

Discussion in 'ASP General' started by Michael B. Murdock, Sep 25, 2003.

  1. I have been attempting to find a script that works in a variety of AD
    implementations to authenticate a user from a form in ASP. After many failed
    attempts I developed the following test script that seems to work in a
    majority of environments I have tested it in.

    I am posting it for the benefit of other developers trying to solve the same
    problem.

    Best regards,

    Mike Murdock
    www.starphire.com
    Web Content Management Solutions
    mmurdock (at) starphire (d0t) com


    -----------------------------

    I have updated the script to make it more generic and work in multiple
    domain environments and am posting it here as a resource for other users.

    Mike Murdock
    http://www.starphire.com
    Web Content Management Solutions
    mmurdock (at) starphire (d0t) com

    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

    <html>
    <head>
    <title>LDAP Authentication Test</title>
    </head>

    <body>

    <%
    dim submit
    dim UserName
    dim Password

    UserName = "domain\JohnDoe"
    Password = ""
    Domain = "subdomain.domain.com"

    submit = request.form("submit")

    if submit = "Authenticate" then
    UserName = request.form("UserName")
    Password = request.form("Password")
    Domain = request.form("Domain")
    result = AuthenticateUser(UserName, Password, Domain)
    if result then
    response.write "<h3>Authentication Succeeded!</h3>"
    else
    response.write "<h3>Authentication Failed!</h3>"
    end if
    end if

    response.write "<hr><form method=post>"
    response.write "<table>"
    response.write "<tr>"
    response.write "<td><b>Username:&nbsp;</b></td><td><input type=""text""
    name=""UserName"" value=""" & UserName & """ size=""30""><br><small>Enter as
    ""DOMAIN\UserName"" or """" or ""\UserName"" in a
    single domain environment</small></td>"
    response.write "</tr>"
    response.write "<tr>"
    response.write "<td><b>Password:&nbsp;</b></td><td><input
    type=""password"" name=""Password"" value=""" & Password & """
    size=""30""></td>"
    response.write "</tr>"
    response.write "<tr>"
    response.write "<td><b>AD Domain:&nbsp;</b></td><td><input type=""text""
    name=""Domain"" value=""" & Domain & """ size=""30""><br><small>Enter the AD
    Server FQDN, IP Address, or DN<br>Examples: ""adserver1.ourdomain.com"" or
    ""192.168.1.150"" or
    ""192.168.1.150/dc=adserver1,dc=ourdomain,dc=com""</small></td>"
    response.write "</tr>"
    response.write "<tr>"
    response.write "<td>&nbsp;</td><td><input name=""submit""
    type=""submit"" value=""Authenticate""></td>"
    response.write "</tr>"
    response.write "</table>"
    response.write "</form>"
    response.end

    function AuthenticateUser(UserName, Password, Domain)
    dim strUser
    ' assume failure
    AuthenticateUser = false

    strUser = UserName
    strPassword = Password

    strQuery = "SELECT cn FROM 'LDAP://" & Domain & "' WHERE objectClass='*' "
    set oConn = server.CreateObject("ADODB.Connection")
    oConn.Provider = "ADsDSOOBJECT"
    oConn.Properties("User ID") = strUser
    oConn.Properties("Password") = strPassword
    oConn.Properties("Encrypt Password") = true
    oConn.open "DS Query", strUser, strPassword

    set cmd = server.CreateObject("ADODB.Command")
    set cmd.ActiveConnection = oConn
    cmd.CommandText = strQuery
    on error resume next
    set oRS = cmd.Execute
    if oRS.bof or oRS.eof then
    AuthenticateUser = false
    else
    AuthenticateUser = true
    end if
    set oRS = nothing
    set oConn = nothing

    end function

    %>

    </body>
    </html>
     
    Michael B. Murdock, Sep 25, 2003
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?RWdiZXJ0?=

    Asp.Net Forms authentication using Active Directory

    =?Utf-8?B?RWdiZXJ0?=, Nov 3, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    559
    =?Utf-8?B?RWdiZXJ0?=
    Nov 3, 2004
  2. susurla
    Replies:
    1
    Views:
    2,973
    Bruce Barker
    Aug 26, 2005
  3. Replies:
    4
    Views:
    7,398
  4. Replies:
    0
    Views:
    458
  5. Patrick
    Replies:
    1
    Views:
    477
    Paul Glavich [MVP - ASP.NET]
    Sep 2, 2004
Loading...

Share This Page