ASP page to authenticate username and password with active directory

J

Joeri KUMBRUCK

Hello,

I'm trying to create an ASP page where users can type in a username
and password, and these credential should be checked with active
directory. If username and password are correct, the script will
continue to run otherwise it will stop. Below you will find my code
I've programmed until now, at this moment I've got one big problem:
my script stops at the line:
Set oRootDSE = GetObject("LDAP://RootDSE")
Why is this GetObject thing giving so much problems and is there a
way to let it work? Maybe there are already scripts available to do
the same thing, anyway, all help is welcome. Here comes the code:

<html>

<head>
<meta http-equiv="Content-Language" content="nl-be">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<meta name="GENERATOR" content="Microsoft FrontPage 4.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<title>username</title>
</head>

<body>
<SCRIPT LANGUAGE=VBScript>

<!--

Option Explicit

Dim bValid
Dim oRootDSE
Dim oDSObj
Dim oAuth
Dim szNamingContext
Const ADS_SECURE_AUTHENTICATION=1
Dim szUserId, szPasswd
Sub B1_OnClick

bValid = True

Call CheckField(document.form1.username.Value, "Please enter a
value in the field.")
Call CheckField(document.form1.password.Value, "Please enter a
value in the field.")
If bValid Then

szUserId = document.form1.username.value
szPasswd = document.form1.password.value


' Retrieve the current domain
Set oRootDSE = GetObject("LDAP://RootDSE")

szNamingContext = oRootDSE.Get("defaultNamingContext")
' Validate against the namespace
Set oDSObj = GetObject("LDAP:")
Set oAuth = oDSObj.OpenDSObject("LDAP://" & szNamingContext, _
szUserId, szPasswd, ADS_SECURE_AUTHENTICATION)

' User authenticated if we get here
bAuthenticateUser = True


End If

End Sub

Sub CheckField(ByVal strFieldValue, ByVal strMessage)

If strFieldValue = "" Then

MsgBox strMessage, 0

bValid = False

End If

End Sub

-->

</Script>

<FORM NAME="form1">
<p>&nbsp;</p>
<p align="center">username: <input type="text" name="username"
size="20"></p>
<p align="center">password: <input type="password" name="password"
size="20"></p>
<p>&nbsp;</p>
<p align="center">&nbsp;&nbsp;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <input
type="submit" value="Submit"
name="B1">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

<input type="reset" value="Reset" name="B2"></p>
</form>



</body>

</html>
 
T

Tom Kaminski [MVP]

Joeri KUMBRUCK said:
Hello,

I'm trying to create an ASP page where users can type in a username
and password, and these credential should be checked with active
directory.

Here's the one I use:

authad.asp
<html>
<head>
</head>
<body>
<form action=authad.asp method=post>
Username: <input type=text name=strUserName><br>
Password: <input type=password name=strPassword><br>
<input type=submit name=btnSubmit>
</form>
<%
If Request.Form("strUsername") <> "" Then
Dim strADsPath
strADsPath = "WinNT://yourdomain"

strUserName = "yourdomain\" & Request.Form("strUserName")
strPassword = Request.Form("strPassword")

if (not strADsPath= "") then 'if and ADS Object path has been provided
proceed with authentication

' bind to the ADSI object and authenticate Username and password
Dim oADsObject
Set oADsObject = GetObject(strADsPath)
response.write "Authenticating...<br><br>"
Dim strADsNamespace
Dim oADsNamespace
strADsNamespace = left(strADsPath, instr(strADsPath, ":"))
set oADsNamespace = GetObject(strADsNamespace)
Set oADsObject = oADsNamespace.OpenDSObject(strADsPath, strUserName,
strPassword, 0)
' we're only bound if err.number = 0
if not (Err.number = 0) then
Response.Write "<font color='red'><font size = 5><u><b>Authentication has
failed...<b></u></font></font>"
'Response.Write "Failed to bind to object <b>" & strADsPath & "</b><br>"
'response.write err.description & "<p>"
'Response.write "Error number is " & err.number & "<br>"
Session("Auth") = "NO"
else
Response.Write "<font color='blue'>USER AUTHENTICATED!</font><br>"
'Response.Write "Currently viewing object at <b>" & oADsObject.ADsPath &
"</b><br>"
'Response.Write "Class is " & oADsObject.Class & "<br>"
Session("Auth") = "YES"
end if
'response.write "<p>"
end if
End If
%>
</body>
</html>



--
Tom Kaminski IIS MVP
http://www.microsoft.com/windowsserver2003/community/centers/iis/
http://mvp.support.microsoft.com/
http://www.iisfaq.com/
http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
http://www.tryiis.com
 
J

Joeri Kumbruck

Hello Tom,

thanks for your help! I've copy/pasted your code, but it doesn't work. I
can't see anything wrong in it, except some variables which are not
defined. Do I need to do anything special to let it work? I can fill in
the fields and press submit, but there is no result showing...

thanks for your help,

Joeri
 
T

Tom Kaminski [MVP]

Joeri Kumbruck said:
Hello Tom,

thanks for your help! I've copy/pasted your code, but it doesn't work. I
can't see anything wrong in it, except some variables which are not
defined. Do I need to do anything special to let it work? I can fill in
the fields and press submit, but there is no result showing...

Nothing at all shows? Does any ASP work?

--
Tom Kaminski IIS MVP
http://www.microsoft.com/windowsserver2003/community/centers/iis/
http://mvp.support.microsoft.com/
http://www.iisfaq.com/
http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
http://www.tryiis.com
 
J

Joeri KUMBRUCK

Tom,

works like a charme, thank you for the script! I did something wrong when I
wanted to launch the file, but all is working now,

thanks again,

brgds,

Joeri
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,734
Messages
2,569,441
Members
44,832
Latest member
GlennSmall

Latest Threads

Top