Authenticate against Active Directory

Discussion in 'ASP General' started by Bud, Nov 9, 2005.

  1. Bud

    Bud Guest

    I would like to be able to pass a request to IIS to have a user name and
    password authenticated against my Active Directory Users database. I'm
    running Server 2003 however my web pages are build using ASP (not .NET).
    What I want to do is to open the standard User Name/Password form (I don't
    know how to do that either) and then make my request and get back a
    True/False result. There must be a way to do that but I haven't found it
    after 3 hours of searching the web.
    Thanks,
    Bud
     
    Bud, Nov 9, 2005
    #1
    1. Advertising

  2. Bud

    TomB Guest

    I assume this is on an Intranet (otherwise your going to need to create a
    lot of users in AD)

    If you set the IIS authentication to "Windows Authentication" and set the
    NTFS permissions on the folders on your site, your users will be
    automatically authenticated.

    If you'd like to capture the username then you can use
    Request.ServerVariables("LOGON_USER")

    http://www.aspfaq.com/show.asp?id=2046

    Tom B

    "Bud" <> wrote in message
    news:%...
    >I would like to be able to pass a request to IIS to have a user name and
    >password authenticated against my Active Directory Users database. I'm
    >running Server 2003 however my web pages are build using ASP (not .NET).
    >What I want to do is to open the standard User Name/Password form (I don't
    >know how to do that either) and then make my request and get back a
    >True/False result. There must be a way to do that but I haven't found it
    >after 3 hours of searching the web.
    > Thanks,
    > Bud
    >
     
    TomB, Nov 10, 2005
    #2
    1. Advertising

  3. Bud

    Bud Guest

    Tom - thanks for your suggestion. However, I don't want to have everyone
    that visits my site to logon. Some of the pages that are in the site give
    the visitor a chance to download files. The files are to be placed there by
    "the owner" of that page. So what I want to do it to have an unlock icon on
    the page that the "owner" can click on (and so could others but they
    wouldn't know the password). An emtpy form field would be presented and the
    "owner" would then enter his/her password. I already know the "owner's"
    user id associated with that page. Now having the user id and password, I
    want to query AD to verify that the password is valid for that user. Sounds
    simple to me, but I sure can't figure out how or if it can be done. I could
    always create a table in the database that goes with this application and
    authenticate using it, however, that would force my users to remember
    another password.


    Bud
    "TomB" <> wrote in message
    news:%...
    >I assume this is on an Intranet (otherwise your going to need to create a
    >lot of users in AD)
    >
    > If you set the IIS authentication to "Windows Authentication" and set the
    > NTFS permissions on the folders on your site, your users will be
    > automatically authenticated.
    >
    > If you'd like to capture the username then you can use
    > Request.ServerVariables("LOGON_USER")
    >
    > http://www.aspfaq.com/show.asp?id=2046
    >
    > Tom B
    >
    > "Bud" <> wrote in message
    > news:%...
    >>I would like to be able to pass a request to IIS to have a user name and
    >>password authenticated against my Active Directory Users database. I'm
    >>running Server 2003 however my web pages are build using ASP (not .NET).
    >>What I want to do is to open the standard User Name/Password form (I don't
    >>know how to do that either) and then make my request and get back a
    >>True/False result. There must be a way to do that but I haven't found it
    >>after 3 hours of searching the web.
    >> Thanks,
    >> Bud
    >>

    >
    >
     
    Bud, Nov 10, 2005
    #3
  4. "Bud" <> wrote in message
    news:...
    > Tom - thanks for your suggestion. However, I don't want to have everyone
    > that visits my site to logon. Some of the pages that are in the site give
    > the visitor a chance to download files. The files are to be placed there
    > by "the owner" of that page. So what I want to do it to have an unlock
    > icon on the page that the "owner" can click on (and so could others but
    > they wouldn't know the password). An emtpy form field would be presented
    > and the "owner" would then enter his/her password. I already know the
    > "owner's" user id associated with that page. Now having the user id and
    > password, I want to query AD to verify that the password is valid for that
    > user. Sounds simple to me, but I sure can't figure out how or if it can
    > be done. I could always create a table in the database that goes with
    > this application and authenticate using it, however, that would force my
    > users to remember another password.


    Ok - so use the same solution that was suggested but only lock down the
    "owner" area ...

    --
    Tom Kaminski IIS MVP
    http://www.microsoft.com/windowsserver2003/community/centers/iis/
    http://mvp.support.microsoft.com/
    http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
     
    Tom Kaminski [MVP], Nov 10, 2005
    #4
  5. Bud

    Bud Guest

    Tom,

    I would lock down the "owner" area, but those pages still need to be
    available to the general public. I might be able to create a completely
    different set of pages that would allow my "owners" to go to when they need
    to modify the content of their public pages. However, that means
    maintaining two sets of pages and I'm sure they would be out of synch real
    soon. I have a firewall (Linux based) that offers an option to authenicate
    against Active Directory, so I'm thinking there should be some way to do
    that in VBScript and ASP. What am I missing here?

    Bud


    "Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
    news:...
    > "Bud" <> wrote in message
    > news:...
    >> Tom - thanks for your suggestion. However, I don't want to have everyone
    >> that visits my site to logon. Some of the pages that are in the site
    >> give the visitor a chance to download files. The files are to be placed
    >> there by "the owner" of that page. So what I want to do it to have an
    >> unlock icon on the page that the "owner" can click on (and so could
    >> others but they wouldn't know the password). An emtpy form field would be
    >> presented and the "owner" would then enter his/her password. I already
    >> know the "owner's" user id associated with that page. Now having the
    >> user id and password, I want to query AD to verify that the password is
    >> valid for that user. Sounds simple to me, but I sure can't figure out
    >> how or if it can be done. I could always create a table in the database
    >> that goes with this application and authenticate using it, however, that
    >> would force my users to remember another password.

    >
    > Ok - so use the same solution that was suggested but only lock down the
    > "owner" area ...
    >
    > --
    > Tom Kaminski IIS MVP
    > http://www.microsoft.com/windowsserver2003/community/centers/iis/
    > http://mvp.support.microsoft.com/
    > http://www.iistoolshed.com/ - tools, scripts, and utilities for running
    > IIS
    >
     
    Bud, Nov 11, 2005
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Joeri KUMBRUCK
    Replies:
    1
    Views:
    4,554
    Ben Lovell
    Aug 30, 2004
  2. Jon
    Replies:
    4
    Views:
    514
  3. Ruggiero, Vince
    Replies:
    0
    Views:
    765
    Ruggiero, Vince
    Dec 14, 2009
  4. Ruggiero, Vince
    Replies:
    0
    Views:
    915
    Ruggiero, Vince
    Dec 14, 2009
  5. Joeri KUMBRUCK
    Replies:
    4
    Views:
    300
    Joeri KUMBRUCK
    Sep 1, 2004
Loading...

Share This Page