Urgent: Connecting to active directory using cached credentials

Discussion in 'ASP .Net' started by Chris L, Oct 7, 2004.

  1. Chris L

    Chris L Guest

    Hello,

    I'm hoping to find out if it is possible to connect
    within an ASP.NET application to Active Directory with
    the credentials of the person who accessed the ASP.NET
    application via IIS, using windows integrated
    authentication.

    I've tried using ADO, ADSI, and Directory Services, but I
    have yet to find a way to connect to active directory
    with the security token created by IIS, when the user
    accesses the ASP.NET application with windows integrated
    authentication.

    Being able to do this is a pretty urgent problem, so any
    help anyone could provide would be extremely appreciated.

    Thank you!
    -Chris
     
    Chris L, Oct 7, 2004
    #1
    1. Advertising

  2. Chris L

    Guest Guest

    > I'm hoping to find out if it is possible to connect
    >within an ASP.NET application to Active Directory with
    >the credentials of the person who accessed the ASP.NET
    >application via IIS, using windows integrated
    >authentication.
    >
    >I've tried using ADO, ADSI, and Directory Services, but I
    >have yet to find a way to connect to active directory
    >with the security token created by IIS, when the user
    >accesses the ASP.NET application with windows integrated
    >authentication.
    >
    >Being able to do this is a pretty urgent problem, so any
    >help anyone could provide would be extremely appreciated.


    I also posted this question to general.adsi.

    -Chris
     
    Guest, Oct 7, 2004
    #2
    1. Advertising

  3. Are u interested in Forms or wINDOWS aUTHENTICATION?'


    <> wrote in message
    news:0a2201c4ac66$0a2d2930$...
    > > I'm hoping to find out if it is possible to connect
    > >within an ASP.NET application to Active Directory with
    > >the credentials of the person who accessed the ASP.NET
    > >application via IIS, using windows integrated
    > >authentication.
    > >
    > >I've tried using ADO, ADSI, and Directory Services, but I
    > >have yet to find a way to connect to active directory
    > >with the security token created by IIS, when the user
    > >accesses the ASP.NET application with windows integrated
    > >authentication.
    > >
    > >Being able to do this is a pretty urgent problem, so any
    > >help anyone could provide would be extremely appreciated.

    >
    > I also posted this question to general.adsi.
    >
    > -Chris
     
    Patrick.O.Ige, Oct 7, 2004
    #3
  4. Chris L

    Scott Allen Guest

    Hi Chris:

    The problem you are probably facing is the one hop limit of NTLM
    authentication. The user's credentials make one hop from the browser
    to the web server, and the web server can use those credentials
    impersonate the user on the web server. However, the server cannot use
    those credentials to make a second hop to the AD controller.

    One way around this is to move up one step from impersonation to
    delegation.

    See:
    How To Configure an ASP.NET Application for a Delegation Scenario.
    http://support.microsoft.com/default.aspx?scid=kb;en-us;810572

    HTH

    --
    Scott
    http://www.OdeToCode.com/

    On Wed, 6 Oct 2004 23:28:48 -0700, "Chris L" <>
    wrote:

    >Hello,
    >
    > I'm hoping to find out if it is possible to connect
    >within an ASP.NET application to Active Directory with
    >the credentials of the person who accessed the ASP.NET
    >application via IIS, using windows integrated
    >authentication.
    >
    >I've tried using ADO, ADSI, and Directory Services, but I
    >have yet to find a way to connect to active directory
    >with the security token created by IIS, when the user
    >accesses the ASP.NET application with windows integrated
    >authentication.
    >
    >Being able to do this is a pretty urgent problem, so any
    >help anyone could provide would be extremely appreciated.
    >
    >Thank you!
    >-Chris
     
    Scott Allen, Oct 7, 2004
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jim Adams
    Replies:
    1
    Views:
    3,722
    Tim Heuer
    Jan 7, 2004
  2. Amy L.
    Replies:
    2
    Views:
    364
    =?Utf-8?B?QmVu?=
    Jan 25, 2005
  3. Craig G
    Replies:
    0
    Views:
    409
    Craig G
    Mar 7, 2005
  4. =?Utf-8?B?bXVsdGlzeW5j?=

    Connecting to Active Directory through ASP.NET Web form

    =?Utf-8?B?bXVsdGlzeW5j?=, Nov 24, 2005, in forum: ASP .Net
    Replies:
    2
    Views:
    2,713
    =?Utf-8?B?bXVsdGlzeW5j?=
    Nov 25, 2005
  5. Richard Lawson

    Intranet Site connecting to Active Directory

    Richard Lawson, Sep 12, 2007, in forum: ASP General
    Replies:
    1
    Views:
    147
    Dave Anderson
    Sep 12, 2007
Loading...

Share This Page