Windows Auth - Active Directory

Discussion in 'ASP .Net Security' started by J. Shane Kunkle, Sep 9, 2004.

  1. Hello,

    I have a web application that uses windows authentication. All the users
    log in using an active directory account. When an authenticated user
    performs certain actions I would like to retrieve specific information from
    their active directory record (email address, etc).

    I can obviously get their "domain\account" from
    HttpContext.Current.User.Identity.Name - but what is the easiest way to
    access active directory records in this case?

    I feel like there should be some easy way to access active directory
    information in this situation because the user is already authenticated (a
    property of the User object, etc) however I have not found anything yet.

    The best examples I have found use the DirectorySearcher and DirectoryEntry
    objects but this seems to be quite a bit of work and I was hoping there
    would be an easier way.

    What is the recommended way to access active directory information in this
    situation?

    Any advice or direction is greatly appreciated - Thanks in advance,

    J. Shane Kunkle
     
    J. Shane Kunkle, Sep 9, 2004
    #1
    1. Advertising

  2. There isn't really an easier way. You need to use the DirectorySearcher to
    search for their user object using the samAccountName (which you get from
    their login name, e.g. domain\samAccountName) and find the attributes you
    need from the result of the search.

    The filter would look like:

    (sAMAccountName=xxxx)

    You would need to search the root of the domain the user is in or use the
    Global Catalog for the forest if all the attributes you need are in the GC.

    The way I've done this kind of thing before is to write a custom HttpModule
    that looks up the user's info and adds it to a custom IPrincipal object. I
    use session or cache to cache the data so that you don't need to look up the
    values on every request.

    I hope that gives you some ideas. I'd follow up with specific questions to
    microsoft.public.adsi.general

    Joe K.

    "J. Shane Kunkle" <> wrote in message
    news:...
    > Hello,
    >
    > I have a web application that uses windows authentication. All the users
    > log in using an active directory account. When an authenticated user
    > performs certain actions I would like to retrieve specific information
    > from
    > their active directory record (email address, etc).
    >
    > I can obviously get their "domain\account" from
    > HttpContext.Current.User.Identity.Name - but what is the easiest way to
    > access active directory records in this case?
    >
    > I feel like there should be some easy way to access active directory
    > information in this situation because the user is already authenticated (a
    > property of the User object, etc) however I have not found anything yet.
    >
    > The best examples I have found use the DirectorySearcher and
    > DirectoryEntry
    > objects but this seems to be quite a bit of work and I was hoping there
    > would be an easier way.
    >
    > What is the recommended way to access active directory information in this
    > situation?
    >
    > Any advice or direction is greatly appreciated - Thanks in advance,
    >
    > J. Shane Kunkle
    >
    >
    >
    >
    >
     
    Joe Kaplan \(MVP - ADSI\), Sep 9, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?Q2hyaXMgTW9oYW4=?=

    Configuring Windows Auth & Forms Auth in Asp.Net

    =?Utf-8?B?Q2hyaXMgTW9oYW4=?=, Apr 28, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    702
    =?Utf-8?B?Q2hyaXMgTW9oYW4=?=
    Apr 28, 2004
  2. =?Utf-8?B?ZGhucml2ZXJzaWRl?=

    Windows Auth, but Forms Auth for one page?

    =?Utf-8?B?ZGhucml2ZXJzaWRl?=, Jan 8, 2005, in forum: ASP .Net
    Replies:
    1
    Views:
    564
    Elton Wang
    Jan 8, 2005
  3. Chris Mohan

    Configuring Windows Auth & Forms Auth in Asp.Net

    Chris Mohan, Apr 28, 2004, in forum: ASP .Net Security
    Replies:
    2
    Views:
    431
    Chris Mohan
    Apr 29, 2004
  4. Forms Auth Info passed to Windows Auth?

    , Apr 28, 2005, in forum: ASP .Net Security
    Replies:
    1
    Views:
    220
    Hernan de Lahitte
    May 3, 2005
  5. Ed Staffin
    Replies:
    1
    Views:
    353
    Ken Schaefer
    Apr 17, 2006
Loading...

Share This Page