Windows Auth - Active Directory

  • Thread starter J. Shane Kunkle
  • Start date
J

J. Shane Kunkle

Hello,

I have a web application that uses windows authentication. All the users
log in using an active directory account. When an authenticated user
performs certain actions I would like to retrieve specific information from
their active directory record (email address, etc).

I can obviously get their "domain\account" from
HttpContext.Current.User.Identity.Name - but what is the easiest way to
access active directory records in this case?

I feel like there should be some easy way to access active directory
information in this situation because the user is already authenticated (a
property of the User object, etc) however I have not found anything yet.

The best examples I have found use the DirectorySearcher and DirectoryEntry
objects but this seems to be quite a bit of work and I was hoping there
would be an easier way.

What is the recommended way to access active directory information in this
situation?

Any advice or direction is greatly appreciated - Thanks in advance,

J. Shane Kunkle
(e-mail address removed)
 
J

Joe Kaplan \(MVP - ADSI\)

There isn't really an easier way. You need to use the DirectorySearcher to
search for their user object using the samAccountName (which you get from
their login name, e.g. domain\samAccountName) and find the attributes you
need from the result of the search.

The filter would look like:

(sAMAccountName=xxxx)

You would need to search the root of the domain the user is in or use the
Global Catalog for the forest if all the attributes you need are in the GC.

The way I've done this kind of thing before is to write a custom HttpModule
that looks up the user's info and adds it to a custom IPrincipal object. I
use session or cache to cache the data so that you don't need to look up the
values on every request.

I hope that gives you some ideas. I'd follow up with specific questions to
microsoft.public.adsi.general

Joe K.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,902
Latest member
Elena68X5

Latest Threads

Top