How to authenticate against the Active Directory using forms authentication with password expiration

Discussion in 'ASP .Net Web Services' started by Ruggiero, Vince, Dec 14, 2009.

  1. Hello everyone. Please help!

    I am new to the .NET web application development. I have used the code from
    the link below to create a basic login page in front of the Microsoft Live
    Single Sing On.

    http://support.microsoft.com/default.aspx/kb/326340

    I managed to combine the two together (LiveSSO w/ Forms Authentication)
    turning off the Integrated Authentication in IIS from the SSO setup. All
    works as expected if the user successfully authenticates with AD.

    THE PROBLEM that I am having is that when the user failes to authenticate it
    only returns: "Error authenticating user. Logon failure: unknown user name
    or bad password". This message appears also when the user is set to change
    the password at next logon. What I want it to do is to read the error code
    of exactly why it failed so I can setup a redirect to a password reset page
    (i.e. if error is "User flag is set to change pswd" etc.etc.)

    From the page linked above you can see the VB code of LdapAuthentication.vb
    which does the trick of authenticating the accounts or returning the error
    message if the login fails.

    The part that returns the "Error authenticating user. Logon failure: unknown
    user name or bad password." Is handled by this subroutine:

    1.Catch ex As Exception
    2.Throw New Exception("Error authenticating user. " & ex.Message)
    3.End Try
    That's what I have been trying to customize to see how it can return a
    specific code based on the user account AD flags, instead of the generic
    message.

    Does anyone have any clue or idea how I can accomplish that? Any help would
    be greatly appreciated. Thanks in advance!
     
    Ruggiero, Vince, Dec 14, 2009
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.