Urgent: Connecting to active directory using cached credentials

Discussion in 'ASP .Net' started by Chris L, Oct 7, 2004.

  1. Chris L

    Chris L Guest

    Hello,

    I'm hoping to find out if it is possible to connect
    within an ASP.NET application to Active Directory with
    the credentials of the person who accessed the ASP.NET
    application via IIS, using windows integrated
    authentication.

    I've tried using ADO, ADSI, and Directory Services, but I
    have yet to find a way to connect to active directory
    with the security token created by IIS, when the user
    accesses the ASP.NET application with windows integrated
    authentication.

    Being able to do this is a pretty urgent problem, so any
    help anyone could provide would be extremely appreciated.

    Thank you!
    -Chris
     
    Chris L, Oct 7, 2004
    #1
    1. Advertisements

  2. Chris L

    Guest Guest

    I'm hoping to find out if it is possible to connect
    I also posted this question to general.adsi.

    -Chris
     
    Guest, Oct 7, 2004
    #2
    1. Advertisements

  3. Are u interested in Forms or wINDOWS aUTHENTICATION?'
     
    Patrick.O.Ige, Oct 7, 2004
    #3
  4. Chris L

    Scott Allen Guest

    Hi Chris:

    The problem you are probably facing is the one hop limit of NTLM
    authentication. The user's credentials make one hop from the browser
    to the web server, and the web server can use those credentials
    impersonate the user on the web server. However, the server cannot use
    those credentials to make a second hop to the AD controller.

    One way around this is to move up one step from impersonation to
    delegation.

    See:
    How To Configure an ASP.NET Application for a Delegation Scenario.
    http://support.microsoft.com/default.aspx?scid=kb;en-us;810572

    HTH
     
    Scott Allen, Oct 7, 2004
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.