VB.NET App +ADS +DirectoryEntry/Searcher +AuthenticationTypes.Secure


C

Chad Beckner

Hi everyone,

Sorry for cross posting, but I wanted to try and put this where it would
be more visible to everyone... :)

I need to find a way to be able to search for entries in our ADS tree. I
have it working, but I have to pass it my username/password in order to
search it. What I would like to do is pass the username/password to the
DirectoryEntry as parameters without having to hard code a
username/password. I know how to get the username, but how can I pass the
password (i.e. how can I get the password in order to pass it?). For
example:

strUsername = "UserA"
strAuthUsername = "Admin" <--- Hard coded = BAD
strAuthPassword = "Password" <--- Hard coded = BAD
strDomain = "ADS"
strServer = "ads.somewhere.com"
strFilter = ""

Public Shared Function GetUser_DirectoryEntry(ByVal strUsername As
String, ByVal strAuthUsername As String, ByVal strAuthPassword As String,
ByVal strDomain As String, ByVal strServer As String, ByVal strFilter As
String) As DirectoryEntry
Dim strLoginName As String = String.Format("{0}\{1}",
strDomain.Trim, strAuthUsername.Trim)
Dim deSearchRoot As New
DirectoryEntry(String.Format("LDAP://{0}", strDomain.Trim), strLoginName,
strAuthPassword.Trim, AuthenticationTypes.Secure)
Dim de As DirectoryEntry

Try
Dim dsUser As DirectorySearcher = New
DirectorySearcher(deSearchRoot,
String.Format("(&(objectCategory=person)(sAMAccountName={0}))",
strUsername.Trim))
Dim srcUser As SearchResultCollection = dsUser.FindAll()
If IsNothing(srcUser) Then
Throw New Utilities.ExceptionHandler("Could not find
user in ADS tree")
Else
de = srcUser(0).GetDirectoryEntry
End If
Catch ex As Exception
Return Nothing
End Try
Return de
End Function

Thanks for any assistance!

Chad
 
Ad

Advertisements

S

Scott Allen

username/password. I know how to get the username, but how can I pass the
password (i.e. how can I get the password in order to pass it?). For
example:

Hi Chad,

Are you saying you want to retrieve a user's password given thier
username? You won't find a way to do that, but you could store the
username and password in the .config or another configuration file in
an encrypted form.

In ASP.NET you could also impersonate a fixed identity by specifying a
username / password in web.config (and this section also supports
encryption). Impersonation will work if the identity is trusted on the
other domain.
 
Ad

Advertisements

C

Chad Beckner

No, I don't want to retrieve it, but be able to "use" it to query ADS based
on "their" credentials, instead of having hard coded username & password.

P.S. This "function" will also be run in ASP.NET, but I also need this to
work in a WinForm VB.NET app. :)

Chad
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top