-
Jul 29th, 2005, 09:36 PM
#1
Validate Login against Active Directory
The following function validates a username and password against an active directory.
VB Code:
Private Function ValidateActiveDirectoryLogin(ByVal Domain As String, ByVal Username As String, ByVal Password As String) As Boolean
Dim Success As Boolean = False
Dim Entry As New System.DirectoryServices.DirectoryEntry("LDAP://" & Domain, Username, Password)
Dim Searcher As New System.DirectoryServices.DirectorySearcher(Entry)
Searcher.SearchScope = DirectoryServices.SearchScope.OneLevel
Try
Dim Results As System.DirectoryServices.SearchResult = Searcher.FindOne
Success = Not (Results Is Nothing)
Catch
Success = False
End Try
Return Success
End Function
This would be used like:
VB Code:
If ValidateActiveDirectoryLogin("VBForums", "Woof", "Mouse") Then
'do something
End If
Woka
-
Apr 19th, 2006, 09:56 AM
#2
Junior Member
Re: Validate Login against Active Directory
Hallo,
Is it possible to use this code in the Login Form of vb .net?
Where must I place it?
Also, can it be used in the Custom Login Authentication ASP code that you have written?
Apreciate the help.
Ruaan
-
Apr 19th, 2006, 10:24 AM
#3
Re: Validate Login against Active Directory
Yes to both answers.
Place the code where it can be called. It's just a simple normal bog standard function after all.
Yes it can be directly used with my auth code.
Woka
-
Apr 19th, 2006, 10:34 AM
#4
Junior Member
Re: Validate Login against Active Directory
Hi, I'm busy taking a look at the login.aspx code and can you tell me where must I place this code
VB Code:
Private Function ValidateActiveDirectoryLogin(ByVal Domain As String, ByVal Username As String, ByVal Password As String) As Boolean
Dim Success As Boolean = False
Dim Entry As New System.DirectoryServices.DirectoryEntry("LDAP://" & Domain, Username, Password)
Dim Searcher As New System.DirectoryServices.DirectorySearcher(Entry)
Searcher.SearchScope = DirectoryServices.SearchScope.OneLevel
Try
Dim Results As System.DirectoryServices.SearchResult = Searcher.FindOne
Success = Not (Results Is Nothing)
Catch
Success = False
End Try
Return Success
End Function
Thanks,
R
-
Apr 19th, 2006, 10:35 AM
#5
Junior Member
Re: Validate Login against Active Directory
Originally Posted by RuaanD
Hi, I'm busy taking a look at the login.aspx code and can you tell me where must I place this code
VB Code:
Private Function ValidateActiveDirectoryLogin(ByVal Domain As String, ByVal Username As String, ByVal Password As String) As Boolean
Dim Success As Boolean = False
Dim Entry As New System.DirectoryServices.DirectoryEntry("LDAP://" & Domain, Username, Password)
Dim Searcher As New System.DirectoryServices.DirectorySearcher(Entry)
Searcher.SearchScope = DirectoryServices.SearchScope.OneLevel
Try
Dim Results As System.DirectoryServices.SearchResult = Searcher.FindOne
Success = Not (Results Is Nothing)
Catch
Success = False
End Try
Return Success
End Function
Thanks,
R
Sorry my ASP is very bad
-
Apr 20th, 2006, 11:47 AM
#6
Re: Validate Login against Active Directory
U put that code in the login function ub the auth demo.
Woka
-
Nov 28th, 2006, 03:35 AM
#7
Addicted Member
Re: Validate Login against Active Directory
Hi Wokawidget,
Your code doesn't work in my project. It always return false. It generate error (the server is not operational) if I remove try-catch and search it directly with this:
VB Code:
Private Function ValidateActiveDirectoryLogin(ByVal Domain As String, ByVal Username As String, ByVal Password As String) As Boolean
Dim Success As Boolean = False
Dim Entry As New System.DirectoryServices.DirectoryEntry("LDAP://" & Domain, Username, Password)
Dim Searcher As New System.DirectoryServices.DirectorySearcher(Entry)
Searcher.SearchScope = DirectoryServices.SearchScope.OneLevel
'Try
' Dim Results As System.DirectoryServices.SearchResult = Searcher.FindOne
' Success = Not (Results Is Nothing)
'Catch
' Success = False
'End Try
Dim Results As System.DirectoryServices.SearchResult = Searcher.FindOne
Success = Not (Results Is Nothing)
Return Success
End Function
My domain server still use WinNT4.0, maybe that happened because WinNT4.0 doesn't support it?
Thanks
Michael
-
Nov 28th, 2006, 08:03 AM
#8
Re: Validate Login against Active Directory
What is the value of "LDAP://" & Domain???
Woka
-
Nov 28th, 2006, 08:49 PM
#9
Addicted Member
Re: Validate Login against Active Directory
"LDAP://skb_ii"
skb_ii is the name of my domain.
-
Nov 29th, 2006, 06:11 AM
#10
Re: Validate Login against Active Directory
Hmmmm try modifying the code so the domain passed to the DirectoryEntry object is like:
LDAP://skb_ii.com/DC=skb_ii,DC=com
What happens now?
Woka
-
Nov 29th, 2006, 10:10 PM
#11
Addicted Member
Re: Validate Login against Active Directory
Originally Posted by Wokawidget
Hmmmm try modifying the code so the domain passed to the DirectoryEntry object is like:
LDAP://skb_ii.com/DC=skb_ii,DC=com
What happens now?
Woka
It still not work. Weren't it supposed to be LDAP://skb_ii.com/DN=skb_ii,DC=com ? I've tried this either, but still no luck. It gives the same error mistake:
The server is not operational
at this line :
VB Code:
Dim Results As System.DirectoryServices.SearchResult = Searcher.FindOne
And for .com, maybe NT4 didn't support DNS ? (don't have experience in legacy system )
There's a win2000 server in my company. Maybe I should try join it to test my code.
-
Apr 30th, 2007, 12:17 PM
#12
Member
Re: Validate Login against Active Directory
If this is an NT4 domain, this may not work. NT4 does not understand this provider
-
Apr 30th, 2007, 01:15 PM
#13
Re: Validate Login against Active Directory
Hmmmm...are ppl still running NT4
Woof
-
Jul 8th, 2007, 05:01 PM
#14
Addicted Member
Re: Validate Login against Active Directory
Hi guys.
Does anyone have any ideas or can help me. I have a windows application that i would like to have a login to. I would like the login to check if you are a member of a certain group and then authenticate you to Active Directory by supplying a valid user name and password.
Maybe i am reading this post wrong but it looks like you are hard coding the user name and password into the code???
What if my password changes or i want to give more than one person access to use my application?
Thanks to anyone who can help me
Cheers
Thanks
Craig Wallace
Active Directory Administrator \ Designer
SMS 2003 Administrator
Everything else Networks
-
Jul 9th, 2007, 07:31 AM
#15
Re: Validate Login against Active Directory
lol. No, nothing is hard coded.
The function validates a username and password for a domain, and you can pass in all 3 params.
I added a demo call, which does have the params "hard coded", but you would just take these values from a UI input...which is simple to do.
Once you have the user in the search results, you can then browse through it's children and check for the group you want.
Woka
-
Jul 9th, 2007, 08:07 AM
#16
Addicted Member
Re: Validate Login against Active Directory
Hi mate and thanks for the reply.
Ok i am new to vb.net biiiiiiiiiiiiiig time, got kind of comfy with vbscript but realise how lazy a coder it makes you.
Anyway i am using vb.net 2005 and i have used the built in login form that i would like to use. The code for the form is below, Can you help me blend your code into the code below and to check for AD membership. What i would like to achive is if User Craig Wallace is not a member of say AD Security Group called User Creation then dont let him in, if he is and he supplies the correct login and password then let him in
Thanks for your help so far.
Public Class LoginForm
' TODO: Insert code to perform custom authentication using the provided username and password
' (See http://go.microsoft.com/fwlink/?LinkId=35339).
' The custom principal can then be attached to the current thread's principal as follows:
' My.User.CurrentPrincipal = CustomPrincipal
' where CustomPrincipal is the IPrincipal implementation used to perform authentication.
' Subsequently, My.User will return identity information encapsulated in the CustomPrincipal object
' such as the username, display name, etc.
Private Sub OK_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles OK.Click
Me.Close()
End Sub
Private Sub Cancel_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Cancel.Click
Me.Close()
End Sub
End Class
Thanks
Craig Wallace
Active Directory Administrator \ Designer
SMS 2003 Administrator
Everything else Networks
-
Jul 9th, 2007, 09:10 AM
#17
Re: Validate Login against Active Directory
Well in the OK_Click event you need to call my function with the username and password, and pass in the domain info.
But before you do that you much loop through the search results...the user object can be found in the results object.
Once you have this then you need to loop through it's children and find the group.
Sorry, I don't have time to write it for you as I am pushed with deadlines
See what you can find on VBF or google regarding AD search results.
Woka
-
Jul 9th, 2007, 09:22 AM
#18
Addicted Member
Re: Validate Login against Active Directory
Hi mate. Thanks very much for the reply. I am soooooooooooooooooo new to vb.net , whats the best way of calling your function. there is no big rush to reply as i know your busy, just when you have a minute
I am going to do this bit by bit.
First get it working with just a user name and password then move on to more advanced stuff like AD group
Thanks again
Thanks
Craig Wallace
Active Directory Administrator \ Designer
SMS 2003 Administrator
Everything else Networks
-
Jul 9th, 2007, 05:17 PM
#19
Re: Validate Login against Active Directory
Ok. np
Lets do this in stages.
So to use the code as it stands now, just validating the user (no group code yet), we would use something like:
Code:
Private Sub OK_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles OK.Click
Dim authenticated As Boolean = AuthenticateUser()
If isAuthenticated Then
'some code here to open app
Me.Close()
Else
'code here to display incorrect login details
End If
End Sub
Private Function AuthenticateUser() As Boolean
Dim username As String = txtUsername.Text
Dim password As String = txtPassword.Text
Dim domain As String = 'this can be in a config file, hard coded (I wouldnt do that), or inputed from the UI
Dim isAuthenticated As Boolean = ValidateActiveDirectoryLogin(username, password, domain)
Return isAuthenticated
End Function
Hope this helps.
Woka
-
Jul 9th, 2007, 05:26 PM
#20
Addicted Member
Re: Validate Login against Active Directory
Hi mate. Thanks for your time tonight.
Ok so i have copied your code into the form.
It may just be a typo but is Dim authenticated not supposed to be Dim isauthenticated
Code:
Dim authenticated As Boolean = AuthenticateUser()
If isAuthenticated Then
Other small issues that vb.net is throwing up are
txtUserNames is not declared
txtPasswords is not declared
on line
Dim domain As String = 'this can be in a config file, hard coded (I wouldnt do that), or inputed from the UI
it is moaning about the = saying expression expected.
Also it is moaning about Name 'ValidateActiveDirectoryLogin' is not declared.
Code:
Private Sub OK_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles OK.Click
Dim authenticated As Boolean = AuthenticateUser()
If isAuthenticated Then
'some code here to open app
Me.Close()
Else
'code here to display incorrect login details
End If
End Sub
Private Function AuthenticateUser() As Boolean
Dim username As String = txtUsername.Text
Dim password As String = txtPassword.Text
Dim domain As String = 'this can be in a config file, hard coded (I wouldnt do that), or inputed from the UI
Dim isAuthenticated As Boolean = ValidateActiveDirectoryLogin(username, password, domain)
Return isAuthenticated
End Function
Thanks
Craig Wallace
Active Directory Administrator \ Designer
SMS 2003 Administrator
Everything else Networks
-
Jul 9th, 2007, 06:16 PM
#21
Re: Validate Login against Active Directory
txtUsername is the name of the text box on screen, as is txtPassword. In your app I don't know what they are called. Replace txtUsername and txtPassword with the name of the controls on your form.
ValidateActiveDirectoryLogin is the function originally posted in this thread....did you not copy that also?
The comain name is giving that error because ' means a remark, ie you must replace this bit of code with something.
Use something like:
Dim domain As String = "MyDomain.com"
Bearing in mind your domain is NOT MyDomain.com...it's soemthing else, so replace that with your domain.
Yea, sorry about typos' Am tired and typed straight into VBF and not a VB.NET editor.
I may suggest you get a Learn VB.NET in 21 days kind of book...this will seriously benefit you, and you'll be up and running in no tiem at all.
WOka
-
Jul 9th, 2007, 06:18 PM
#22
Addicted Member
Re: Validate Login against Active Directory
Thanks for the reply. i am also very tired and going to bed now. i will pick this up tomorrow. thanks for the pointers i will put them right tomorrow.
Thanks again for your help, it really is helping me learn big time.
Cheers
Thanks
Craig Wallace
Active Directory Administrator \ Designer
SMS 2003 Administrator
Everything else Networks
-
Jul 10th, 2007, 02:42 PM
#23
Addicted Member
Re: Validate Login against Active Directory
Hi mate.
Ok picking this back up tonight. I have copied your code as per your posts and have put it into my login form. I am hard coding the domain for the time being. Now when the form loads i am putting the correct login details as thats what i used to login to my laptop but the code always returns in correct login details. I have put a couple of msgbox's in as you will see.
Any ideas as to why it does not think i am using the right details?
Thanks for your help.
Code:
Public Class AuthenticateWithAD
Private Sub OK_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles OK.Click
Dim isauthenticated As Boolean = AuthenticateUser()
If isauthenticated Then
MsgBox("YOU HAVE BEEN AUTHENTICATED")
Me.Close()
Else
MsgBox("YOU HAVE NOT BEEN AUTHENTICATED")
End If
End Sub
Private Function ValidateActiveDirectoryLogin(ByVal Domain As String, ByVal Username As String, ByVal Password As String) As Boolean
Dim Success As Boolean = False
Dim Entry As New System.DirectoryServices.DirectoryEntry("LDAP://" & Domain, Username, Password)
Dim Searcher As New System.DirectoryServices.DirectorySearcher(Entry)
Searcher.SearchScope = DirectoryServices.SearchScope.OneLevel
Try
Dim Results As System.DirectoryServices.SearchResult = Searcher.FindOne
Success = Not (Results Is Nothing)
Catch
Success = False
End Try
Return Success
End Function
Private Function AuthenticateUser() As Boolean
Dim username As String = UsernameTextBox.Text
Dim password As String = PasswordTextBox.Text
'Dim domain As String = 'this can be in a config file, hard coded (I wouldnt do that), or inputed from the UI
Dim domain As String = "WALLACE-UK.COM"
Dim isAuthenticated As Boolean = ValidateActiveDirectoryLogin(username, password, domain)
Return isAuthenticated
End Function
Private Sub Cancel_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Cancel.Click
Me.Close()
End Sub
End Class
Thanks
Craig Wallace
Active Directory Administrator \ Designer
SMS 2003 Administrator
Everything else Networks
-
Jul 10th, 2007, 07:20 PM
#24
Re: Validate Login against Active Directory
ValidateActiveDirectoryLogin(username, password, domain)
should be
ValidateActiveDirectoryLogin(domain, username, password)
-
Jul 11th, 2007, 01:37 PM
#25
Addicted Member
Re: Validate Login against Active Directory
Hi mate. Thanks very much for the update. i have changed my code as per your last post. YAY all is working i can now see it is checking with AD for my login which is cool, so thanks very much.
Ok so on to Part 2. What i now need to work out is that ok so you have the right user name and password but if you are not a member of a Active Directory user group the dont allow login , but if you are and you supply the right user name and password then login.
Any ideas?
Thanks in advance
Thanks
Craig Wallace
Active Directory Administrator \ Designer
SMS 2003 Administrator
Everything else Networks
-
Jul 28th, 2007, 05:58 AM
#26
Addicted Member
Re: Validate Login against Active Directory
Hi guys. Ok thought i would share back this code with others. Ok the code is the original code in that it will authenticate a user againt Active Directory.
The will now also check to see if the user is a member of a certain Active Directory Group. So you now have Group Check and User Name and Password Check.
Also and it may no use to others but i hve put a bit in here to check if the screen res is 1024 x 768 or above. also it has a progress bar.
Afew people on here have helped me along the way so cant take full credit for it.
Anyway here is the code. I hope someone finds it usefull
Code:
Imports System.DirectoryServices
Imports System.Net.Mail
Public Class Authenticate_With_Active_Directory
Private Sub OK_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles OK.Click
Dim isauthenticated As Boolean = AuthenticateUser()
If isauthenticated Then
ProgressBar1.Value = 1
Timer1.Enabled = True
'MsgBox("YOU HAVE BEEN AUTHENTICATED")
Dim frm As New Main_Menu
frm.Show()
Me.Close()
Else
ProgressBar1.Value = 1
Timer1.Enabled = True
MessageBox.Show("YOU HAVE NOT BEEN AUTHENTICATED" & _
Environment.NewLine & Environment.NewLine & "PLEASE CONTACT THE LONDON SYSTEMS TEAM. THIS LOGON ATTEMPT HAS BEEN RECORDED", "Alert - PLEASE READ , PLEASE READ", MessageBoxButtons.OK, MessageBoxIcon.Information)
End If
End Sub
Private Sub Timer1_Tick(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Timer1.Tick
ProgressBar1.Value = ProgressBar1.Value + 1
If ProgressBar1.Value = 50 Then
Timer1.Enabled = False
'MsgBox(" progressbar at the end")
End If
End Sub
Private Function ValidateActiveDirectoryLogin(ByVal Domain As String, ByVal Username As String, ByVal Password As String) As Boolean
Dim Success As Boolean = False
Dim Entry As New System.DirectoryServices.DirectoryEntry("LDAP://" & Domain, Username, Password)
Dim Searcher As New System.DirectoryServices.DirectorySearcher(Entry)
Searcher.SearchScope = DirectoryServices.SearchScope.OneLevel
Try
Dim Results As System.DirectoryServices.SearchResult = Searcher.FindOne
Success = Not (Results Is Nothing)
Catch
Success = False
End Try
Return Success
End Function
Private Function AuthenticateUser() As Boolean
Dim username As String = UsernameTextBox.Text
Dim password As String = PasswordTextBox.Text
'Dim domain As String = 'this can be in a config file, hard coded (I wouldnt do that), or inputed from the UI
Dim domain As String = "WITHERS.NET"
Dim isAuthenticated As Boolean = ValidateActiveDirectoryLogin(domain, username, password)
Return isAuthenticated
End Function
Private Sub Cancel_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Cancel.Click
Me.Close()
End Sub
Private Sub AuthenticateWithAD_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
Dim screenSize As Rectangle = Screen.PrimaryScreen.Bounds
If screenSize.Width < 1024 Or screenSize.Height < 768 Then
MessageBox.Show("Incorrect Screen Size" & _
Environment.NewLine & Environment.NewLine & "This Application requires a Screen Resolution of 1024 x 768 and above. Please change", "Alert - PLEASE READ , PLEASE READ", MessageBoxButtons.OK, MessageBoxIcon.Information)
Me.Close()
Else
End If
'You grab the current logon username from environment object
Dim userID As String = Environment.UserName
'Then pass it into the function like this
If IsMemberOf(userID, "GROUP NAME YOU WANT TO CHECK") Then
'MessageBox.Show("Yes")
Else
MessageBox.Show("Unauthorised Access, You do not have permission to use this application" & _
Environment.NewLine & Environment.NewLine & "Please contact the London Systems Team", "Alert - UNAUTHORISED ACCESS , UNAUTHORISED ACCESS", MessageBoxButtons.OK, MessageBoxIcon.Information)
Me.Close()
End If
End Sub
Public Shared Function IsMemberOf(ByVal userName As String, ByVal groupName As String) As Boolean
' Uncomment if using at Withers
Dim answer As Boolean = False
Dim dirEntry As DirectoryEntry = Nothing
Dim serverName As String = "SERVER NAME" 'example "server1"
Dim domainName As String = "DOMAIN NAME" 'example "yahoo", "msn", "google"...
Dim domain As String = "NET" 'example "com", "org", "net"...
Dim ldapPath As String = "LDAP://" & serverName & "/DC=" & domainName & ",DC=" & domain
Dim dirSearcher As DirectorySearcher = Nothing
Dim result As SearchResult = Nothing
Try
'dirEntry = New DirectoryEntry(ldapPath)
'If you run into security permission issue, try this overload with supplied credentials
dirEntry = New DirectoryEntry(ldapPath, "USERNAME", "PASSWORD", AuthenticationTypes.Secure)
dirSearcher = New DirectorySearcher(dirEntry)
With dirSearcher
.Filter = "(SAMAccountName=" & userName & ")"
.PropertiesToLoad.Add("memberOf")
result = .FindOne()
End With
If Not result Is Nothing Then
Dim propertyCount As Integer = result.Properties("memberOf").Count
Dim dn As String = String.Empty
Dim group As String = String.Empty
Dim equalsIndex, commaIndex As Integer
Dim propertyCounter As Integer = 0
While propertyCounter < propertyCount
dn = CType(result.Properties("memberOf").Item(propertyCounter), String)
equalsIndex = dn.IndexOf("=", 1)
commaIndex = dn.IndexOf(",", 1)
If -1 = equalsIndex Then
Return False
End If
group = dn.Substring((equalsIndex + 1), (commaIndex - equalsIndex) - 1).ToUpper
If group = groupName.ToUpper Then
answer = True
Exit While
End If
propertyCounter += 1
End While
End If
Catch ex As Exception
Throw New Exception(ex.Message)
Finally
'Release unmanaged COM objects
dirEntry = Nothing
dirSearcher = Nothing
End Try
Return answer
End Function
End Class
Thanks
Craig Wallace
Active Directory Administrator \ Designer
SMS 2003 Administrator
Everything else Networks
-
Jul 31st, 2007, 04:08 AM
#27
Re: Validate Login against Active Directory
Cool. Thanks for the code
Woka
-
Jul 31st, 2007, 04:49 AM
#28
Re: Validate Login against Active Directory
Hi.
I have cleaned the code up slightly for you. I hope you don't mind.
I have also combined the Validate and the Check group functions into one function.
You seemed to be doing something funny with the ldap path, so I simplified this also.
If you pass a groupname to the function then it validates this and checks if the user is a member, if no groupname is passed then the user is validated for a normal login.
Hope this helps, and thanks again for posting the code.
Code:
Private Function AuthenticateUser() As Boolean
Dim username As String = "TestUser11@WokasCustomer.com"
Dim password As String = "Woof123"
Dim domain As String = "eQuest.local"
Dim isAuthenticated As Boolean = ValidateActiveDirectoryLogin(domain, username, password, "Admins@WokasCustomer.com")
Return isAuthenticated
End Function
Public Function ValidateActiveDirectoryLogin(ByVal domainName As String, ByVal userName As String, ByVal userPassword As String, ByVal groupName As String) As Boolean
Dim isValidated As Boolean = False
Try
Dim ldapPath As String = "LDAP://" & domainName
Dim dirEntry As New DirectoryEntry(ldapPath, userName, userPassword, AuthenticationTypes.Secure)
Dim dirSearcher As New DirectorySearcher(dirEntry)
dirSearcher.Filter = "(userPrincipalName=" & userName & ")"
dirSearcher.PropertiesToLoad.Add("memberOf")
Dim result As SearchResult = dirSearcher.FindOne()
If Not result Is Nothing Then
If groupName.Length = 0 Then
isValidated = True
Else
Dim groupCount As Integer = result.Properties("memberOf").Count
Dim isInGroup As Boolean = False
For index As Integer = 0 To groupCount - 1
Dim groupDN As String = result.Properties("memberOf").Item(index)
Dim equalsIndex As Integer = groupDN.IndexOf("=")
Dim commaIndex As Integer = groupDN.IndexOf(",")
Dim group As String = groupDN.Substring((equalsIndex + 1), (commaIndex - equalsIndex) - 1).ToLower
If group.Equals(groupName.ToLower) Then
isInGroup = True
Exit For
End If
Next index
isValidated = isInGroup
End If
End If
Catch ex As Exception
Throw New Exception(ex.Message)
End Try
Return isValidated
End Function
Woka
-
Jul 31st, 2007, 05:36 AM
#29
Addicted Member
Re: Validate Login against Active Directory
Hi mate. No of course i dont mind and its great to see another way of doing it. All about learning
Thanks again.
Thanks
Craig Wallace
Active Directory Administrator \ Designer
SMS 2003 Administrator
Everything else Networks
-
Jul 31st, 2007, 05:41 AM
#30
Re: Validate Login against Active Directory
np
Also, I changed it to search for sAMAccountName to userPrincipalName.
sAMAccountNames are like eQuest\Wokawidget
userPrincipalNames are like Wokawidget@eQuest.com
Most MS apps now use the UPN and not SAMAccountName...except some of thier hosting software, with exchange, as that requires the sAMAccountName to validate a mobile device.
Woka
-
Sep 21st, 2007, 12:09 AM
#31
New Member
Re: Validate Login against Active Directory
hi there.
not that into development, but i find the code very helpful.
is there a way for the code to be modified and also check for "Bad Login Count"?
regards.
-
Oct 3rd, 2007, 11:55 PM
#32
New Member
Re: Validate Login against Active Directory
no suggestion? can someone suggest how to get badlogoncount?regards
-
Oct 4th, 2007, 05:00 AM
#33
Re: Validate Login against Active Directory
Well if badlogin account is an AD property, then just retrieve this property from the users AD object, which is got during validation process.
ie
Code:
int loginCount = Convert.ToInt32(userADobject.properties["badLogin"].Value.ToString())
But off the top of my head I dont know what the bad login count ad property is.
Woka
-
Oct 4th, 2007, 05:32 AM
#34
New Member
Re: Validate Login against Active Directory
thanks for the reply. i'll try that suggestion.
we used this:
Code:
IntAttempts = objUser.BadLoginCount
but it's not working as expected.
regards.
-
May 16th, 2008, 09:07 AM
#35
New Member
Re: Validate Login against Active Directory
The code works great. Thank you very much.
is there a way in this function to check the manager property within active directory. for instance:
Johns manager is Sam
When John logs in it runs
Code:
messagebox.show("Your manager is " & somthing here)
thanks again
-
May 16th, 2008, 11:23 AM
#36
Re: Validate Login against Active Directory
Yes.
From Post 28, the user object is stored in a variable called "result".
So to get the manager you would use the following:
Code:
Dim managerPath As String.Empty;
if (result.Properties("managedBy").Count == 1) Then
Dim managerDN As String = result.Properties("managedBy").Value.ToString()
managerPath = string.Format("LDAP://{0}", managerDN);
End If
if (managerPath.length > 0) Then
DirectoryEntry managerObject = new DirectoryEntry(managerPath)
string managerUPN = managerObject.Properties("userprincipalName").value.ToString()
string managerDisplayName = managerUPN;
if (managerObject.Properties("displayName").Count == 1) Then
managerDisplayName = managerObject.Properties("displayName").value.ToString()
End If
End if
Hope that helps.
Woka
-
May 16th, 2008, 12:22 PM
#37
New Member
Re: Validate Login against Active Directory
Is that vb.net code or C# I have not been able to get it to work here is a screen shot of the errors:
-
May 16th, 2008, 02:20 PM
#38
Re: Validate Login against Active Directory
yes u are right...its a mix of them both
Doh
I have been coding in both a lot recently.
try this:
Code:
Dim managerPath As String = String.Empty
if (result.Properties("managedBy").Count = 1) Then
Dim managerDN As String = result.Properties("managedBy").Value.ToString()
managerPath = string.Format("LDAP://{0}", managerDN)
End If
if (managerPath.length > 0) Then
Dim managerObject As DirectoryEntry = new DirectoryEntry(managerPath)
Dim managerUPN As String= managerObject.Properties("userPrincipalName").value.ToString()
Dim managerDisplayName As String = managerUPN
if (managerObject.Properties("displayName").Count = 1) Then
managerDisplayName = managerObject.Properties("displayName").value.ToString()
End If
End if
Also u need to add:
Code:
dirSearcher.PropertiesToLoad.Add("managedBy")
-
May 16th, 2008, 02:52 PM
#39
New Member
Re: Validate Login against Active Directory
Thank you so much for you time and help. I am a noob at active directory.
I also still have one error when i get to the
Code:
If (result.Properties("managedBy").Count = 1) Then
the system says "Object referance not set to an instace of an object"
also the code still shows the following error. If i remove the .value.toString and replace it with .toString it will take the error away but i dont know if it will work here is a picture. thanks again for your help!
-
May 20th, 2008, 12:50 PM
#40
Re: Validate Login against Active Directory
yea, sorry.Was on my mobile fone in town when I posted
instead of
.Value.ToString()
use
.Item(0).ToString();
Woka
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|