AD users in windows server

Jukka_Leino · July 29, 2014, 9:14am

Hi,

I run standalone web application in IIS. It is in windows server that is connected to Active Directory.
Can I somehow recognise AD users in my webapp? And maybe authenticate and use SSO?
If someone can give me example or some pointers where to look for.

Thanks

Jukka

Horst_Jehle · July 29, 2014, 10:33am

This is my ADLogin projecct for a desktop application and it should also work as a web application.

Dim strUser, strPassword, strServer, strQuery As String

strUser = ADUser
strPassword = ADPassword
dim LogonServer as string
LogonServer = ReplaceAll(system.EnvironmentVariable(“LOGONSERVER”), “”, “”)

Dim adoConnection, adoCommand,adoRecordset As OleObject

strQuery = “SELECT cn FROM 'LDAP://” + LogonServer + "’ WHERE ObjectClass=’*’ "

adoConnection = new OLEOBJECT(“ADODB.Connection”)
adoConnection.Provider = “ADsDSOOBJECT”
adoConnection.Properties(“User ID”) = strUser
adoConnection.Properties(“Password”) = strPassword
adoConnection.Properties(“Encrypt Password”) = false
adoConnection.open (“DS Query”, strUser, strPassword)

adoCommand = New OleObject(“ADODB.Command”)
adoCommand.ActiveConnection = adoConnection
adoCommand.CommandText = strQuery
adoCommand.Properties(“Size Limit”) = 1

adoRecordset = New OLEObject(“ADODB.Recordset”)

try
adoRecordset = adoCommand.Execute()
Catch ExecuteError As OLEException
// User did not manage to login
msgbox ExecuteError.message
adoConnection.close

adoConnection = Nil
adoCommand = Nil
adoRecordset = Nil
exit

End Try

// User manage to login
msgbox (strUser+" manage to login on Active Directory Server: "+ LogonServer)

adoConnection.close
adoConnection = Nil
adoCommand = Nil
adoRecordset = Nil

exception err as oleexception
msgbox err.message

Jukka_Leino · July 29, 2014, 11:19am

Thank You!

Works perfectly.

Rick_Araujo · July 29, 2014, 1:30pm

In the past, ADODB was only present on machines with Microsoft Office installed. Had that changed?

Jukka_Leino · July 30, 2014, 8:12am

I think it comes with some .NET framework.

I’m tryin now to check if user belongs to AD group.
I changed this strQuery line to:
strQuery = “SELECT Name, Member FROM ‘LDAP://CN=myGroup,OU=myContainer,DC=Domain,DC=fi’”
…and i think it shoud list members of myGroup to adoRecordset.
But how do I check what’s inside this OLEObject ADODB.Recordset?

Jukka_Leino · July 30, 2014, 12:52pm

Ok, little further…
This gives proper list on users in myGroup:

strQuery = "SELECT sAMAccountName FROM 'LDAP://" + LogonServer + "' WHERE objectCategory = 'Person' and memberOf = 'CN=myGroup,OU=myContainer,DC=domain,DC=fi' "

…and this lists users, but first you have to remove line ‘adoCommand.Properties(“Size Limit”) = 1’

While Not adoRecordset.eof Listbox1.AddRow x = Listbox1.LastIndex Listbox1.Cell(x,0) = adoRecordset.Fields("sAMAccountName").Value adoRecordset.MoveNext Wend