Using ADS SID of individual users to authenticate ADS users

Using ADS SID of individual users to authenticate ADS users

Post by deligentma » Fri, 15 Mar 2002 12:40:59



Good Day!

I am synchorinizing ads users with my data
base users table is it possible to use ADS user SID 's
to achive that task?

any idea highly appriciated

Del.

 
 
 

Using ADS SID of individual users to authenticate ADS users

Post by Max L. Vaug » Sat, 16 Mar 2002 05:45:16


The SID will uniquely identify a user within a domain if that is what you are asking.  Even if you move the user to another container within the domain.  The SID
will change if the user is moved to another trusted domain.

Sincerely,
Max Vaughn [MS]
Microsoft Developer Support

Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. You assume all risk for your use.

 
 
 

Using ADS SID of individual users to authenticate ADS users

Post by deligentma » Sat, 16 Mar 2002 08:20:47


Good Day to you Max !

Thanks for that reply.
That bit of information is good for me for the time being
I do have one more question in this regard this is my question.
ADSI is an interface extended for developers to REUSE
and INTEGRATE our apps with ADS without re-inventing the wheel is that
right? well if so
When authenticating users to a web site,(my website) is it possible to use
ADSI and ADS database together for that task as for security  precaution I
am using one to one basis secure certificates - issued by a trusted CA - for
users who are eligible for my website?

have a nice day
Del.



Quote:> The SID will uniquely identify a user within a domain if that is what you

are asking.  Even if you move the user to another container within the
domain.  The SID
Quote:> will change if the user is moved to another trusted domain.

> Sincerely,
> Max Vaughn [MS]
> Microsoft Developer Support

> Disclaimer: This posting is provided "AS IS" with no warranties, and

confers no rights. You assume all risk for your use.
 
 
 

Using ADS SID of individual users to authenticate ADS users

Post by Max L. Vaug » Wed, 20 Mar 2002 02:03:20


Can you start a new thread with your question?  

Sincerely,
Max Vaughn [MS]
Microsoft Developer Support

Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. You assume all risk for your use.

 
 
 

1. Authenticate User in AD using ASP!

I was wondering if anyone can help me with AD Authentication in ASP?
I need to authenticate on one domain/server.  Basically the user will
enter a username and password on a form (ASP Page).  I need to
authenticate that user is a valid user in AD using ASP.  I have some
different samples of how to do this, but none seem to work for me.  I
always get a sucess result, even if I enter the wrong username or
password, and it seems that it should give me an error or fail to
login if one, or both of the values are incorrect.  Here is one
example that I have...

************************************************************************

on error resume next

dim strDomain, strADsPath, strQryName, strUserName, strPassword,
oADsObject, tempstr, strObj

'code to take user details from the form

strADsPath = strDomain
strQryName = Request.form("txtUid")
strPassword = Request.form("txtPwd")

if  instr(strQryName,"\") <> 0 then
 strString = split(strQryName,"\")
 strDomain = strString(0)
 strUserName = lcase(strString(1))
else
 strDomain = "server_name"
 strUserName = lcase(strQryName)
end if

strADsPath = strDomain

'bind to the ADSI object and authenticate username and password
strADsPath = "WinNT://" & strADsPath
tempstr = strDomain & "\" & strUserName
strObj = strADsPath & "/" & strUserName

dim strADsNamespace, oADsNamespace, objDomainUser

set oADsObject = GetObject(strADsPath)

strADsNamespace = left(strADsPath,instr(strADsPath,":"))

set oADsNamespace = GetObject(strADsNamespace)
set oADsObject = oADsNamespace.OpenDSObject(strADsPath, tempstr,
strPassword, 0)

if not (Err.number = 0) then
 'Response.Write "<br><b>Invalid Username or Password!</b><br>"
 AuthUser = false  
else  
 'Response.Write "<br><b>User Authenticated</b><br>"
 AuthUser = true
end if

************************************************************************

2. Recent Discussion about eXcursion

3. retrieving SID's for AD users

4. plugin: please help

5. Only authenticated users can query AD

6. which port of scp for win9x?

7. How to authenticate users against AD via LDAP

8. A500,A2091,SupraXP,LIVE!

9. Searching by SID in AD Using .NET Framework

10. Binding to an AD object using SID

11. Change user object attribute on all users in AD domain

12. need help getting User from AD searching by User GUID

13. Set user account info in AD with vbscript (Let users do it self)