joe_pool_is Posted August 29, 2008 Posted August 29, 2008 Some of our apps need passwords to access parts that should only be available to management. We could develop our own and require management to remember yet another password that we would have to take care of resetting whenever they forget, lock themselves out, or whatever... But, what if we could tap into the Windows Login? Can that be done? Here's what I'm thinking: Call a login box (ours or Windows') and have them enter their username and password. If the username/password combination matches, we activate features if they are in management. I don't really need to know how the Windows Login works - I would just like to call it and get the results. Can that be done? If so, how? If not, what is another solution (besides reinventing the wheel)? Quote Avoid Sears Home Improvement
Nate Bross Posted August 29, 2008 Posted August 29, 2008 (edited) Are all target machiens in an active directory domain? Making a query to LDAP is very simple, heres how you can authenticate to LDAP (active directory) public static Boolean Authenticate(string userName, string password, string domain) { Boolean authentic = false; try { DirectoryEntry entry = new DirectoryEntry("LDAP://" + domain, userName, password); object nativeObject = entry.NativeObject; authentic = true; } catch (Exception) { authentic = false; } return authentic; } Now, if you are using active directory and your IT department keeps all your managers as members of a security group, you can check if the user is a member of said group like this. public static Boolean IsManagement(String uid) { try { DirectoryEntry entry = new DirectoryEntry("LDAP://CN=ManagementSecurityGroup,ou=Users,DC=company,DC=com"); entry.RefreshCache(); foreach (String s in entry.Properties["member"]) { DirectoryEntry entry2 = new DirectoryEntry("LDAP://" + s); if (entry2.Properties["sAMAccountName"].Value.ToString().ToLower().Contains(uid.ToLower()) == true) { if (entry2.Properties["sAMAccountName"].Value.ToString().ToLower() == uid.ToLower()) return true; } } return false; } catch (Exception ex) { //LogError(ex); return false; } } You'll need to add a reference to System.DirectoryServices, then import that namespace. HTH Edited August 29, 2008 by Nate Bross Quote ~Nate� ___________________________________________ Please use the [vb]/[cs] tags on posted code. Please post solutions you find somewhere else. Follow me on Twitter here.
Administrators PlausiblyDamp Posted August 29, 2008 Administrators Posted August 29, 2008 If you are into LinQ as part of the newer 3.5 framework then http://www.codeplex.com/LINQtoAD is well worth a look. Quote Posting Guidelines FAQ Post Formatting Intellectuals solve problems; geniuses prevent them. -- Albert Einstein
joe_pool_is Posted August 29, 2008 Author Posted August 29, 2008 Thanks Plausibly, but we are stuck in the middle ages (.Net Framework 2.0, VS2005, and XP). I suppose I'll have to wait before I get to learn LinQ. At least we are moving out of the stone age! (VB6) Nate: We do have AD here, though I've never done anything with it. Let me give your code a quick test and I'll get back with you! Quote Avoid Sears Home Improvement
joe_pool_is Posted September 2, 2008 Author Posted September 2, 2008 Nate - your query of Active Directory worked! Cool. I've never made a query to Active Directory before. Thanks! Quote Avoid Sears Home Improvement
Nate Bross Posted September 2, 2008 Posted September 2, 2008 Glad it helped -- I can't take complete credit for it, I found it on the internet somewhere and customized it to work for me. I think it was originally from the code project. Anyway, glad it helped. Quote ~Nate� ___________________________________________ Please use the [vb]/[cs] tags on posted code. Please post solutions you find somewhere else. Follow me on Twitter here.
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.