如何使用LDAP和Active Directory，ASP.NET为Intranet创建自动登录系统？ [英] How do I create a Automatic Login system to Intranet using LDAP and Active Directory, ASP.NET ?

问题描述

我希望将自动Active Directory登录实施到我们的一个内部网应用程序。



需要从Active Directory中提取的组和信息



该应用程序在CodeCharge Studio 4.3中编码，因此我无法打开将项目导出到Visual Studio （Witch本身对我来说是一个问题）



它只在Chrome和Firefox上运行



我的设置：

赢取2008 R2企业版

IIS7





试过这个例子：



Imports System.DirectoryServices

I am looking to implement Automatic Active Directory Logon to one of our intranet Applications.

Groups and information needs to extracted from Active Directory

The app was coded in CodeCharge Studio 4.3 so I am unable to open of export the project to Visual Studio (Witch in itself is a problem for me)

It only runs on Chrome and Firefox

My Setup:
Win 2008 R2 Enterprise
IIS7


Tried the example:

Imports System.DirectoryServices

Public Class Test1
    Inherits System.Web.UI.Page

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        REM Handles Me.Load
        Dim strUser As String
        Dim binFlag As Boolean

        REM This is equivalent to adsRoot=GetObject("LDAP://OU=ADSI,DC=ds,DC=microsoft,DC=com")
        REM and opens a connection to the root of the directory that you
        REM would want to search. Replace the string with your directory service root.
        Dim adsRoot As New DirectoryEntry("LDAP://OU=ADSI,DC=...,DC=...,DC=...")

        REM This sets up the filter to be used in searching for the user in AD.
        Dim adsSearch As DirectorySearcher = New DirectorySearcher(adsRoot)

        REM Grab the User ID of the person pulling the page, or the sAMAccountName
        strUser = Page.User.Identity.Name

        REM Strip off domain name (we already know it, although in multi-domain
        REM environments you might find that useful.
        strUser = Mid(strUser, InStr(1, strUser, "\") + 1)

        REM Search Active Directory For the user via
        REM System.DirectoryServices.DirectorySearcher
        Try
            REM We'll load the filter with the items we want to fetch,
            REM similar to a SQL statement.
            REM The first is what we are looking for, the sAMAccountName.
            adsSearch.PropertiesToLoad.Add("sAMAccountName")
            REM We will also need the group membership of the user once
            REM we have found the user.
            adsSearch.PropertiesToLoad.Add("memberof")
            REM We are likely to also need the common name, although
            REM it's not needed for this example.
            adsSearch.PropertiesToLoad.Add("cn")
            REM We don't need the .FullName property for this example,
            REM but you might, so I show it here.
            adsSearch.PropertiesToLoad.Add("FullName")
            REM build the search filter (looking for the user with a login
            REM name that matches who connected to the page.
            adsSearch.Filter = "sAMAccountName=" & strUser

            REM Get some variables ready to receive the results
            Dim oResult As SearchResult
            Dim RetArray As New Hashtable()
            Dim adsGrpcn As String
            binFlag = False

            REM Now get the results (just one), what you get back is 
            REM an object that points to the found user
            oResult = adsSearch.FindOne
            REM You can now loop through the list of groups
            For Each adsGrpcn In oResult.GetDirectoryEntry().Properties("memberof").Value
                REM You'll want to splice this string a bit to match a specific group
                REM Then test to see if it matches your application group. Make sure to
                REM use TRIM() to avoid embedded spaces in the common name of the group.
                Response.Write(adsGrpcn)
                If adsGrpcn = "MyGroup" Then binFlag = True
            Next
        Catch ex As Exception
            Response.Write("I got the following error while trying to authenticate you: " & ex.Message)
            Response.End()
        End Try
        If binFlag Then
            Response.Write("You are authorized!")
        Else
            Response.Write("You are not authorized!")
        End If
    End Sub

End Class

我收到错误：

我在尝试验证您时遇到以下错误：服务器上没有此类对象。



我不是.Net专家，需要一些帮助。



看了大部分文章，但没有一篇能帮到我。



谢谢你你的帮助和时间

Error I got:
I got the following error while trying to authenticate you: There is no such object on the server.

I am not an .Net expert and need some help.

Had a look at most of the articles and none of them helps me exactly.

Thanks for you help and time

推荐答案

你好，



此代码：

Hi,

This code:

strUser = Page.User.Identity.Name

返回当前用户的域名和用户名。



当您进行这样的ldap搜索时：

Returns the domain and username of current user.

When you make a ldap search like this:

adsSearch.Filter = "sAMAccountName=" & strUser

您需要从 strUser 中删除域名，因为您已经在查询域名。



希望它有所帮助。



祝你好运。

You need to remove the domain name from strUser, because you are already querying the domain.

Hope it helps.

Good luck.

这篇关于如何使用LDAP和Active Directory，ASP.NET为Intranet创建自动登录系统？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！