如何使用LDAP和Active Directory,ASP.NET为Intranet创建自动登录系统? [英] How do I create a Automatic Login system to Intranet using LDAP and Active Directory, ASP.NET ?
问题描述
我希望将自动Active Directory登录实施到我们的一个内部网应用程序。
需要从Active Directory中提取的组和信息
该应用程序在CodeCharge Studio 4.3中编码,因此我无法打开将项目导出到Visual Studio (Witch本身对我来说是一个问题)
它只在Chrome和Firefox上运行
我的设置:
赢取2008 R2企业版
IIS7
试过这个例子:
Imports System.DirectoryServices
I am looking to implement Automatic Active Directory Logon to one of our intranet Applications.
Groups and information needs to extracted from Active Directory
The app was coded in CodeCharge Studio 4.3 so I am unable to open of export the project to Visual Studio (Witch in itself is a problem for me)
It only runs on Chrome and Firefox
My Setup:
Win 2008 R2 Enterprise
IIS7
Tried the example:
Imports System.DirectoryServices
Public Class Test1
Inherits System.Web.UI.Page
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
REM Handles Me.Load
Dim strUser As String
Dim binFlag As Boolean
REM This is equivalent to adsRoot=GetObject("LDAP://OU=ADSI,DC=ds,DC=microsoft,DC=com")
REM and opens a connection to the root of the directory that you
REM would want to search. Replace the string with your directory service root.
Dim adsRoot As New DirectoryEntry("LDAP://OU=ADSI,DC=...,DC=...,DC=...")
REM This sets up the filter to be used in searching for the user in AD.
Dim adsSearch As DirectorySearcher = New DirectorySearcher(adsRoot)
REM Grab the User ID of the person pulling the page, or the sAMAccountName
strUser = Page.User.Identity.Name
REM Strip off domain name (we already know it, although in multi-domain
REM environments you might find that useful.
strUser = Mid(strUser, InStr(1, strUser, "\") + 1)
REM Search Active Directory For the user via
REM System.DirectoryServices.DirectorySearcher
Try
REM We'll load the filter with the items we want to fetch,
REM similar to a SQL statement.
REM The first is what we are looking for, the sAMAccountName.
adsSearch.PropertiesToLoad.Add("sAMAccountName")
REM We will also need the group membership of the user once
REM we have found the user.
adsSearch.PropertiesToLoad.Add("memberof")
REM We are likely to also need the common name, although
REM it's not needed for this example.
adsSearch.PropertiesToLoad.Add("cn")
REM We don't need the .FullName property for this example,
REM but you might, so I show it here.
adsSearch.PropertiesToLoad.Add("FullName")
REM build the search filter (looking for the user with a login
REM name that matches who connected to the page.
adsSearch.Filter = "sAMAccountName=" & strUser
REM Get some variables ready to receive the results
Dim oResult As SearchResult
Dim RetArray As New Hashtable()
Dim adsGrpcn As String
binFlag = False
REM Now get the results (just one), what you get back is
REM an object that points to the found user
oResult = adsSearch.FindOne
REM You can now loop through the list of groups
For Each adsGrpcn In oResult.GetDirectoryEntry().Properties("memberof").Value
REM You'll want to splice this string a bit to match a specific group
REM Then test to see if it matches your application group. Make sure to
REM use TRIM() to avoid embedded spaces in the common name of the group.
Response.Write(adsGrpcn)
If adsGrpcn = "MyGroup" Then binFlag = True
Next
Catch ex As Exception
Response.Write("I got the following error while trying to authenticate you: " & ex.Message)
Response.End()
End Try
If binFlag Then
Response.Write("You are authorized!")
Else
Response.Write("You are not authorized!")
End If
End Sub
End Class
我收到错误:
我在尝试验证您时遇到以下错误:服务器上没有此类对象。
我不是.Net专家,需要一些帮助。
看了大部分文章,但没有一篇能帮到我。
谢谢你你的帮助和时间
Error I got:
I got the following error while trying to authenticate you: There is no such object on the server.
I am not an .Net expert and need some help.
Had a look at most of the articles and none of them helps me exactly.
Thanks for you help and time
推荐答案
你好,
此代码:
Hi,
This code:
strUser = Page.User.Identity.Name
返回当前用户的域名和用户名。
当您进行这样的ldap搜索时:
Returns the domain and username of current user.
When you make a ldap search like this:
adsSearch.Filter = "sAMAccountName=" & strUser
您需要从 strUser 中删除域名,因为您已经在查询域名。
希望它有所帮助。
祝你好运。
You need to remove the domain name from strUser, because you are already querying the domain.
Hope it helps.
Good luck.
这篇关于如何使用LDAP和Active Directory,ASP.NET为Intranet创建自动登录系统?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!