Results 1 to 1 of 1
  1. #1
    Join Date
    Feb 2007
    Posts
    2

    Thumbs down Unanswered: LDAP authentication

    I'm trying to code an ASP page that will authenicate the users against Active Directory
    and checks for group membership.
    for example if the user is a member of the AdminStaff group he/she will be re-directed to
    a specific web page, if the user is a member of AcademicStaff group he/she will be directed
    to the Academic section of the website and if the user is anonymous, he/she will stay in the
    login page.

    User authentication is done through a web form run on Windows 2003 server.

    I am using the script below from http://www.tek-tips.com which identifies the active directory
    users and grants access to a specific page, however, it doesn't recognise groups i.e any user
    on active directory can login to the same section.

    I'am new to LDAP and I need this script urgently if anyone can help. Thanks!



    index.asp
    =========
    <HTML xmlns="http://www.w3.org/1999/xhtml">
    <HEAD><TITLE>testladap form : index page</TITLE>
    <META http-equiv=Content-Type content="text/html; charset=utf-8">
    </HEAD>

    <BODY >

    <h1>Index page</h1>
    <form name="form" method="post" action="testladap.asp">
    <label>User Login </label>
    <input name="txtUserLogin" type="text" id="txtUserLogin">
    <br>
    <label>User PWD </label>
    <input name="txtUserPassword" type="password" id="txtUserPassword">
    <br>
    <input name="subform" type="submit" value="Submit">
    </form>
    <p>&nbsp;</p>
    <p>&nbsp;
    </p>
    <p>&nbsp;</p>
    </BODY></HTML>





    testladap.asp

    <%
    strUsername=Replace(Request.Form("txtUserLogin"), "'", "''")
    strpassword=Replace(Request.Form("txtUserPassword" ), "'", "''")
    domainname="contoso"

    on error resume next

    Set objDomain = GetObject ("GC://rootDSE")
    objADsPath = objDomain.Get("defaultNamingContext")
    Set objDomain = Nothing
    Set objConnection = Server.CreateObject("ADODB.Connection")
    objConnection.provider ="ADsDSOObject"
    objConnection.Properties("User ID") = domainname+"\" + strUsername
    objConnection.Properties("Password") = strpassword
    objConnection.open "Active Directory Provider"
    Set objCommand = CreateObject("ADODB.Command")
    Set objCommand.ActiveConnection = objConnection
    objCommand.CommandText ="select cn FROM 'GC://"+objADsPath+"' where sAMAccountname='"+strUsername+"'"
    Set objRS = objCommand.Execute

    If Err.Number <> 0 Then
    session("logged_in") <> "true"
    Response.Redirect("index.asp")
    Else
    objCommand.CommandText ="select memberof FROM 'GC://"+objADsPath+"' where sAMAccountname='"+strUsername+"'"
    Set rs = objCommand.Execute
    membership=rs("memberof")
    rs.Close
    objConnection.Close
    Set rs = Nothing
    Set objConnection = Nothing
    For each group in membership
    newgroup=split(group,"=")
    tempgroup=left(newgroup(1), len(newgroup(1))-3)
    tempgroup=lcase(tempgroup)
    If tempgroup="AdminStaff" Then
    session("logged_in") = "true"
    Response.Redirect("adminStaff.html")
    Else
    Response.Redirect("index.asp")
    End If
    Next
    End If
    %>

    'End ================================


    Are you all dead up here? not even tiny tip? Come on guys Don't be mean, sharing some knowledge is good!
    Last edited by st8137; 02-06-07 at 07:15.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •