tags:

views:

378

answers:

1

I'm working on an ldap project in C# and all I'm doing is doing searches for users and pulling data that we need to be able to see on the fly. I'm creating an asp.net page for this. Right now I have it to where I have hard coded my own ldap username/password into my ldap search class but what I want is to be able to make it so anyone can login and then be able to search under there own credentials.

Where are some good starting guides or maybe some advice on how I can have them bind to ldap, and have it store that username/password somewhere safely so when they do the search, and ldap makes that connection it'll know to use their username/password.

A: 

This really depends on how the page will be executed. If you want a consistent login, then provide the username/password in the connection. Otherwise it will be implicitly passed by IIS for the web application. If you set up impersonate rights, it will pass the currently authenticated user's credentials when making the connection. If you do not set impersonate, then it will use the IIS account that's running the application. So it will need to be an account that has network access, as well as access to the directory on the IIS machine.

The thing to be aware of is that no matter what direction you choose, make sure it is an account that can traverse your LDAP store and can retrieve all the information you're looking to display. If you have the standard end users using their credentials, they generally can only pull back their own information, and not much else.

Agent_9191