hi,
i've never programmed the active directory but i would like to do the following:
on the asp.net site, login using a valid active directory username and password. if the login is valid, redirect to a page to do some actions.
in a related task, but not part of part 1, unlock an account or change the password of an active directory account.
Thanks!
1.) You should setup your web.config to use Forms authentication. The Membership provider should be set to ActiveDirectoryMembershipProvider. You can use the built-in login control.
2.) You'd need a Active Directory user who has the specific rights you ask for: unlock accounts, changing passwords. When you perform one of those functions for a AD-user, you need to impersonate the account which ASP executes as to the Active Directory user which has the privileges (to change passwords or unlock accounts).
You may be able to use 'advapi32.dll' to impersonate a different user on the server side.
Grab the sample code off the bottom of the page.
I didn’t want to just copy his code here.
http://csharptuning.blogspot.com/2007/06/impersonation-in-c.html
One cavet with Impersonation though is that the computer doing the impersonation needs to be on the same domain as the user that your impersonating