I'm vaguely aware that on a computer joined to a domain IE can be asked to send some extra headers that I could use to automatically sign on to an application. I've got apache running on a windows server with mod php. I'd like to be able to avoid the user having to log in if necessary. I've found some links talking about kebros and apach...
We have an internal web app running on IIS6 and we use the integrated windows authentication for domain users to login to the app before they can use it. What we would like to do is redirect the user to an error page if they fail to login to the domain 3 times. Where should i be looking to configure this? My first thought was in IIS, ...
I am receiving an error a web based application that allows corporate intranet users to update their active directory details (phone numbers, etc). The web application is hosted on IIS6 running Windows Server 2003 (SP1). The IIS website is using NTLM Authentication and the website has integrated security enabled. The IIS application po...
I get the error " A constraint violation occurred. (Exception from HRESULT: 0x8007202F) " when trying to add users to a group. My code looks like this: public string addUserToGroup(string userDN, string groupDN) { try { DirectoryEntry de = new DirectoryEntry("LDAP://localhost:389/" + groupDN); ...
I get the members of a AD group, but instead of the user name, im getting the display name. How can i get the user name? ...
I have a Compact Framework application running on HP thin clients and users sign into the application using their Windows credentials. All good so far. Now I need a way to warn a user that their Windows password is about to expire. Is there a way to detect this with Compact Framework 2.0? I am guessing some AD programming will be requir...
You can see in the following posts http://forums.sun.com/thread.jspa?threadID=603815 http://forums.devshed.com/ldap-programming-76/active-directory-services-using-java-api-89586.html an example of accessing LDAP using the InitialLdapContext class in Java. This requires a login and a password to be passed in. (Even though the service ac...
Hi I am using the following C# code to connect to active directory and validate the login, DirectoryEntry de = new DirectoryEntry(); string username = "myuser", path = "LDAP://addev2.dev.mycompany.com/CN=myuser,DC=dev,DC=mycompany,DC=com", password = "test"; for (int i = 0; i < 4;i++ ) { try { ...
I have a reoccurring DNS problem that has been plaguing our users, occasionally causing their laptops to append our company's domain to the end of all DNS queries. The problem only occurs when users are off site and it appears to be fairly random. It will work one day and then, out of the blue, it will show the invalid entry. This eff...
Trying to use this code to connect the AD PrincipalContext context = new PrincipalContext(ContextType.Domain, domain) but i got the error saying: "The LDAP server is unavailable." Any idea? ...
Is there any way to have multiple managers and/or departments in active directory? ...
Following the howto Extending the Active Directory Schema To Track Custom Info I'm able to setup a single-value schema attribute that is easily changeable via a context menu in ADUC. Multi-value schema attributes get considerably more complicated. Say (for the sake of argument) my value is "Projects" and each user may be a list as many p...
I noticed the ou attribute of the user class, and am wondering what it is for. It is of type ADSTYPE_OCTET_STRING and is multivalue. Anyone know what it is for and what ADSTYPE_OCTET_STRING data type means? is it just a standard string? I'me trying to find a spot where I can store multiple managers. Would this be suitable? ...
I am writing a WCF Service which would allow access to operations based on AD user group. If the logged in user is part of groupA, allow him to do operationA, but not operationB and so on and so forth. Now for this I have to pass NetworkCredentials to the service like factory.Credentials.Windows.AllowedImpersonationLevel = ...
Does anyone know what property I can query for in an ADSI query that would return the object's parent OU? I know I can bind to the AD object and then use object.Parent to return it's parent OU, but if I ask for "parent" in a ADSI query it returns back as a invalid query I would rather not do bind unless absolutely necessary. (i.e. "SEL...
Given a group name and a user account, I would like to know if the supplied user belongs to a particular group. The user can be a local user or a domain user and the group could be a local group or a domain group and the group could also be nested inside other groups. In short I am looking for a function like bool IsUserMemberOf(User, Gr...
I would like to query the domain wide settings of a specific group policy object. How do I do that in Powershell or WMI? For instance I would like to know the value for the password policy setting 'Minimum password length' that is configured in the GPO for the entire domain. ...
Is there a managed API(C#) available for managing users and groups (CRUD operations) on Active Directory (AD) ? (edit) I will give some more info why I asked this here. I am participating in a project where employee data in flat files (multiple .dat files) are written to a folder during 1 night scheduled job. These .dat files must be co...
ASP.Net app in Visual Studio 2008 I'm creating unit tests to test (in)valid logins for a web app. I have an Authenticate(User,Pass) bool method. The null case and invalid password tests are properly working. My question is how to test a valid login. I have accounts that are valid for the web app, but I feel like hardcoding in the u...
Is it wise to store XML in Active Directory? In my project an ECM is performing a night-job and is iterating through AD and is reading XML data from each AD group.... ...