I am working on an application that manages user accounts in Active Directory. I am using the System.DirectoryServices.AccountManagement namespace whereever possible, but I can't figure out how to determine a user's primary group. When I try to remove a group that is the user's primary group I get an exception. Here is my current code: ...
I'm trying to query Active Directory from a stored procedure using OPENQUERY and add the values to a temporary table. I've got everything working, except when I add the 'proxyAddresses' field to my query, it throws this error: "OLE DB error trace [OLE/DB Provider 'ADSDSOOBject' IRowset::GetData returned 0x80040e21: Data status returne...
We're currently investigating what kind of authentication we want to use for a sharepoint portal site : Forms Authentication or Windows Authentication. The latter has my preference. What suprised me (I'm a sharepoint noob), is the fact that MS didn't provide a component/web-part that handles account management when using Windows Authent...
I'm trying to come up with a good way to do authentication and authorization. Here is what I have. Comments are welcome and what I am hoping for. I have php on a mac server. I have Microsoft AD for user accounts. I am using LDAP to query the AD when the user logs in to the Intranet. My design question concerns what to do with that A...
Suppose you have connected to Active Directory using the simiple syntax: string adPath = "LDAP://server.domain.com/CN=John,CN=Users,dc=domain,dc=com"; DirectoryEntry userEntry = Settings.GetADEntry(adPath); Now you want to see an attribute for that user, say the mail attribute: Console.WriteLine("User's mail attribute is " + userEntr...
Hello, I am having a problem where in SharePoint 2007 after verifying the profile import was successful and the AD group is there, I go to audiences and try to create a rule where the user must be a member of said AD group. The problem is that when i get to the point of searching for the group to set up the rule, SharePoint can't find t...
I have a few websites for work that live outside of the corporate LAN -- and, therefore, out of direct-communication range of Active Directory (A/D) -- but for which I would like to be able to authenticate users against the corporate A/D servers as well as a secondary repository of users/roles***. The pseudo code for this activity is thi...
Forgive me if my understanding of this topic has some shortcomings, I only know what I know about domains and active directory because of what I've picked up from working with them. There are two different "versions" of a domain name. The first is what I call the DNS domain name which would be like company.int (for the user max@company....
I would like to be automatically logged on a website using my password an login that are used on my computer when i open an AD session. Connection must be granted if i'm in the right AD group . Any advices ? ...
I'm trying to setup an ActiveDirectoryMembershipProvider to go against a Forest and I can't seem to get it working. One of our AD Admins suggested I refer to the global catalog but it seems that is not supported. Anyone know if you can and if so how do you configure the AD Membership Provider to go against a Forest? Here are some of t...
We have an issue for our intranet site that is running in our local network. In a nutshell, we have integrated Active Directory authentication with our application and what to use IIS integrated authentication to allow users to sign on without entering any credentials. Assume the AD domain is "domain.name", and the server our applicati...
I am writing an MVC app that has two branches to travel along right from the beginning. On path authorizes with a PIN and I am using forms authentication to limit access to this section of the code. However, the other path will accept an AD log in and I need stop people from move between the branches using URLs. Should I be using a cu...
Hi, The project I am working on will integrate with the customers Active Directory in order to authenticate users. I have been trying to write some code that will retrieve a users password and I understand that Active Directory will only expose the relevant properties over a SSL connection on port 636. The following code connects pro...
We are undergoing a migration from several domains into a single domain. As part of that process, user accounts are being moved around the various ADs a fair bit. This has resulted in some scripts breaking because they are trying to get the User objects from a specific location in AD. How would I amend the following to not be AD locat...
I need to identify the schema master for a forest using C#. I know there are some available namespaces using System.DirectoryServices and System.DirectoryServices.ActiveDirectory but I can't seem to find any sample code that can return this information. I suppose I could trudge through the configuration partition but I would think ther...
I've been trying to work out how to cancel a long-running AD search in System.DirectoryServices.Protocols. Can anyone help? I've looked at the supportControl/supportedCapabilities attributes on RootDSE and they don't contain the 1.3.6.1.1.8 OID so I think that means it doesn't support the LDAP CANCEL extended operation as defined here:...
If I am using integration authentication in IIS, how can I determine if the current user is part of a specific active directory role, using ColdFusion. This would be analogous to using the IsInRole() method of the User object in .net - how can it be done in ColdFusion ...
How I get my UPN from Active Directory? I need to test an app which uses Upn Claim type... ...
Hi, Simple question but I can't find the answer anywhere: is Active Directory transaction-aware? In other words, will the following change be rolled back (since I didn't call scope.Complete()): using (var scope = new TransactionScope()) { DirectoryEntry entry = ...; entry.Properties["givenName"].Value = "New Given Name"; e...
How I can query Active Directory from Sql Server 2005? ...