In a Windows 2003 domain, I would like to create a SRV record programmatically at install time to advertise to clients where my server is located. Since I do not have the luxury of running as Domain Admin, what kind of permissions do I need to have to create the SRV record? Generally I'd be using the .NET classes to create the SRV reco...
I'm working on a .NET application written in C# and WPF. In this application we will authenticate the users towards an Active Directory server. In the end we might want to support other LDAP implementations too, so if I can build this without being ActiveDirectory-specific that would be an advantage. What's the best approach to get sta...
Hey all, I've got a Mac app written in Java. I'm trying to get the fully qualified domain name (LDAP) of the current user account from the system. The current user would be logged into the system through the active directory. An example of the string I am after would be: domain\[email protected] Any assistance would be...
I know this can be done via WindowsIdentity.GetCurrent().IsAuthenticated, but I need another method. Is there a way we can query Active Directory and find out if a particular user has already been authenticated. Thanks for your help. ...
Hi I work for a company with multiple public-facing web sites. Some of these sites are built using third party products (Moveable Type, myBB, Trac and others). We also have a couple of bespoke sites built on the Microsoft stack. Currently, we have no unified authentication/authorisation solution; each site implements its own user sto...
In a Windows Server 2003 R2 environment, using Powershell v2.0, how would one duplicate the functionality of Set-QADUser to update user properties in Active Directory, like their phone number and title? The trick here being, I would like to do this without depending on Set-QADUser and I do not have the option to use the Server 2008's co...
Hi, I'm currently writing some software in C# which needs to connect to an AD server and get some user details. When I connect using the code below it works against most AD servers that I connect to but there are a couple where it fails with an error of "Logon failure: unknown user name or bad password.". The server name / credentials...
I need a way to see if a user is part of an active directory group from my .Net 3.5 asp.net c# application. I am using the standard ldap authentication example off of msdn but I don't really see how to check against a group. Thanks for any suggestions! ...
Hi to all, I keep my Process Documents on SVN and I want to create a Wiki page includes the information about these files. We use SharePoint in the company for basic document sharing and team sites. As it is mentioned in http://stackoverflow.com/questions/256407/what-are-your-biggest-complaints-about-sharepoint SharePoint Wiki lacks of ...
When creating Active Directory users from a script, I also need to set the option that they can't change their passwords. Via the administrative GUI this is easily accomplished, by checking "User cannot change password". Programmatically however, it's another story. I've found a recipe which involves interacting with the ADSI COM API, bu...
Currently, I am writing an application that utilizes WMI to scan all the computers on our Active Directory network. I'm interested in testing the program against all flavors of Windows machines in a testing environment. Is there a way to similuate this environment in VMware or something? Any ideas? ...
We want to use a "proxy user" to connect to an LDAP server (Active Directory, Novell, or otherwise) and then make sure that the user trying to log into the application has typed in an acceptable user name and password. I have got the code for connecting to LDAP just fine, but I'm at a loss as to how to check the user name and password. C...
An ADS entry is created with .ExpirePasswordNow() (requiring user to change the password on firstLogin).. But authentication fails if the .ExpiresPasswordNow() is set.. How could I get authenticator (Domain principal) to accept this as a valid account ? ...
I am trying to bind to AD with php_ldap (using ADLdap), from a Ubuntu (hardy 8.04LTS) host. Binding on port 389 is fine to ldap://myserver, but does not allow me to do things like set password, so I need to bind on port 636 to ldaps://myserver. I am aware that some form of credential passing occurs, perhaps with certificates, but I am r...
I have tried the below LDAP search, but it only gives me the group membership for the domain the user is in. I need it to include also the memberships of the foreign security principals. public static List GetGroups() { List oGroups = new List(); string vLDAPPath = "GC://dc1.dom1.local/dc=dom1,dc=local"; string vFilterUser = s...
I have code that hasn't been touched in over a year, but the DCs were upgraded from 2008 to 2008 R2. The AD folks claim it’s not the DC upgrade but the issue started promptly after that went in. Microsoft VBScript runtime error '800a0046' Permission denied: 'GetObject' It's failing on the Set Group line. Set Group = GetObject("W...
I'd like to retrieve the creation date of users in Active Directory. I understand that users have a WhenCreated property, but I cannot see that property exposed on the UserPrincipal type I am working with. I'd like to do something like this: var principal = UserPrincipal.FindByIdentity(context, IdentityType.Guid, guid); //var createdDa...
Hi there, we are using JAAS to enable Single Sign On in a Java application using the Windows Kerberos ticket cache. Our jaas.conf config file looks like this: LoginJaas { com.sun.security.auth.module.Krb5LoginModule required useTicketCache=true doNotPrompt=true debug=true; }; With this, we can create a Jaas LoginContext and su...
Are there any libraries that can authenticate via active directory? This is a new application, so I want to make the correct design patterns in the beginning. I want my authentication service to be able to support my session/cookie based authentication and active directory/ldap. Are there any examples online that I can look over that ...
we have offshore contractors that are tryingt o run an app that performs the following Active Directory call, shown below in VB.NET Dim objRootDSE As New DirectoryEntry("LDAP://RootDSE") Return "GC://" & Replace(Replace(objRootDSE.Properties("rootDomainNamingContext").Value().ToString, ",", "."), "DC=", "") 'DC=uis,DC=unisys,DC=com ...