Hi I am new to IIS 7 security so please have patience with me :) I am writing a ASP.NET web application hosted on IIS 7(.5) that will serve files located on a file server to the users. The web application is hosted on a different web server, but has network access to the file server. Users accessing the site will be authenticated by t...
I am having IIS Anonymous authentication set for website on server.However i want to use active directory group to validate user credentials.Here is the setting in web.config for folder "security". <allow users="Americas\ADgroup" /> <deny users="*" /> Can i gain this validation without manually changing the Anonymous authenti...
Hi, I am trying to create a new user in ActiveDirectory with the following code: Sub CTRL1_12_OnClick(eventObj) Set objOU = GetObject("LDAP://OU=Users,dc=mfcvt,dc=local") Set objUser = objOU.Create("User", "cn=MyerKen") objUser.Put "sAMAccountName", "myerken" objUser.SetInfo End Sub This code is set to run from Infopath when I cl...
I work at a college a change to policy is Students windows accounts are now disabled upon creation and are only enabled upon them passing a test. Don't ask So I can easily modify my DSADD with -disabled yes However I need to enable them when they pass the test. I obtain the test results from a sql server so is it possible to enable the...
So we have been using the same login gode to connect to various domains in asp.net, with and without MVC. The code works. We have a new server, first one to run server 2008 r2, set up with a directory structure similar to one of the ones that has been working. Using forms authentication, I set up in the web.config <add name="ADConnect...
I've been assigned the task to create or research the implementation of Active Directory Group based access to a 2008 SQL Server. Looking into it, I see implementations of creating a view of Active Directory Users allowed access using a linked server or tables that are renewed every night on the database populated from a script using t...
Guys, I need to select user groups (from domain or local) by means of the standard IDsObjectPicker dialog in C#. I can retrieve the group names perfectly, now wanted to read the SID also as an extra attribute. And going to be mad. I found that many people into the internet already posted this question many different places, some guys t...
I am having an issue using the GetAuthorizationGroups method of the UserPrincipal class in a web application. Using the following code, I am receiving "While trying to retrieve the authorization groups, an error (5) occurred" PrincipalContext context = new PrincipalContext(ContextType.Domain, null, "DC=MyCompany,DC=COM", "username", "p...
What would be the easiest way to add a new field to a list of potential fields on an existing ldap schema? How would this affect existing records? The field would be added at the deepest level of the dn (each user account). ...
I have a .net web application which needs to obtain the groups a user is a member of in Active Directory. Todo this I am using the memberOf attribute on the users records. I need to know the permissions required to read this attribute on all users records. Currently I am getting inconsistent results when trying to read this attribute...
I'm building an application with several Connector classes that interface with varied data silos. For an example, see an earlier question of mine here. Anyways, as is the case in my example, almost all of these data sources are expensive time-wise on access, so each Connector maintains a cache to limit accesses. For every data silo, ther...
I can get the OU object like.... DirectoryEntry de = new DirectoryEntry( "LDAP://domain.com", "DOMAIN\\Administrator", "Password"); DirectoryEntry ouEntry = de.Children.Find("OU=my-users,DC=domain,DC=com"); But I can't seem to find any classes or libraries to add permissions. I want...
Is there a neater way to check the javax.naming.AuthenticationException (or spring) for the main failure reason? The different errors are desciribed in LDAP Wiki (Binding Errors). The AuthenticationException provides no sufficient API to determine easily the error code. The only content is the exception message. [LDAP: error code 49 - ...
Could you help me and tell if im using the "using statement" correctly in my directoryservice function that gets distingushed name from my Active Directory. I want to dispose and close objects correctly. Code: Public Function GetObjectDistinguishedName(ByVal objClass As objectClass, _ ByVal returnValue As returnType, _ ByVa...
How can I list available ADSI (Active Directory Service Interfaces) service providers in C#? ...
Hi I am trying to create a VB.NET application which will (hopefully) reduce some time spent on some of my departments helpdesk calls. The part that I am stuck with is how to use VB.NET to remove a user from a group. The following is code that I have been playing with: Public Shared Sub RemoveUserFromGroup(ByVal deUser As String, ByVal...
I am not sure if this is the right place to ask this question or no but i could not find any other website. I want to give access of different applications using ActiveDirectory. Before you answer this question, let me explain you few things I know only the very basics of AD When i said application security, I meant that those applic...
I use the following code to create user in Active Directory DirectoryEntry newUser = null; try { if (!Authenticate()) return null; newUser = location.Children.Add("CN=" + userName, "user"); newUser.Properties["samAccountName"].Value = userName; ...
I'm a noob in spring world and trying to get spring/AD combo to work. My config is spring 3.0.3 + spring security 3.0.3 + spring ldap 1.3+ tomcat 6.0 I get the following when i try to access my secure page: Reason: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db0]; ...
Hi, there is a method to implement this functionality for monitor an specific user in active directory to check if this is blocked.(And if this is locked , unlocked this user automatically) Is a common user, that get blocked frecuently. Or there is a possibilty for avoid the "3 tries for login and then lock" for this specific user. I...