简体繁体 English

如何检查Active Directory中是否存在当前登录的用户

[英]How to check if currently logged in user exists in Active Directory

原文 2015-04-01 11:42:54 2 2 c#/ .net/ active-directory/ ldap

We have a web application where LDAP/Active Directory authentication is in place. 我们有一个使用LDAP / Active Directory身份验证的Web应用程序。

Now the requirement is if user, which exists in Active Directory, is logged in to his machine and accesses the web application, then it doesn't require authentication. 现在的要求是，如果存在于Active Directory中的用户登录到他的计算机并访问Web应用程序，则不需要身份验证。 It will directly authenticated and landed to website's landing page. 它将直接进行身份验证并登陆到网站的登陆页面。

Could you please guide if you have any idea/hint/ref/solution? 如果您有任何想法/提示/参考/解决方案，可以请您指导？

Thank you so much. 非常感谢。

2 个解决方案

First you need to change the authentication to "Windows" , this will force your website users to enter their windows credential and then you can validate those on page load 首先，您需要将身份验证更改为“ Windows”，这将迫使您的网站用户输入其Windows凭据，然后您可以在页面加载时验证这些凭据。

1) Enable Windows authentication in IIS and disable Anonymous authentication for more information see this article : Windows Authenticaition for ASP.NET 1）在IIS中启用Windows身份验证并禁用匿名身份验证有关更多信息，请参见本文： ASP.NET的Windows Authenticaition

2) On Page load identify the identity of user using Page.User.Identity 2）在页面加载时，使用Page.User.Identity标识用户的身份

3) Query LDAP through using System.DirectoryServices and using System.DirectoryServices.ActiveDirectory to check if user exist or not 3）通过using System.DirectoryServices和using System.DirectoryServices.ActiveDirectory查询LDAP，以检查用户是否存在

For more detailed info on AD this is a very useful article Almost Everything about AD 有关AD的更多详细信息，这是一篇非常有用的文章，关于AD的几乎所有内容

With respect to above answer by Bhavin. 关于巴文的上述回答。

Also set Internet Options--> Security --> Custom --> User Authentication --> Automatic logon only in intranetzone 还设置Internet选项->安全->自定义->用户身份验证->仅在intranetzone中自动登录

This is browser specific setting can be done via group policy also. 这是浏览器特定的设置，也可以通过组策略来完成。