How to get authorized user from active directory in asp.net using c#?
Question
I want to get authorized user from active directory for login page. When user enter wrong details the page need to show "Invalid user", if enter correct correct details lets go the home page.
Here mentioned my code. When i run this code the page shows "invalid user" even i enter the correct login details.
protected void Button1_Click1(object sender, EventArgs e)
{
string dominName = "ldap://domain.com:121";
string userName = "guest";
string password = "testlogin";
if (true == AuthenticateUser(dominName, userName, password))
{
Response.Redirect("default.aspx");
}
else
{
Response.Write("Invalid user name or Password!");
}
}
public bool AuthenticateUser(string domain, string username, string password)
{
DirectoryEntry entry = new DirectoryEntry(domain, username, password);
try
{
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(sAMAccountName=" + username + ")";
search.PropertiesToLoad.Add("cn");
Response.Write(domain);
SearchResult result = search.FindOne();
if (null == result)
{
return false;
}
}
catch (Exception ex)
{
return false;
throw new Exception("Error authenticating user." + ex.Message);
}
return true;
}
Find the above code what i make a mistake. Please provide a best solution to this...
2 answers
solution1
0 2017-03-31 13:02:29
You can get it from PrincipalContext . If you have specific domain, you might want to look at this sample code.
public bool ValidateCredentials(string userName, string password)
{
userName = userName.EnsureNotNull();
userName = userName.Trim();
password = password.EnsureNotNull();
password = password.Trim();
using (var context = new PrincipalContext(ContextType.Domain))
{
return context.ValidateCredentials(userName, password);
}
}
public bool IsUserInAdGroup(string userName, string adGroupName)
{
bool result = false;
userName = userName.EnsureNotNull();
userName = userName.Trim();
using (var context = new PrincipalContext(ContextType.Domain))
{
var user = UserPrincipal.FindByIdentity(context, userName);
if (user != null)
{
var group = GroupPrincipal.FindByIdentity(context, adGroupName);
if (group != null)
{
if (user.IsMemberOf(group))
{
result = true;
}
}
}
}
return result;
}
solution2
0 ACCPTED 2017-04-01 08:29:42
Finally i got that solution from this site. a little change in the above code. now its works fine perfectly.
protected void Button1_Click1(object sender, EventArgs e)
{
string dominName = "ldap://domain.com";
string userName = "guest";
string password = "testlogin";
if (true == AuthenticateUser(dominName, userName, password))
{
Response.Redirect("default.aspx");
}
else
{
Response.Write("Invalid user name or Password!");
}
}
private bool AuthenticateUser( string domain, string userName, string password)
{
bool authentic = false;
try
{
DirectoryEntry entry = new DirectoryEntry(domain, userName, password);
entry.Path = "LDAP://OU=allsuers,OU=users,DC=domain,DC=com";
DirectorySearcher searcher = new DirectorySearcher(entry)
{
PageSize = int.MaxValue,
Filter = "(sAMAccountName=" + userName + ")"
};
var result = searcher.FindOne();
if (result == null) {
return true;
}
}
catch (DirectoryServicesCOMException) { }
return authentic;
}
Thank you to all. Who are all support to do this.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.