Active Directory Group and C# webpage configuration
Question
I am wanting to allow access to a C# Webpage to only members in an Active Directory group. Can someone please point me in this direction or assist in anyway?
Thanks in advance
2 answers
solution1
1 ACCPTED 2010-08-21 01:19:10
You can query AD to see what groups a user belongs to.
This is a great resource: http://www.codeproject.com/KB/system/everythingInAD.aspx#39
Something like this should work too:
using System.DirectoryServices.ActiveDirectory;
using System.DirectoryServices;
public bool IsUserInGroup(string group, string user)
{
string DomainName="";
string ADUsername="";
string ADPassword="";
DirectoryEntry entry=new DirectoryEntry(LDAPConnectionString, ADUsername, ADPassword);
DirectorySearcher dSearch=new DirectorySearcher(entry);
dSearch.Filter="(&(objectClass=user)(userPrincipalName=" + user + ")";
foreach(SearchResult sResultSet in dSearch.FindAll())
{
string strGroupList=GetProperty(sResultSet, "memberOf");
if(!string.IsNullOrEmpty(strGroupList) && strGroupList.IndexOf(group)>-1)
return true;
}
return false;
}
I didn't have time to check this or even compile, so I apologize in advance for any error. The if in the foreach might not be sufficient. There also may be a more efficient way to do the query, but this was what I could come up with quickly.
solution2
0 2010-08-20 22:07:09
There exist multiple approaches to this.
Imperatively, you can check Page.User.IsInRole(@"domain\\group"), and redirect away, send a 401 response, or throw an exception if the user should not have access.
Declaratively, you can control permissions in your web.config :
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.