Ping a Specific Port

Question

IceMage

Asked: 2009-11-19 11:30:03 +0800 CST2009-11-19 11:30:03 +0800 CST 2009-11-19 11:30:03 +0800 CST

Active Directory Web Programming

772

The Scenario:
I'm using integrated authentication to grant access to an ASP.net intranet site. When that user accesses the site, certain information is loaded from their active directory profile and made available to them. Also, the site maintains certain information on that user for the web-application that it runs.

What is the best way to both retrieve information from Active Directory (I'm using LDAP), and then furthermore, link active directory profiles to the web application profiles. The web application is using a database of its own, so it's not storing anything in Active Directory.

Do not suggest using the username, as name changes can and do occur, I'm trying to use some form of unique identifier from Active Directory. The unique identifier must be compatible with my SQL Server 2005 database.

2 Answers

Voted

DCNYAM · Answer 1 · 2009-11-19T11:32:48+08:00

DCNYAM

2009-11-19T11:32:48+08:002009-11-19T11:32:48+08:00

There is a property for user objects (all objects really) in active directory called objectGUID. You can query this from active directory and store it in the database with the user profile. It is entirely unique to that active directory object and will not change if the name changes.

EDIT:

Sample:

Private rootDE As New DirectoryEntry("LDAP://<YourDomainHere>")

Dim ds As New DirectorySearcher(Me.rootDE)
Dim sr As SearchResult

ds.Filter = "(samAccountName=<usernameHere>)"
sr = ds.FindOne()

Dim s As String = Me.GetGUIDString(CType(sr.Properties("objectGUID").Item(0), Byte()))

Dim de As New DirectoryEntry("LDAP://<GUID=" & s & ">")
MessageBox.Show(de.Name)


Private Function GetGUIDString(ByVal guid() As Byte) As String
    Dim index As Integer
    Dim result As New System.Text.StringBuilder(String.Empty)

    For index = 0 To (guid.Length - 1)
        result.AppendFormat("{0:x2}", guid(index))
    Next

    Return result.ToString()
End Function

4

Greg Askew · Answer 2 · 2009-11-19T12:21:11+08:00

Best Answer

Greg Askew

2009-11-19T12:21:11+08:002009-11-19T12:21:11+08:00

Do not query LDAP for their domain/userid and SID. That information has already been pulled from AD and is available in their security token in ASP.NET.

Use the SID to link to a profile in the local database. Done.

Here's is an excellent resource you may find useful:

The .NET Developer's Guide to Directory Services Programming by Joe Kaplan

http://www.amazon.com/dp/0321350170

3

Active Directory Web Programming

Ping a Specific Port

What port does SFTP use?

Resolve host name from IP address

How can I sort du -h output by size

Command line to list users in a Windows Active Directory group?

What's the command-line utility in Windows to do a reverse DNS look-up?

How to check if a port is blocked on a Windows machine?

What port should I open to allow remote desktop?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?