AndreasB Posted April 13, 2007 Share Posted April 13, 2007 Hi all!I am about to create a ASP webpage where people are about to request for UserAccounts in a Active Directory Domain. I would like to performe a lookup if the UserAccount already exists in the AD.Does anyone know how I could performe this with ASP?Thankful to any kind of help or reference.Best regards,Andreas Link to comment Share on other sites More sharing options...
pulpfiction Posted April 13, 2007 Share Posted April 13, 2007 This might help a little..http://www.serverwatch.com/tutorials/article.php/1476961 Link to comment Share on other sites More sharing options...
justsomeguy Posted April 16, 2007 Share Posted April 16, 2007 Microsoft uses Active Directory to implement LDAP. In other words, Active Directory is Microsoft's version of LDAP. I use this function to authenticate a user against an LDAP store: Function authenticate_ldap_user(username, password, domainName, containerName) On Error Resume Next If Not containerName = "" Then containerName = containerName & "," End If If username = "" Or password = "" Then Err.Number = &H81000000 Else Set ldapObject = GetObject("LDAP:") Set authObject = ldapObject.OpenDSObject("LDAP://" & domainName, "CN=" & username & "," & containerName & domainName, password, 1) '1 at end for secure auth. 'success is determined below by the error number (if any) Set ldapObject = Nothing Set authObject = Nothing End If If Err.Number <> 0 Then authenticate_ldap_user = False Else authenticate_ldap_user = True End IfEnd Function The domain name and container name you will need to fill in, and you may need to read up on LDAP if you aren't sure how it works. For example, if I wanted to check with the domain controller called ldap.testdomain.com and check in the container "Users" for someone called "Admin", it would look like this:ldapObject.OpenDSObject("LDAP://dc=ldap,dc=testdomain,dc=com", "cn=Admin,cn=Users,dc=ldap,dc=testdomain,dc=com", password, 1) Link to comment Share on other sites More sharing options...
AndreasB Posted April 17, 2007 Author Share Posted April 17, 2007 I thank you so much guys for your replies!I will check them out and see what I can do with them.justsomeguy, as I read the code you have pasted, it is used to verify if the username exist by also providing a password. Almost as a "login" scenario if I understand it?What I am after, is to be able to search the whole Active Directory after a specific UserID (UserAccount) or perhaps search for a e-mail address. And depending on a hit or not, a response will be taken based on that feedback.Thanks again!--Andreas Link to comment Share on other sites More sharing options...
justsomeguy Posted April 17, 2007 Share Posted April 17, 2007 You might try sending a random password and then checking the error code. I use this function to check the error code: Function handle_auth_error() Select Case Err.Number 'username/password blank: Case &H81000000 response.redirect("default.asp?message="&server.urlencode("Username and password must not be blank")) 'system errors: Case &H8007052E response.redirect("default.asp?message="&server.urlencode("Invalid user name or password")) Case &H8007202B response.redirect("default.asp?message="&server.urlencode("The specified domain could not be contacted for authentication")) 'ADSI errors: Case &H80005000 response.redirect("default.asp?message="&server.urlencode("Invalid ADSI pathname was passed")) Case &H80005001 response.redirect("default.asp?message="&server.urlencode("Unknown ADSI Domain Object was requested")) Case &H80005002 response.redirect("default.asp?message="&server.urlencode("Unknown ADSI User Object was requested")) Case &H80005003 response.redirect("default.asp?message="&server.urlencode("Unknown ADSI Computer Object was requested")) Case &H80005004 response.redirect("default.asp?message="&server.urlencode("Unknown ADSI Object was requested")) Case &H80005008 response.redirect("default.asp?message="&server.urlencode("Bad Parameter - one or more input parameters are invalid")) Case &H80005009 response.redirect("default.asp?message="&server.urlencode("ADSI Object Unbound - the specified ADSI object is not bound to a remote resource")) Case &H8000500E response.redirect("default.asp?message="&server.urlencode("Object Already Exists")) Case &H8000500F response.redirect("default.asp?message="&server.urlencode("An attempted action violated the directory service schema rules")) Case Else response.redirect("default.asp?message="&server.urlencode("Unexpected error")) End SelectEnd Function The 80005002 code might be able to tell you if a user does or does not exist. Link to comment Share on other sites More sharing options...
AndreasB Posted August 31, 2007 Author Share Posted August 31, 2007 Hi again!I thank you so much for your reply!I must admit though, that I am not sure on HOW to actually add the connection towards the Active Directory?Thank you so much in advance!Sincerely, Andreas Link to comment Share on other sites More sharing options...
justsomeguy Posted August 31, 2007 Share Posted August 31, 2007 You pass the AD domain name and the AD container name to the first function I posted, those tell the LDAP object where to connect. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now