Using Microsoft Active Directory Authentication

Monie — Tue, 19 May 2009 00:08:44 +0000

Microsoft Active Directory provides a directory service that allows organizations to administer their networked resources. One of the goals of a directory service is to maintain a common database of all information needed for controlling user access, computers, printers, and other network resources.

In this tutorial, I will show you how you can develop an AD Authentication page for your intranet web based application.

The Benefits

When you are developing an intranet web based application system, that will only be access or used within your company or organization, it is best to use the existing AD as your authentication method.

Not only it saves you time and space as you don’t have to create a specific authentication page and database to store the user, the AD itself is very hard to hack through.

Step 1

Like any other system, validation is very crucial. First, you should create a basic HTML form where you can typed in your username, password and domain name. This code will actually gather all the value from your html form and submit the value into the authentication function as parameter (code line #13).

Of course, if the user exist the function will then redirect the user to a success page and redirect the user to an error page if the user is invalid.

'// 1. Form Validation
Dim Submit, UserName, Password, Domain, Result, Message
Submit = Request.Form("Submit")

If Submit = "Authenticate" Then

    'Get the input from your HTML form
    UserName = Request.Form("UserName")
    Password = Request.Form("Password")
    Domain = Request.Form("Domain")

    'Call the AuthenticateUser() function to do the verification process
    Result = AuthenticateUser(UserName, Password, Domain)

    If Result Then
        'If user exist, then redirect to success page
        Response.Redirect ("success.asp")
    Else
        'If user don't exist, redirect to error page
        Response.Redirect ("error.asp")
    End If
End If

Step 2

Once the information has been submitted to the Authentication() function, this is where the verification process begin!

This code will actually check whether the entered detail (Username, Password and Domain) matched with any data inside the AD Database. If you are familiar with sql language, then you will know what is happening in code line #10 onwards, maybe the sql query statement is a bit different, but the idea and method are the same.

'// 2. Authenticate Function
Function AuthenticateUser(UserName, Password, Domain)
    Dim strUser, strPassword, strQuery, oConn, cmd, oRS

    'Assume Failure
    AuthenticateUser = false
    strUser = UserName
    strPassword = Password

    strQuery = "SELECT cn FROM 'LDAP://" & Domain & "' WHERE objectClass='*'"
    Set oConn = server.CreateObject("ADODB.Connection")
        oConn.Provider = "ADsDSOOBJECT"
        oConn.Properties("User ID") = strUser
        oConn.Properties("Password") = strPassword
        oConn.Properties("Encrypt Password") = true
        oConn.open "DS Query", strUser, strPassword

    Set cmd = server.CreateObject("ADODB.Command")
    Set cmd.ActiveConnection = oConn
    cmd.CommandText = strQuery

    On Error Resume Next
    Set oRS = cmd.Execute

    If oRS.bof OR oRS.eof Then
        AuthenticateUser = False
    Else
        AuthenticateUser = True
    End if

    Set oRS = Nothing
    Set oConn = nothing
End Function

Final Step

Putting it all together, your login page will be much more like this.

This is a very basic ASP Form and is only for tutorial purposes. If you were to use this code on your web site, you would want to do some extra form validation to make sure the compulsory field are filled in, checking for empty field, etc.

<% @LANGUAGE="VBSCRIPT" EnableSessionState = False %>
<%
Option Explicit
Response.Buffer = True  

'// 1. Form Validation
Dim Submit, UserName, Password, Domain, Result, Message
Submit = Request.Form("Submit")

If Submit = "Authenticate" Then

    'Get the input from your HTML form
    UserName = Request.Form("UserName")
    Password = Request.Form("Password")
    Domain = Request.Form("Domain")

    'Call the AuthenticateUser() function to do the verification process
    Result = AuthenticateUser(UserName, Password, Domain)

    If Result Then
        'If user exist, then redirect to success page
        Response.Redirect ("success.asp")
    Else
        'If user don't exist, redirect to error page
        Response.Redirect ("error.asp")
    End If
End If

'// 2. Authenticate Function
Function AuthenticateUser(UserName, Password, Domain)
    Dim strUser, strPassword, strQuery, oConn, cmd, oRS

    'Assume Failure
    AuthenticateUser = false
    strUser = UserName
    strPassword = Password

    strQuery = "SELECT cn FROM 'LDAP://" & Domain & "' WHERE objectClass='*'"
    Set oConn = server.CreateObject("ADODB.Connection")
        oConn.Provider = "ADsDSOOBJECT"
        oConn.Properties("User ID") = strUser
        oConn.Properties("Password") = strPassword
        oConn.Properties("Encrypt Password") = true
        oConn.open "DS Query", strUser, strPassword

    Set cmd = server.CreateObject("ADODB.Command")
    Set cmd.ActiveConnection = oConn
    cmd.CommandText = strQuery

    On Error Resume Next
    Set oRS = cmd.Execute

    If oRS.bof OR oRS.eof Then
        AuthenticateUser = False
    Else
        AuthenticateUser = True
    End if

    Set oRS = Nothing
    Set oConn = nothing
End Function
%>



    Using Microsoft Active Directory Authentication




    Username:
    Password:
    AD Domain:

Download This Code | Total Download: [download#1#hits]

Monie Studios » microsoft

Using Microsoft Active Directory Authentication

The Benefits

Step 1

Step 2

Final Step