In the previous tutorial, we’ve talked about How to Get Active Directory Accounts Information Using VB Script. In this tutorial, we will learn how you can make use of your AD information to create a login page for your local system.
2
Using Microsoft Active Directory Authentication
Microsoft Active Directory provides a directory service that allows organizations to administer their networked resources. One of the goals of a directory service is to maintain a common database of all information needed for controlling user access, computers, printers, and other network resources.
In this tutorial, I will show you how you can develop an AD Authentication page for your intranet web based application.
The Benefits
When you are developing an intranet web based application system, that will only be access or used within your company or organization, it is best to use the existing AD as your authentication method.
Not only it saves you time and space as you don’t have to create a specific authentication page and database to store the user, the AD itself is very hard to hack through.
Step 1
Like any other system, validation is very crucial. First, you should create a basic HTML form where you can typed in your username, password and domain name. This code will actually gather all the value from your html form and submit the value into the authentication function as parameter (code line #13).
Of course, if the user exist the function will then redirect the user to a success page and redirect the user to an error page if the user is invalid.
'// 1. Form Validation
Dim Submit, UserName, Password, Domain, Result, Message
Submit = Request.Form("Submit")
If Submit = "Authenticate" Then
'Get the input from your HTML form
UserName = Request.Form("UserName")
Password = Request.Form("Password")
Domain = Request.Form("Domain")
'Call the AuthenticateUser() function to do the verification process
Result = AuthenticateUser(UserName, Password, Domain)
If Result Then
'If user exist, then redirect to success page
Response.Redirect ("success.asp")
Else
'If user don't exist, redirect to error page
Response.Redirect ("error.asp")
End If
End If
Step 2
Once the information has been submitted to the Authentication() function, this is where the verification process begin!
This code will actually check whether the entered detail (Username, Password and Domain) matched with any data inside the AD Database. If you are familiar with sql language, then you will know what is happening in code line #10 onwards, maybe the sql query statement is a bit different, but the idea and method are the same.
'// 2. Authenticate Function
Function AuthenticateUser(UserName, Password, Domain)
Dim strUser, strPassword, strQuery, oConn, cmd, oRS
'Assume Failure
AuthenticateUser = false
strUser = UserName
strPassword = Password
strQuery = "SELECT cn FROM 'LDAP://" & Domain & "' WHERE objectClass='*'"
Set oConn = server.CreateObject("ADODB.Connection")
oConn.Provider = "ADsDSOOBJECT"
oConn.Properties("User ID") = strUser
oConn.Properties("Password") = strPassword
oConn.Properties("Encrypt Password") = true
oConn.open "DS Query", strUser, strPassword
Set cmd = server.CreateObject("ADODB.Command")
Set cmd.ActiveConnection = oConn
cmd.CommandText = strQuery
On Error Resume Next
Set oRS = cmd.Execute
If oRS.bof OR oRS.eof Then
AuthenticateUser = False
Else
AuthenticateUser = True
End if
Set oRS = Nothing
Set oConn = nothing
End Function
Final Step
Putting it all together, your login page will be much more like this.
This is a very basic ASP Form and is only for tutorial purposes. If you were to use this code on your web site, you would want to do some extra form validation to make sure the compulsory field are filled in, checking for empty field, etc.
<% @LANGUAGE="VBSCRIPT" EnableSessionState = False %>
<%
Option Explicit
Response.Buffer = True
'// 1. Form Validation
Dim Submit, UserName, Password, Domain, Result, Message
Submit = Request.Form("Submit")
If Submit = "Authenticate" Then
'Get the input from your HTML form
UserName = Request.Form("UserName")
Password = Request.Form("Password")
Domain = Request.Form("Domain")
'Call the AuthenticateUser() function to do the verification process
Result = AuthenticateUser(UserName, Password, Domain)
If Result Then
'If user exist, then redirect to success page
Response.Redirect ("success.asp")
Else
'If user don't exist, redirect to error page
Response.Redirect ("error.asp")
End If
End If
'// 2. Authenticate Function
Function AuthenticateUser(UserName, Password, Domain)
Dim strUser, strPassword, strQuery, oConn, cmd, oRS
'Assume Failure
AuthenticateUser = false
strUser = UserName
strPassword = Password
strQuery = "SELECT cn FROM 'LDAP://" & Domain & "' WHERE objectClass='*'"
Set oConn = server.CreateObject("ADODB.Connection")
oConn.Provider = "ADsDSOOBJECT"
oConn.Properties("User ID") = strUser
oConn.Properties("Password") = strPassword
oConn.Properties("Encrypt Password") = true
oConn.open "DS Query", strUser, strPassword
Set cmd = server.CreateObject("ADODB.Command")
Set cmd.ActiveConnection = oConn
cmd.CommandText = strQuery
On Error Resume Next
Set oRS = cmd.Execute
If oRS.bof OR oRS.eof Then
AuthenticateUser = False
Else
AuthenticateUser = True
End if
Set oRS = Nothing
Set oConn = nothing
End Function
%>
<html>
<head>
<title>Using Microsoft Active Directory Authentication</title>
</head>
<body>
<form name="DomainAuthentication" method="post">
Username:<input type="text" name="UserName" size="45">
Password:<input type="password" name="Password" size="45">
AD Domain:<input type="text" name="Domain" size="45">
<input name="submit" type="submit" value="Authenticate">
</form>
</body>
</html>
Download This Code | Total Download: [download#1#hits]
realy works
It is useful to try everything in practice anyway and I like that here it’s always possible to find something new.