Help - Security using Domain Groups - WPF

kimosavi

kimosavi

Active member
Joined
Apr 9, 2009
Messages
34
Location
Chicago, IL
Programming Experience
3-5
Hi,

I started developing an application in WPF w/VB and want to set the security to work with Domain Groups.

In there Database there is a table that stores the Domain and Group name.

When an user opens the application the application will search for the list of groups and validate that the user belogs to this list. If so, will open the app otherwise will exit. There will also be another table with individual usernames in case the Admin will like to just add one individual and not just a full group.

My problem is that, this is the first time attempting to do something like this and I have no knowledge of what imports, libraries or services should I use.

Currently I did the following:

VB.NET: 
' Method1

            Dim rs As New App.Services.Data.RecordSet("SELECT * FROM TBL_Security_Groups", "TBL_Security_Groups")
            For Each Row As System.Data.DataRow In rs.Results.Rows
                Dim vGroup As DirectoryServices.AccountManagement.GroupPrincipal
                vGroup = DirectoryServices.AccountManagement.GroupPrincipal.FindByIdentity(IsPublic.CurrentUser.Identity.Context, Row.Item("Domain") + "\" + Row.Item("Name"))
                If Not vGroup Is Nothing Then
                    If DirectoryServices.AccountManagement.UserPrincipal.Current.IsMemberOf(vGroup) Then
                        vResults = True
                        Exit For
                    End If
                End If
            Next

' Method2

            Dim rs As New App.Services.Data.RecordSet("SELECT * FROM TBL_Security_Groups", "TBL_Security_Groups")
            For Each Row As System.Data.DataRow In rs.Results.Rows
                If My.User.IsInRole(Row.Item("Domain") + "\" + Row.Item("Name")) Then
                    vResults = True
                    Exit For
                End If
            Next

Method 1 worked well with my local groups but took FOR EVER! to go down a list of 5 groups... It was wasting a lot of time in

vGroup = DirectoryServices.AccountManagement.GroupPrincipal.FindByIdentity(IsPublic.CurrentUser.Identity.Context, Row.Item("Domain") + "\" + Row.Item("Name"))

Method 2 didn't work so well... its was looking for ROLES not GROUPS right? not sure the different, I think ROLES are more for Web Security right?

My plan was to get a list of all the groups from Active directory that the user is a member of and then validate that with the groups setup in the db. if they match, user can log in. Read a lot of stuff but got me more confused.

How do I get such list from Active Directory? Will I be able to test this in my Win 7 PC (not in the network)?

Domain: Marketing.Global.Corp
User : MARKETING\myusername

Thanks!
 
Sort by date Sort by votes
With the speed issue, perhaps that's network speeds / hosting speeds. I would think you're in the wrong section though? Perhaps moving this to something like Databases or developing windows forms might get you the answer you need. :)
 
Upvote 0 Downvote
Thanks Christopherx,

I found what was the problem.

Of Course I was testing this on a non-domain environment and the authentication method was not finding the domain controller. This was the reason for the slowness. I then setup a Virtual Machine with Win2003 and a Domain Controller and everything was authenticating really fast even with when using System.DirectoryServices.AccountManagement

He is the code that I used in case people will like to share. I will use two different authentication methods, (admin selection) to either use Domain or to have the password store and do a direct authentication. Since this system will be design as a prototype I will like to use as many different authentication methods as possible... ANY RECOMMENDATIONS?!?!? :)



VB.NET: 
                    Dim vGroups As PrincipalSearchResult(Of Principal) = IsPublic.CurrentUser.Identity.GetAuthorizationGroups()
                    Dim rs As New App.Services.Data.RecordSet("SELECT * FROM TBL_Security", "TBL_Security")
                    For Each Row As System.Data.DataRow In rs.Results.Rows
                        Select Case Row.Item("Type")
                            Case SecurityType.Users
                                If vUserName = Row.Item("Domain") + "\" + Row.Item("Name") Then
                                    vResults = True
                                End If
                            Case SecurityType.Groups
                                For Each vGroup As Principal In vGroups
                                    If vDomain + vGroup.Name = Row.Item("Domain") + "\" + Row.Item("Name") Then
                                        vResults = True
                                        Exit For
                                    End If
                                Next
                        End Select
                        If vResults = True Then Exit For
                    Next
 
Upvote 0 Downvote

Similar threads

B
  • Question
Question Integrate on-premises ad with asp.net web application
Replies
0
Views
1K
bkdprakash
B
A
  • Solved
Resolved Enumerate network shares
Replies
5
Views
2K
aaaron
A
M
  • Question
Question I am using VB2019 I want to create a database, I got problems
Replies
1
Views
1K
jmcilhinney
jmcilhinney
A
  • Solved
Resolved Shared Methods
Replies
3
Views
823
jmcilhinney
jmcilhinney
G
  • Question
Question How to create multiple user accounts in database
Replies
3
Views
2K
chrisjlocke1
chrisjlocke1

Share this page

Latest posts

Back
Top