Question Using LDAP for authenication

[paulucer]

I have always used my on security managed in a database for user authentication in my applications. I am now trying to switch to using ldap and could use some help. I am not sure if i am mistaken on how this works but i think this is how it goes: I connect to my ldap using a username and password that has permission to guerry/access ldap. In other words this would be the username and password i would use to connect to the SQL server if i was using that to authenticate. I then capture the username and password of the user via a couple of text boxes and this is where i get stuck. How do i pass those user credentials to ldap to verify the username and password match.. here is the code that i have now that connect to ldap: Thanks for any help!

Dim uid As String = "CN=web_system,OU=LDAP,OU=Service Accounts,DC=ACN,DC=ad,DC=usla,DC=edu"
Dim password As String = "!8?safasdfasd@dsafsadf"
Dim root As DirectoryEntry = New DirectoryEntry( _
"LDAP://directory.xxx.edu", uid, password, _
AuthenticationTypes.None)

Try


' attempt to use LDAP connection
Dim connected As Object = root.NativeObject
' no exception, login successful
Response.Write( _
"<span style=""color:green;"">Login successful.</span>")
Catch ex As Exception
' exception thrown, login failed
Response.Write( _
"<span style=""color:red;"">Login failed.</span>")
End Try

 

[JohnSimons]

Hi, this is a method I always use to check if a user is part of the domain, it took me a long time to find everything out, because there is not much on internet you can find about it.
Just create a forms application and drop this code in (you also need to set the references (from Framework).

'======================================================================================

Imports System.DirectoryServices.AccountManagement

Imports System.DirectoryServices

Public Class Form1

    Private strUserId As String

    Private DomainName As String = System.Net.NetworkInformation.IPGlobalProperties.GetIPGlobalProperties().DomainName

    Private Sub Form1_Load(sender As Object, e As EventArgs) Handles MyBase.Load

        Try

            'Need to split the user here, because the value is: DOMAIN\UserID

            Dim UserSplit As Array = Split(My.User.Name, "\")

            strUserId = UserSplit(1)

        Catch ex As Exception

            'report your error to the error handler

        End Try

        If AuthorizeThisUser(strUserId) = True Then

            Debug.Print("User is authorized on this network")

        Else

            Debug.Print("User is NOT authorized on this network")

        End If

    End Sub

    Private Function AuthorizeThisUser(ByVal strUserID As String) As Boolean

        Dim returnvalue As Boolean

        Dim dirEntry As System.DirectoryServices.DirectoryEntry

        Dim dirSearcher As System.DirectoryServices.DirectorySearcher

        dirEntry = New System.DirectoryServices.DirectoryEntry("LDAP://" & DomainName)

        dirSearcher = New System.DirectoryServices.DirectorySearcher(dirEntry)

        If strUserID <> "" Then

            dirSearcher.Filter = "(samAccountName=" & strUserID & ")"

        End If

        Dim DirectorySearchCollection As SearchResultCollection = dirSearcher.FindAll()

        If DirectorySearchCollection.Count = 0 Then 'return false if user isn't found

            returnvalue = False

        Else

            returnvalue = True

        End If

        Return returnvalue

    End Function

End Class

'======================================================================================