Search Results

Search found 21334 results on 854 pages for 'active directory'.

Page 20/854 | < Previous Page | 16 17 18 19 20 21 22 23 24 25 26 27  | Next Page >

  • How do I use NTLM authentication with Active Directory

    - by Jon Works
    I am trying to implement NTLM authentication on one of our internal sites and everything is working. The one piece of the puzzle I do not have is how to take the information from NTLM and authenticate with Active Directory. There is a good description of NTLM and the encryption used for the passwords, which I used to implement this, but I am not sure of how to verify if the user's password is valid. I am using Coldfusion but a solution to this problem can be in any language (Java, Python, PHP, etc). Edit: I am using Coldfusion on Redhat Enterprise Linux. Unfortunately we cannot use IIS to manage this and instead have to write or use a 3rd party tool for this.

    Read the article

  • VBS Script for modifying multi-value Active Directory display specifier

    - by sh-beta
    Following the howto Extending the Active Directory Schema To Track Custom Info I'm able to setup a single-value schema attribute that is easily changeable via a context menu in ADUC. Multi-value schema attributes get considerably more complicated. Say (for the sake of argument) my value is "Projects" and each user may be a list as many projects as necessary. Following is a sad little script that will set Project to a single value: Dim oproject Dim oUser1 Dim temp1 Set oproject = Wscript.Arguments Set oUser1 = GetObject(oproject(0)) temp1 = InputBox("Project: " & oUser1.project & vbCRLF & vbCRLF & "Project") if temp1 <> "" then oUser1.Put "project",temp1 oUser1.SetInfo Set oUser1 = Nothing Set oproject = Nothing Set temp1 = Nothing WScript.Quit How can I modify this to allow, assign, and modify multiple values?

    Read the article

  • Active Directory public key use

    - by Chris Meadows
    I have a client who has a requirement to validate users logging into my web application against his active directory using LDAP. In trying to connect using the DirectoryEntry and DirectorySearcher .NET classes, I can connect to his AD Server but not access it. The client's AD server has an SSL Certificate for which he has given me a public key file but I don't know how to use this public key file in my C# code. When I issue the connect command through code, I see, via Wireshark, my application sending the connection request. I then see the server responding with "Server Hello, Certificate, Certificate Request, Server Hello Done". Then my application never responds after that. In using another application, written by somebody else for which I do not have code, I see the same request from the server and then see the application respond with "Certificate, Client Key Exchange" and then the application connects and runs. With that said, my question then becomes, how can I get my C# application to load and send the key file I got from the client?

    Read the article

  • Authenticating to multiple OUs in Active Directory

    - by Jaxidian
    I'm using the Active Directory Membership Provider with the following configuration: <connectionStrings> <add name="MyConnString" connectionString="LDAP://domaincontroller/OU=Product Users,DC=my,DC=domain,DC=com" /> </connectionStrings> <membership defaultProvider="MyProvider"> <providers> <clear /> <add name="MyProvider" connectionStringName="MyConnString" connectionUsername="my.domain.com\service_account" connectionPassword="biguglypassword" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </membership> This works perfectly except it requires ALL of my users to be in the "Product Users" OU when I would actually like to have all of my users organized into various child OUs under our "Product Users" OU. Is this possible? (Note that this is a partial repost of this question but the question I'm asking here was never answered there.)

    Read the article

  • Find directory on different server C#

    - by rainhider
    I have a website on Server A and it needs to find a directory on Server B. On my aspx page, I have: <mb:FileSystemDataSource ID="fileSystemDataSource" runat="server" RootPath="\\servername\Folder\Subfolder" FoldersOnly="true" /> mb is assembly name alias. On my aspx.cs page, I have: protected void Page_Load(object sender, EventArgs e) { DataTable gridviewSource = DisplayFilesInGridView(); DataRow gridviewRow; //sets the server path so it does not default to current server string ServerPath = System.IO.Path.Combine( "//", this.fileSystemDataSource.RootPath); //Get All Folders Or Directories and add in table DirectoryInfo directory = new DirectoryInfo(Server.MapPath(ServerPath)); DirectoryInfo[] subDirectories = directory.GetDirectories(); } Well, it throws an error on the Server.MapPath because it cannot find the server. I am connected to the network. I looked at IIS, and I am pretty sure that is not the problem. If so, I would really need specifics. Any help would be appreciated.

    Read the article

  • Active Directory Programming help needed

    - by ricky2002
    Hello Friends, I want to make Windows Service in .NET which has to run on Windows Server 2003, 2008. The main functionalities i need are: As soon as a network user logs in, Display his: User name in Active Directory Domain Ip Address from where he connected I do not want to install or run any program/script on the client machine. Any help on how to go about developing this will be greatly appreciated. i saw some articles explaining this using the System.Environment namespace and some others but they only shed light for the local logged on user.

    Read the article

  • Replicating Active Directory - testing scenarios

    - by Naeem Sarfraz
    Replicating a production server's Active Directory is possible through a number of approaches as mentioned here and here. I'm looking for a simpler approach if one exists. I have a mixed-mode authentication site that I need to test. Quite simply AD users (internal) will have more privilege's than someone who logs in via forms (external). We have a web service that cache's an AD structure (users & groups). I'm thinking of building a module (http handler I guess?) that will pick up my specially formed URL (http://impersonateduser@localhost/mywebapp) and use the bit before the @ as the username. That will be the username I use for any subsequent operations. How does that sound? Has anyone got other proposals for testing scenarios like this?

    Read the article

  • Querying Active Directory in ruby app on Windows box

    - by Ben
    I have a small ruby app in which I'm trying to query some information from Active Directory. The app will be run by a Windows user who is already logged in. It looks like the ruby-net-ldap gem wants me to connect to an LDAP server using an IP address, port and then pass my username and password. Is there a way to achieve this (with a different gem, say) so that I don't have to pass this information (I don't have the current user's password for example, so that's not going to work)? I'm also hosting a Trac website on our intranet (which is written in Python if I remember correctly and that seems to know the current Windows username and domain. If it can do it, surely my little ruby app can access this information too?

    Read the article

  • Create directory using rake in windows

    - by intern
    We were trying to run fllowing code in rake file: directory "tmp" file "hello.tmp" => "tmp" do sh "echo 'Hello' >> 'tmp/hello.tmp'" end We have taken this code from http://jasonseifer.com/2010/04/06/rake-tutorial But, since we are working on windows commands like'sh','echo' wont work.. according to the explanation given for the above code, it should first create a directory 'tmp' and then create a file 'hello.tmp' which will have 'hello' as its text.. Firstly, how can we do this for windows? and Secondly, a file with extension '.tmp' sounds quite wierd.. what does 'hello.tmp' specifies? Does it simply mean that 'hello.tmp' is a text file in 'tmp' directory?

    Read the article

  • Get DLL's directory

    - by user296359
    Hi, I have a question about getting DLL's directory on Windows system. The situation is like this : I have a DLL and an EXE file. The exe file must load the DLL to run. These 2 modules are in different directories. Moreover, the directory of the DLL is changeable. Now I have to get the directory of the DLL in "run time". How could I do this? Thanks in advance.

    Read the article

  • How to setup a development Active Directory

    - by Rob
    Does anyone have any suggestions on how to setup a development environment for active directory? We are thinking of using development.contoso.com or something along those lines that is a completely separate envnironment from our production. This will be used for things like Dev SharePoint and possibly a Dev exchange server. Maybe even a dev CRM. We are thinking of setting this up all using virtual machines. Possibly having the production get replicated down on a regular basis as well. Does anyone have an experience with this or any suggestions on what to do or not to do for this?

    Read the article

  • Connecting flex/php to Active Directory

    - by modz0r
    Is there a way to connect my flex web application to Active Directory, and get the logged username? Right now we have a PHP script connected to the flex application, that gets user/pass input from the user and checks if there's such user in the AD, and that the password is correct. I don't want to ask for user/pass, but to make the application get the domain username that connected to it, so I could use it (check if the user has access to my application and such). Is there a way to do so?

    Read the article

  • Python change the working directory for an exe opened with startfile

    - by Saulpila
    In python i'm using the os.startfile command to start a windows executable that does especific stuff in its own folder, the python code is running from another folder, so when I start the file, it starts in the python script's working directory, but it has to start in its own directory. I've tried to use os.chdir(path) to change the working directory, but it fails, the file still not runs in it's own folder. I thought maybe there is a command like shortcut's "Start in" line. I've searched everywere, but not success. The only solution comes to my mind is to create a shortcut and add the "start in" line, then launch the shortcut, but that is very impractical.

    Read the article

  • How to configure IIS7 to Redirect member of An active Directory group to static page

    - by user1759075
    On IIS, we have disabled Anonymous authentication and enabled Windows Authentication What we need is to only allow users who are members of an Active Directory security group to access the Access Point at all. All other users should be directed to a static web page that will give them instructions on how to request access. By adding the security group to the website permissions, and removing the \Users group, we have almost achieved this. Users in the group are allowed through, those not in the group are asked for a (Windows) username and password. Instead of requesting the username and password, we want IIS to redirect them to the static page. Please advise me on how can this be done.

    Read the article

  • Active directory authentication for Ubuntu Linux login and cifs mounting home directories...

    - by Jamie
    I've configured my Ubuntu 10.04 Server LTS Beta 2 residing on a windows network to authenticate logins using active directory, then mount a windows share to serve as there home directory. Here is what I did starting from the initial installation of Ubuntu. Download and install Ubuntu Server 10.04 LTS Beta 2 Get updates # sudo apt-get update && sudo apt-get upgrade Install an SSH server (sshd) # sudo apt-get install openssh-server Some would argue that you should "lock sshd down" by disabling root logins. I figure if your smart enough to hack an ssh session for a root password, you're probably not going to be thwarted by the addition of PermitRootLogin no in the /etc/ssh/sshd_config file. If your paranoid or not simply not convinced then edit the file or give the following a spin: # (grep PermitRootLogin /etc/ssh/sshd_conifg && sudo sed -ri 's/PermitRootLogin ).+/\1no/' /etc/ssh/sshd_conifg) || echo "PermitRootLogin not found. Add it manually." Install required packages # sudo apt-get install winbind samba smbfs smbclient ntp krb5-user Do some basic networking housecleaning in preparation for the specific package configurations to come. Determine your windows domain name, DNS server name, and IP address for the active directory server (for samba). For conveniance I set environment variables for the windows domain and DNS server. For me it was (my AD IP address was 192.168.20.11): # WINDOMAIN=mydomain.local && WINDNS=srv1.$WINDOMAIN If you want to figure out what your domain and DNS server is (I was contractor and didn't know the network) check out this helpful reference. The authentication and file sharing processes for the Windows and Linux boxes need to have their clocks agree. Do this with an NTP service, and on the server version of Ubuntu the NTP service comes installed and preconfigured. The network I was joining had the DNS server serving up the NTP service too. # sudo sed -ri "s/^(server[ \t]).+/\1$WINDNS/" /etc/ntp.conf Restart the NTP daemon # sudo /etc/init.d/ntp restart We need to christen the Linux box on the new network, this is done by editing the host file (replace the DNS of with the FQDN of the windows DNS): # sudo sed -ri "s/^(127\.0\.0\.1[ \t]).*/\1$(hostname).$WINDOMAIN localhost $(hostname)/" /etc/hosts Kerberos configuration. The instructions that follow here aren't to be taken literally: the values for MYDOMAIN.LOCAL and srv1.mydomain.local need to be replaced with what's appropriate for your network when you edit the files. Edit the (previously installed above) /etc/krb5.conf file. Find the [libdefaults] section and change (or add) the key value pair (and it is in UPPERCASE WHERE IT NEEDS TO BE): [libdefaults] default_realm = MYDOMAIN.LOCAL Add the following to the [realms] section of the file: MYDOMAIN.LOCAL = { kdc = srv1.mydomain.local admin_server = srv1.mydomain.local default_domain = MYDOMAIN.LOCAL } Add the following to the [domain_realm] section of the file: .mydomain.local = MYDOMAIN.LOCAL mydomain.local = MYDOMAIN.LOCAL Conmfigure samba. When it's all said done, I don't know where SAMBA fits in ... I used cifs to mount the windows shares ... regardless, my system works and this is how I did it. Replace /etc/samba/smb.conf (remember I was working from a clean distro of Ubuntu, so I wasn't worried about breaking anything): [global] security = ads realm = MYDOMAIN.LOCAL password server = 192.168.20.11 workgroup = MYDOMAIN idmap uid = 10000-20000 idmap gid = 10000-20000 winbind enum users = yes winbind enum groups = yes template homedir = /home/%D/%U template shell = /bin/bash client use spnego = yes client ntlmv2 auth = yes encrypt passwords = yes winbind use default domain = yes restrict anonymous = 2 Start and stop various services. # sudo /etc/init.d/winbind stop # sudo service smbd restart # sudo /etc/init.d/winbind start Setup the authentication. Edit the /etc/nsswitch.conf. Here are the contents of mine: passwd: compat winbind group: compat winbind shadow: compat winbind hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files Start and stop various services. # sudo /etc/init.d/winbind stop # sudo service smbd restart # sudo /etc/init.d/winbind start At this point I could login, home directories didn't exist, but I could login. Later I'll come back and add how I got the cifs automounting to work. Numerous resources were considered so I could figure this out. Here is a short list (a number of these links point to mine own questions on the topic): Samba Kerberos Active Directory WinBind Mounting Linux user home directories on CIFS server Authenticating OpenBSD against Active Directory How to use Active Directory to authenticate linux users Mounting windows shares with Active Directory permissions Using Active Directory authentication with Samba on Ubuntu 9.10 server 64bit How practical is to authenticate a Linux server against AD? Auto-mounting a windows share on Linux AD login

    Read the article

  • InstallUtil Publishing WMI Schema to 64 Bit Directory Instead of 32 Bit Directory

    - by Nick
    This is similar to this question, but it doesn't look like a good solution was ever determined, so I'm opening a new one with clarified details. We wrote a .NET service, which among other things, publishes some of the class hierarchy using WMI. On a 64-Bit machine, we are running the 32-bit version of InstallUtil to install the service. It installs successfully, but when the service runs, we receive the following error message when publishing a WMI class using Instrumentation.Publish() DirectoryNotFoundException - (Could not find a part of the path 'C:\Windows\system32\WBEM\Framework\root\MyNamespace\MyService'.) However, this directory does exist in the C:\Windows\syswow64 directory. If we manually copy that directory structure to the system32 directory, then everything works. However, we are looking for automated solution, because we have this packaged up in an MSI which we distribute onto many servers. We have tried running the 64-Bit version of InstallUtil, to see if that would work, however... and this is the really weird part... it gives us an error on install that says Installing WMI Schema: Started An exception occurred during the Install phase. System.IO.DirectoryNotFoundException: Could not find a part of the path 'C:\Windows\system32\WBEM\Framework\root\MyNamespace\MyService.mof'. It looks as if somehow, the WMI installer flipped around. Has anyone else experienced this, or know of a work around?

    Read the article

  • How to Authenticate to Active Directory Services (ADs) using .NET 3.5 / C#

    - by Ranger Pretzel
    After much struggling, I've figured out how to authenticate to my company's Active Directory using just 2 lines of code with the Domain, Username, and Password in .NET 2.0 (in C#): // set domain, username, password, and security parameters DirectoryEntry entry = new DirectoryEntry("LDAP://" + domain, username, password, AuthenticationTypes.Secure | AuthenticationTypes.SecureSocketsLayer); // force Bind to AD server to authenticate object obj = entry.NativeObject; If the 2nd line throws an exception, then the credentials and/or parameters were bad. (Specific reason can be found in the exception.) If no exception, then the credentials are good. Trying to do this in .NET 3.5 looks like it should be easy, but has me at a roadblock instead. Specifically, I've been working with this example: PrincipalContext domainContext = new PrincipalContext(ContextType.Domain, domain); using (domainContext) { return domainContext.ValidateCredentials(UserName, Password); } Unfortunately, this doesn't work for me as I don't have both ContextOptions set to Sealed/Secure and SSL (like I did above in the .NET 2.0 code.) There is an alternate constructor for PrincipalContext that allows setting the ContextOptions, but this also requires supplying a Distinguished Name (DN) of a Container Object and I don't know exactly what mine is or how I would find out. public PrincipalContext(ContextType contextType, string name, string container, ContextOptions options); // container: // The container on the store to use as the root of the context. All queries // are performed under this root, and all inserts are performed into this container. // For System.DirectoryServices.AccountManagement.ContextType.Domain and System.DirectoryServices.AccountManagement.ContextType.ApplicationDirectory // context types, this parameter is the distinguished name of a container object. Any suggestions?

    Read the article

  • Saving record in Subsonic 3 using Active Record

    - by singfoom
    I'm having trouble saving a record in Subsonic 3 using Active record. I've generated my objects using the DALs and tts and everything seems fine because the following test passes. I think that my connection string is correct or the generation wouldn't have succeeded. [Test] public void TestSavingAnEmail() { Email testEmail = new Email(); testEmail.EmailAddress = "[email protected]"; testEmail.Subscribed = true; testEmail.Save(); Assert.AreEqual(1, Email.All().Count()); } On the live side, the following code fails: protected void btEmailSubmit_Click(object sender, EventArgs e) { Email email = new Email(); email.EmailAddress = txtEmail.Text; email.Subscribed = chkSubscribe.Checked; email.Save(); } with a message of: Need to specify Values or a Select query to insert - can't go on! at the following line repo.Add(this,provider); line in my ActiveRecord.cs: public void Add(IDataProvider provider){ var key=KeyValue(); if(key==null){ var newKey=_repo.Add(this,provider); this.SetKeyValue(newKey); }else{ _repo.Add(this,provider); } SetIsNew(false); OnSaved(); } Am I doing something horribly wrong here? The save and add methods have parameterless overloads that I thought were safe to use. Do I need to pass a provider? I've googled around for this for a while and was unable to come up with anything specific to my situation. Thanks in advance for any kind of answer.

    Read the article

  • Error: Only LDAP Connection Strings are Supported against Active Directory

    - by Brent Pabst
    I have the following ASP.NET Membership section defined in the Web.config file: <membership defaultProvider="AspNetActiveDirectoryMembershipProvider"> <providers> <clear/> <add connectionStringName="ADService" connectionUsername="umanage" connectionPassword="letmein" enablePasswordReset="true" enableSearchMethods="true" applicationName="uManage" clientSearchTimeout="30" serverSearchTimeout="30" name="AspNetActiveDirectoryMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </membership> The Connection string looks like this: <add name="ADService" connectionString="ldap://familynet.local" /> Whenever I call the following code: Membership.GetAllUsers(); I get the following error: Configuration Error Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately. Parser Error Message: Only LDAP connection strings are supported against Active Directory and ADAM. I don't understand why the system is claiming the LDAP connection string is bad because it is in fact a valid LDAP string as specified by the MSDN documentation. http://msdn.microsoft.com/en-us/library/system.web.security.activedirectorymembershipprovider.aspx Any ideas?

    Read the article

  • Fast way to get a list of group members in Active Directory with C#

    - by Jeremy
    In a web app, we're looking to display a list of sam accounts for users that are a member of a certain group. Groups could have 500 or more members in many cases and we need the page to be responsive. With a group of about 500 members it takes 7-8 seconds to get a list of sam accounts for all members of the group. Are there faster ways? I know the Active Directory Management Console does it in under a second. I've tried a few methods: 1) PrincipalContext pcRoot = new PrincipalContext(ContextType.Domain) GroupPrincipal grp = GroupPrincipal.FindByIdentity(pcRoot, "MyGroup"); List<string> lst = grp.Members.Select(g => g.SamAccountName).ToList(); 2) PrincipalContext pcRoot = new PrincipalContext(ContextType.Domain) GroupPrincipal grp = GroupPrincipal.FindByIdentity(pcRoot, "MyGroup"); PrincipalSearchResult<Principal> lstMembers = grp.GetMembers(true); List<string> lst = new List<string>(); foreach (Principal member in lstMembers ) { if (member.StructuralObjectClass.Equals("user")) { lst.Add(member .SamAccountName); } } 3) PrincipalContext pcRoot = new PrincipalContext(ContextType.Domain) GroupPrincipal grp = GroupPrincipal.FindByIdentity(pcRoot, "MyGroup"); System.DirectoryServices.DirectoryEntry de = (System.DirectoryServices.DirectoryEntry)grp.GetUnderlyingObject(); List<string> lst = new List<string>(); foreach (string sDN in de.Properties["member"]) { System.DirectoryServices.DirectoryEntry deMember = new System.DirectoryServices.DirectoryEntry("LDAP://" + sDN); lst.Add(deMember.Properties["samAccountName"].Value.ToString()); }

    Read the article

  • Active Directory - Query Group for all machines

    - by Ben Cawley
    Hi, I'm trying to obtain a list of all Machines that are members of a known group. I have the group GUID and am constructing a query using the "memberof=" format and filtering by ObjectClass. This works fine but doesn't return machines if the PrimaryGroup attribute of a machine is set to be the known group. In this case, that machine won't be returned. I've found the explanation of why this is in the following link (See Joe Kaplan's response) http://www.eggheadcafe.com/software/aspnet/29773581/active-directory-query-c.aspx Unfortunately the outlined answer is how to obtain the list of groups from a given user. I'd like to do the reverse and from a given group obtain the list of machines. It seems that the PrimaryGroup information is stored on the Machine/User side so I'm not sure if what I want to do is even possible. I had thought I would be able to query the TokenGroup attribute of the known group and then construct a query to return all machines that have the TokenGroup attribute set but it seems that not all groups have this attribute. Does anyone have any ideas or suggestions? If any clarification is needed let me know! Cheers, Ben

    Read the article

  • Different approaches for finding users within Active Directory

    - by EvilDr
    I'm a newbie to AD programming, but after a couple of weeks of research have found the following three ways to search for users in Active Directory using the account name as the search parameter: Option 1 - FindByIdentity Dim ctx As New PrincipalContext(ContextType.Domain, Environment.MachineName) Dim u As UserPrincipal = UserPrincipal.FindByIdentity(ctx, IdentityType.SamAccountName, "MYDOMAIN\Administrator") If u Is Nothing Then Trace.Warn("No user found.") Else Trace.Warn("Name=" & u.Name) Trace.Warn("DisplayName=" & u.DisplayName) Trace.Warn("DistinguishedName=" & u.DistinguishedName) Trace.Warn("EmployeeId=" & u.EmployeeId) Trace.Warn("EmailAddress=" & u.EmailAddress) End If Option 2 - DirectorySearcher Dim connPath As String = "LDAP://" & Environment.MachineName Dim de As New DirectoryEntry(connPath) Dim ds As New DirectorySearcher(de) ds.Filter = String.Format("(&(objectClass=user)(anr={0}))", Split(User.Identity.Name, "\")(1)) ds.PropertiesToLoad.Add("name") ds.PropertiesToLoad.Add("displayName") ds.PropertiesToLoad.Add("distinguishedName") ds.PropertiesToLoad.Add("employeeId") ds.PropertiesToLoad.Add("mail") Dim src As SearchResult = ds.FindOne() If src Is Nothing Then Trace.Warn("No user found.") Else For Each propertyKey As String In src.Properties.PropertyNames Dim valueCollection As ResultPropertyValueCollection = src.Properties(propertyKey) For Each propertyValue As Object In valueCollection Trace.Warn(propertyKey & "=" & propertyValue.ToString) Next Next End If Option 3 - PrincipalSearcher Dim ctx2 As New PrincipalContext(ContextType.Domain, Environment.MachineName) Dim sp As New UserPrincipal(ctx2) sp.SamAccountName = "MYDOMAIN\Administrator" Dim s As New PrincipalSearcher s.QueryFilter = sp Dim p2 As UserPrincipal = s.FindOne() If p2 Is Nothing Then Trace.Warn("No user found.") Else Trace.Warn(p2.Name) Trace.Warn(p2.DisplayName) Trace.Warn(p2.DistinguishedName) Trace.Warn(p2.EmployeeId) Trace.Warn(p2.EmailAddress) End If All three of these methods return the same results, but I was wondering if any particular method is better or worse than the others? Option 1 or 3 seem to be the best as they provide strongly-typed property names, but I might be wrong? My overall objective is to find a single user within AD based on the user principal value passed via the web browser when using Windows Authentication on a site (e.g. "MYDOMAIN\MyUserAccountName")

    Read the article

  • Sharepoint Active directory forms authentication

    - by Sushant
    Hi, I am devloping a sharepoint website in Forms authentication mode. I am trying to authenticate myself/ my company users against company's active directory. The ldap path I received from my technical team is LDAP://infinmumcfac.inf.com OU=Infotech,DC=inf,DC=com I got this piece of code from microsoft site. <membership defaultProvider="LdapMembershipProvider"> <providers> <add name="LdapMembership" type="Microsoft.Office.Server.Security.LDAPMembershipProvider, Microsoft.Office.Server, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71E9BCE111E9429C" server="DC" port="389" useSSL="false" userDNAttribute="distinguishedName" userNameAttribute="sAMAccountName" userContainer="CN=Users,DC=userName,DC=local" userObjectClass="person" userFilter="(|(ObjectCategory=group)(ObjectClass=person))" scope="Subtree" otherRequiredUserAttributes="sn,givenname,cn" /> </providers> </membership> The site asked me to change the Server and Usercontainer attribute. I have modified the code to <membership defaultProvider="LdapMembershipProvider"> <providers> <add name="LdapMembership" type="Microsoft.Office.Server.Security.LDAPMembershipProvider, Microsoft.Office.Server, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71E9BCE111E9429C" server=” infinmumcfac.inf.com” port="389" useSSL="false" userDNAttribute="distinguishedName" userNameAttribute="sAMAccountName" userContainer=" OU=Infotech,DC=inf,DC=com " userObjectClass="person" userFilter="(|(ObjectCategory=group)(ObjectClass=person))" scope="Subtree" otherRequiredUserAttributes="sn,givenname,cn" /> </providers> </membership> I placed this code in web.config file of central administration site and my sharepoint website . I am still facing login issues. Any help or insight would be highly grateful.Thanking in anticipation.

    Read the article

  • Active Directory Incorrect password attempts double counting

    - by Hidayath
    Hi I am using the following C# code to connect to active directory and validate the login, DirectoryEntry de = new DirectoryEntry(); string username = "myuser", path = "LDAP://addev2.dev.mycompany.com/CN=myuser,DC=dev,DC=mycompany,DC=com", password = "test"; for (int i = 0; i < 4;i++ ) { try { de.AuthenticationType = AuthenticationTypes.Sealing | AuthenticationTypes.Secure | AuthenticationTypes.FastBind; de.Username = username; de.Password = password; de.Path = path; //de.RefreshCache(); Object obj = de.NativeObject; } catch (Exception ex) { Console.WriteLine(ex.Message); } this works fine when the password is correct. However when the password is incorrect this shows as 2 invalid attempts in AD. So what happens is when the AD admin allows 5 invalid attempts the user is locked out on the 3rd attempt. when i look in the AD's event log 1 see 2 entries. 1)Pre-authentication failed: 2)Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 Logon account: [email protected] Source Workstation: WKSXXXX Error Code: 0xC000006A Stepping thro the code i see 2 event entries on the line de.RefreshCache() I tried using de.NativeObject to see if that would solve the problem. No Dice Anyone have any pointers?

    Read the article

< Previous Page | 16 17 18 19 20 21 22 23 24 25 26 27  | Next Page >