Help - Search - Members - Calendar
Full Version: Authenticating intranet access via active Directory Groups
HTMLHelp Forums > Programming > Server-side Scripting
TonyCable
Aug 24 2009, 02:36 PM
Hi

I’m currently working on a new departmental intranet and am after some advice.

Basically I’m after authenticating users via active directory groups to see if they can access / see a section of a page.

We have (as well as others) two groups that I will be starting off with: grpstudents and grpstaff. All students are a member of grpstudent and all staff are a member or grpstaff.

What I would like to do is code a asp if statement that states if the user is a member of grpstaff then they can see the section.

I have used in the past <% If (UCASE(Request.ServerVariables("AUTH_USER")) = "Domain\username") THEN> to authenticate access in the past, but as you can image if I was to write one of these for staff it would be huge and a nightmare to keep up to date. At least by using the group method, it will always be up to date without me having to do anything.

I will be expanding this to other groups, but want to get a ‘basic / easier’ one set up first so I understand it.

This is ASP coding by the way laugh.gif
az2008
Aug 27 2009, 05:58 PM
QUOTE(TonyCable @ Aug 24 2009, 12:36 PM) *

Basically I’m after authenticating users via active directory groups to see if they can access / see a section of a page.


I don't know if .asp has a native way to access AD. But, I know that AD is MS's implementation of LDAP. And, maybe people use "ado" to access LDAP from things like visual basic. This is an example: http://rulink.rutgers.edu/ldap-vb.html

This is an example of using ADO (and maybe ADS?) to test group ownership in AD: http://www.scriptinganswers.com/forum2/for...ts.asp?TID=3114

If .asp doesn't have some kind of native AD support, you're going to have to do something like that.

Another example can be found by googling for "use of ismember in vbscript". The top search result is a link to Experts Exchange (http://www.experts-exchange.com/Programming/Languages/Visual_Basic/Q_21386252.html). However, you have to get to it through Google's search results. (They'll show you the answers if you arrive from Google. Otherwise they charge you to see the answer.).

For more help with ADO, you may have to find an AD or visual basic forum. I could help a little with my LDAP experience. But, I'm not sure how much the two differ. I know that they're generally the same (and the LDAP example provided above should be very close to how you'd work with AD.).

Mark
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2009 Invision Power Services, Inc.