|
»
»
»
« Return to Thread: ldap authentication
Need help on LDAP
by vishu4u22
::
Rate this Message:
hi i am working on ldap requirement.
details are as bellow.
1) we need to pull windows logon username and windows logon domain name from ldap/ad, and save it to sql server database table (Once win user name and domain has been saved in DB, my application will use this info for Authontication). is it possible to pull? and how to do that using C# code.
also i have doubt that,
2) my windows logon user name is "vpatil". machine name is "vpatil-xp".domain name is FCY_nt..i have got sample code which returns me users from active directory.
the output i am getting is "Patil\, varun". but i want to the result as "vpatil". how can i get this "vpatil" instead of "Patil\, varun"?
thanks in advance, kindly reply
details are as bellow.
1) we need to pull windows logon username and windows logon domain name from ldap/ad, and save it to sql server database table (Once win user name and domain has been saved in DB, my application will use this info for Authontication). is it possible to pull? and how to do that using C# code.
also i have doubt that,
2) my windows logon user name is "vpatil". machine name is "vpatil-xp".domain name is FCY_nt..i have got sample code which returns me users from active directory.
the output i am getting is "Patil\, varun". but i want to the result as "vpatil". how can i get this "vpatil" instead of "Patil\, varun"?
thanks in advance, kindly reply
Quanah Gibson-Mount wrote:
--On Wednesday, February 22, 2006 9:08 AM -0500 Frank Swasey
<Frank.Swasey@uvm.edu> wrote:
> Good morning,
>
> The standard way that I've always told people is:
>
> - Bind to the ldap server
> - Search for the uid provided
> - Obtain the DN from the search
> - Attempt to BIND as the DN using the password they provided.
Of course, assuming that the LDAP server is used for authentication can be
a bad mistep for any application. Plenty of people use things like a
Kerberos KDC for the authentication bit, meaning that users often have
authenticated long before getting to any applications. In that case, then
the directory is often used for *authorization* using the credentials the
user has already obtained (See things like SASL/GSSAPI or SASL/EXTERNAL for
LDAP).
One of the most painful things I deal with in applications is ones that
want to use their own username/password space. Second to that are
applications that want to take a username and bind against an LDAP
directory. Too many application developers spend their time re-inventing
the wheel over and over again on how to do authentication, when what they
need to focus on is the authorization aspects, since most institutions have
already have an authorization scheme in place that the application
developers simply need to plug into.
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
---
You are currently subscribed to ldap@umich.edu as: [lists@nabble.com]
To unsubscribe send email to ldap-request@umich.edu with the word UNSUBSCRIBE as the SUBJECT of the message.
« Return to Thread: ldap authentication
| Free Forum Powered by Nabble | Forum Help |
