Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post May 22, 2012 01:20 PM by gww
May 22, 2012 10:45 AM|LINK
I am using the following code for Authenticating the user through Active Directory.
In it we need the password of the user.
Is it possible to retrive the password of the user from AD.
If not can this code be modified to use only UserName to authencate the user.
Pls find the code below.
I need the Solution on urgent basis pls reply with your valuable comments.
IsAuthenticated(string domain, string username, string pwd)
//string Username = domain + @"\" +username;
string Username = username;
DirectoryEntry entry = new DirectoryEntry(_path, Username, pwd, AuthenticationTypes.Secure);
//Bind to the native AdsObject to force authentication.
object obj = entry.NativeObject;
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(SAMAccountName= " + username + ")";
SearchResult result = search.FindOne();
if (null == result)
//Update the new path to the user in the directory.
_path = result.Path;
_filterAttribute = result.Properties["cn"].ToString();
catch (Exception ex)
throw new Exception("Error authenticating user. " + ex.Message);
May 22, 2012 11:28 AM|LINK
You cannot retrive the password of the user from AD
DirectoryEntry entry = new DirectoryEntry("LDAP://DomainName");
DirectorySearcher Dsearch = new DirectorySearcher(entry);
dSearch.Filter = "(&(objectClass=user)(l=" + Name + "))";
foreach(SearchResult sResultSet in dSearch.FindAll())
// Login Name
// First Name
// Middle Initials
// Last Name
Public static string GetProperty(SearchResult searchResult,
return searchResult.Properties[PropertyName].ToString() ;
from above code you can verify that 'Alex' exists in AD or not
May 22, 2012 01:20 PM|LINK
From your code it would appear you have a login form that the user is to enter their username and password into to be authenticated through AD. If you do not need or want the user to provide their password, you can have them auto authenticate through with
their credentials that they are logged on their computers. You can use Application_AuthenticateRequest if you are using forms authentication or WindowsAuthentication_Authenticate if you are using windows authentication in the global.asax file.
You can setup a service account in AD and use its login info to provide access in your code instead of providing the user's info. Then use the username of the user to filter AD to see if that account exists and if it does return true. You can grab the user's
name with either request.servervariables("LOGON_USER") or e.Identity.name.