Last post Aug 16, 2012 07:30 PM by gww
Aug 14, 2012 02:09 PM|VictorDotNet|LINK
Please help I am trying to get this to work at list for a week now. I was able to authenticate against the entire Active Directory, but thats not what I need.
I need only a the people in this OU to be able to login. (OU=helpdesk,OU=Ac,DC=ash,DC=com")
& domainName // this is a variable that being passed that looks like OU=helpdesk,OU=Ac,DC=ash,DC=com keep in mind I am able to login with any user in AD but I only need from this OU(Helpdesk)
userName, userPassword, AuthenticationTypes.Secure)
// this group has all the people in helpdesk
Aug 16, 2012 07:30 PM|gww|LINK
A few things to try.
Check to make sure you are using the full ldap string, for example LDAP://ash.com/OU=helpdesk,OU=Ac,DC=ash,DC=com.
For your filter try using the memberof property with the full ldap path to the help desk group dirsearcher.Filter="
(&(memberof=CN=KBAMHD,OU=helpdesk,DC=ash,DC=com)(samaccountname=userName))". That will return only that username that is a member of that group. Instead of hardcoding he CN for the group name I would suggest making a function that searched for the group using
its CN and returned its path as a string.
What you can also try loading the memberof property with propertiestoload.add. When the user attempts to login you can loop through the collection and see if the user is a member of that group and if not deny access.
Also since you are just trying to authenticate the user you can use findone instead of findall since you are only wanting to find that one group and not all possible matches.