Last post Apr 25, 2014 07:38 AM by smirnov
Apr 23, 2014 06:08 PM|joegreen2005|LINK
I'm new with asp.net and I'm writing an application. The login form displays username of the person who has logged in to the PC. They can enter their AD password to login. After they login, I want to get their Full Name from LDAP.
Simple isn't it. Well may be for some of you, but I've trying to do this for days now and still I'm not making any progress. I googled it but still didn't find anything helpful. I'm quite frustrated. I'm using Integrated Windows Authentication and Impersonation
is set to true.
I'm running IIS 6.0 and ASP.NET 4.0.
Can somebody point me to code as how to do this? Please explain your answer step by step.
Thanks in advance,
Apr 24, 2014 03:23 AM|smirnov|LINK
this question has been asked already many times on this forum.
All what you need to do is to get a value of the "displayName" property.
string ldapPath = "LDAP://corp.net:389/dc=corp,dc=net";
DirectoryEntry de = new DirectoryEntry(ldapPath);
DirectorySearcher s = new DirectorySearcher(de);
string userName = User.Identity.Name;
s.Filter = "(name=" + userName + ")";
SearchResult sr = s.FindOne();
Label1.Text = "Name is " + sr.Properties["displayName"] + "";
See more details http://forums.asp.net/t/1665598.aspx?How+to+get+Full+Name+from+AD+LDAP+
Another thing is that if you on Integrated Windows Authentication then you do not need to enter any AD password to login because it is already
integrated. Also, impersonation is not required for such things as full name, etc. So, if the above code will not help, please explain your requirements in more details.
Hope this helps.
Apr 24, 2014 07:10 AM|joegreen2005|LINK
Thanks smirnov. Your code is about getting Full Name but not about how to log in. Can you tell me how to allow user to log in. Here is what I want:
I have a web form with fields - username, Password and Login button. When web form loads, it grabs the username of the user logged in to PC and displays in the username textbox. User has to type their AD password and click on Log in button.
Users from 2 domains will be using this web form.
I do not want to use Basic Autnetication because passwords are sent in clear text. I have another application that does exactly the same but it is configured to work with ASP.NET 2.0 on IIS and it uses Integrated Windows Authentication. The only difference
is ASP.NET works for one domain and I want the new application in ASP.NET 4.0 to work with 2 domains.
Why Integrated Windows Authentication works fine in ASP.NET 2.0 and not in ASP.NET 4.0?
I noticed that with Basic Authentication and Digest, I get logi prompts which I don't want since I've a web form.
Hope this makes sense.
Apr 24, 2014 07:13 AM|joegreen2005|LINK
If I decide to forget about 4.0 and switch to ASP.NET 2.0, then I don't know how to get users Full Name.
Apr 24, 2014 05:41 PM|smirnov|LINK
Integrated Windows Authentication does not require to enter the user name and password.
Users are authenticated against AD, and their credentials are not transmistted across the Internet. In addition, users are provided with a seamless experience, as they only need to log in to Windows, and their browser and IIS take care of managing
authentication from then on.
Apr 24, 2014 06:50 PM|joegreen2005|LINK
I really didn't think login is going to be such a headche in ASP.NET.
Apr 25, 2014 07:38 AM|smirnov|LINK
integrated windows authentication works fine in .NET2 and 4. All what usually is required to be done
1) setup IIS for integrated windows authentication
2) setup asp.net application
<authentication mode="Windows" />
3) enable integrated windows authentication in IE
depends on environment you might need some additional settings
These 3 points are usually enough to enable integrated windows authentication on ASP.NET. This should then work as follows
1) user is authenticated in the system (Windows)
2) he opens IE and navigate to your site
3) he is automatically authenticated in your application, meaning that there is no username or password prompt is required.
This works well with any version of .NET
Now, the original question was about how to get the name of the user. You will get his name with the above code in any .NET version. However, if you could use .NET3.5 or later you could use System.DirectoryServices.AccountManagement Namespace where same
task could be easy as