How do you use Active Directory to control access to your web site?
Platform: IIS 6 running on Windows Server 2003 SP2
You have created an Active Directory Security group, and want to use it to control access to a web page.
ASP.NET allows integration of Windows services into the web site. When a web page loads, you can authenticate the credentials of the user. A person without the proper credentials is redirected to another web page. The script iterates through each member of the security group.
This is a VB.NET script, which will run on IIS. It validates a user is in an AD group. The ordering of the OU string is important. It goes from most granular to least granular.
'Validates the user with the Active Directory Group using LDAP
Public Function validate_group(ByVal caseID As String, ByVal groupName As String) As Boolean
Dim OuDn As String = groupName + ",OU=Pharm-AdminStaff,OU=Department of Pharmacology,ou=School of Medicine,ou=delegated Departments,dc=ads,dc=case,dc=edu"
Dim directoryObject As DirectoryEntry = New DirectoryEntry("LDAP://" + OuDn)
'Iterates all the members of the group
For Each dn As Object In directoryObject.Properties("member")
If dn.ToString.StartsWith("CN=" + caseID) Then
Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If ValidateGroup(CaseID, GroupName) = False then
' User does not have the correct credentials
' Correct credentials