FormsAuthentication using windows

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Fredrik Elestedt (noname_at_nospam.now)
Date: 12/27/04 

Date: Mon, 27 Dec 2004 22:12:07 +0100

Hi,

I've been trying to use FormsAuthentication agains windows users and
groups - not Active Directory.
I couldn't find any articles on this directly, not to say that there aren't
any out there, if you know of one - please let me know.
Anyways - the problem I'm having is that only Administrators can logon,
probably since they're the only ones allowed to open users and groups (even
their own user account).
The code I've used is as follows:

private SortedList ListMembersInGroup() {
 string dirPath = ConfigurationSettings.AppSettings["ADGroupRoot"];
 SortedList userList = new SortedList();
 using (DirectoryEntry _groupEntry = new DirectoryEntry(dirPath, {working
user}, {working pass})) {
  IADsGroup gr = _groupEntry.NativeObject as IADsGroup;
  IADsMembers MembersCollection = gr.Members();
  MembersCollection.Filter = new object[] {"user"};
  foreach (IADsUser member in MembersCollection) {
   DirectoryEntry _user = new DirectoryEntry(member.ADsPath, {working user},
{working pass});
   userList.Add(_user.Name, _user.Properties);
  }
 }
 return userList;
}

public bool IsAuthenticated(string username, string pwd) {
 string pathAndUserName = ConfigurationSettings.AppSettings["ADUserRoot"]
  .Replace("%USERNAME%", username);
 using (DirectoryEntry entry = new DirectoryEntry(pathAndUserName, username,
pwd)) {
  try {
   // Here I get an Unknown exception when the user is not an
administrator...
   Object obj = entry.NativeObject;
  } catch { return false; }
  if (!entry.Path.Equals(pathAndUserName))
   return false;
 }
 return this.ListMembersInGroup().ContainsKey(username);
}

Where
ConfigurationSettings.AppSettings["ADGroupRoot"]="WinNT://ELESTEDT/server/{group}"
ConfigurationSettings.AppSettings["ADUserRoot"]="WinNT://ELESTEDT/server/%USERNAME%"
{working user} is a Administrator account,
{working pass} is the password to the Administrator account,
{group} is the group users have to be in to be allowed to logon.

Any help is appriciated...

Relevant Pages

  • Re: Way to lock email programs?
    ... Would another username and password protect me ... I knowingly accept the risks of running as admin, ... name of the administrator account as well as the password. ... Use a real news client if you want me to see your posts. ...
    (comp.sys.mac.apps)
  • Re: Locked Out
    ... Switching NumLock off allowed me to enter the username and password which were OK. ... I can get a copy of a boot disc from a friend if necessary. ... You can try logging on with the built-in Administrator account and going to Control Panel -> User Accounts to change the password. ... To logon with the built-in Administrator account in XP Home Edition you have to restart the computer and boot into Safe Mode. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Redirect User Folders in Vista
    ... My understanding is that Pat is asking how to create usernames which are not on the C: ... Create a new "disposable" Administrator account. ... If you attempt to "fix up" an existing username by moving files and changing pointers in the registry, you stand a considerable chance of messing up the username and getting the dreaded message "The User Profile Service service failed the logon. ...
    (microsoft.public.windows.vista.administration_accounts_passwords)
  • Pre-Windows 2000 username problem
    ... Recently I noticed that the Administrator account had a pre-Windows 2000 ... I changed that username back to "Administrator" Thinking that was the end of ... access to the server as a precaution, warned the users not to touch the ... overnight, but I'm blowed if I can find it! ...
    (microsoft.public.windows.server.general)