How to read Windows logged in username with PHP/IIS
If you’ve set IIS to authenticate users one or more of these should contain the username: $_SERVER[‘LOGON_USER’] $_SERVER[‘AUTH_USER’] $_SERVER[‘REDIRECT_LOGON_USER’] $_SERVER[‘REDIRECT_AUTH_USER’]
active-directory
IIS application using application pool identity loses primary token?
Through Microsoft Support I found out that we ran into the issue described in Microsoft Knowledge Base article KB2545850. This only occurs when ApplicationPoolIdentity is used. It occurs very easily, namely, after the machine account password is changed (which by default happens automatically every 30 days), and then IIS is restarted (e.g., through iisreset). Note … Read more
Configure ASP.NET MVC for authentication against AD
Forms Authentication You can use the normal forms authentication to authenticate a user against an Active Directory, for that you just need you AD connection string: <connectionStrings> <add name=”ADConn” connectionString=”LDAP://YourConnection” /> </connectionStrings> and add the Membership Provider to use this connection: <membership defaultProvider=”ADMembership”> <providers> <add name=”ADMembership” type=”System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicToken=b03f5f7f11d50a3a” connectionStringName=”ADConn” connectionUsername=”domain/user” connectionPassword=”pwd” /> … Read more
Querying Active Directory using VBScript
To look at all the members of an OU, try this… Set objOU = GetObject(“LDAP://OU=YourOU,DC=YourDomain,DC=com”) For each objMember in ObjOU ‘ get all the members’ ‘ do something’ Next To do a custom search for DNs try this… set conn = createobject(“ADODB.Connection”) Set iAdRootDSE = GetObject(“LDAP://RootDSE”) strDefaultNamingContext = iAdRootDSE.Get(“defaultNamingContext”) Conn.Provider = “ADsDSOObject” Conn.Open “ADs Provider” … Read more
Retrieve current Windows user in Java EE web application for Single Sign On purposes
WAFFLE is a great solution for this. It does not need Kerberos configuration.
Powershell script to see currently logged in users (domain and machine) + status (active, idle, away)
In search of this same solution, I found what I needed under a different question in stackoverflow: Powershell-log-off-remote-session. The below one line will return a list of logged on users. query user /server:$SERVER
User Group and Role Management in .NET with Active Directory
Using AD for your authentication is a great idea, since you need to add everyone there anyway, and for intranet users there’s no need for an extra login. You’re correct that ASP.NET allows you to use a Provider which will allow you to authenticate against AD, although there’s nothing included to give you group membership … Read more
Authenticating in PHP using LDAP through Active Directory
Importing a whole library seems inefficient when all you need is essentially two lines of code… $ldap = ldap_connect(“ldap.example.com”); if ($bind = ldap_bind($ldap, $_POST[‘username’], $_POST[‘password’])) { // log them in! } else { // error message }
Replacing a string with a variable in Get-ADGroup
This is one of the reasons why using a script block based filter (-Filter {…}) on the cmdlets of the ActiveDirectory Module is not recommended. The -Filter on the Parameter section of the Get-* cmdlets from ActiveDirectory Module states the following: -Filter Specifies a query string that retrieves Active Directory objects. This string uses the … Read more
c# Active Directory Services findAll() returns only 1000 entries [duplicate]
There are two ways around this limitation – see the MSDN docs on DirectorySearcher for details: set the DirectorySearcher.SizeLimit property to some value you need – this will return that given number of entries in a single search; however, you cannot get more than the server limit (default: 1’000 entries) back in a single operation … Read more