.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

Active Directory user impersonation with forms authentication

Posted By:      Posted Date: August 31, 2010    Points: 0   Category :ASP.Net
I've written a small ASP.NET 3.5 application to allow users to update selected account attributes on their own. Everything works fine when I use Basic Authentication, but because the dialog that is presented is less than ideal, I'd like to use forms authentication to give the users more instruction on how to log in. My problem is that in order for the user to update their account information, I have to have the application impersonate them for the update actions. I've scoured the internet trying to find a solution to my issue, but nothing fits or works. I have tried setting the web.config:<identity impersonate="true" /> but that doesn't seem to work. I also have the C# code using the WindowsImpersonationContext class, but still no luck. protected void titleTextBox_TextChanged(object sender, EventArgs e) { TextBox tb = (TextBox)sender; string fieldTitle = "job title"; string fieldName = "title"; if (userDirectoryEntry == null) CaptureUserIdentity(); try { WindowsImpersonationContext impersonationContext = userWindowsIdentity.Impersonate(); if (String.IsNullOrEmpty(tb.Text)) userDirectoryEntry.Properties[fieldName].Clear();

View Complete Post

More Related Resource Links

Forms authentication and Active Directory? Help!

Hi, im new to sharepoint 2010. im in a situation whereby i would like to allow users that already have Active directory accounts log into sharepoint. The problem arises when i need to allow external users to log into the sharepoint site too and it will not be possible to add them into the active directory. Is there a way to resolve this problem? Appreciate all help given! Thanks! norphos

MVC Forms Authentication With Active Directory

Hi there,I am just getting started with MVC and I was wondering if someone could point me in the right direction for help with forms authentication using active directory? I have the sample site up but the results I have found on google have not been very helpful in answering this question.This site is going to be an intranet page that we want users to be able to access without logging in when they access it from our network while they must login when trying to access it from home.Any suggestions of where to start?

Forms authentication using Active Directory


I need some help troubleshooting authenticating via AD. All i get from my web application is "Your login attempt was not successful. Please try again." Allthough if i look at my PDC it shows NT AUTHORITY\ANONYMOUS LOGON in the event for my authentication request. I am using the Login.aspx auto generated.

Here is my web.config file:

<?xml version="1.0"?>
		<remove name="LocalSqlServer"/>
		<add name="GoliathConnectionString" connectionString="Data Source=RBBCM\MAPDB;Initial Catalog=Goliath;Integrated Security=True" providerName="System.Data.SqlClient"/>
		<add name="ThirteenConnectionString" connectionString="Data Source=RBBCM\MAPDB;Initial Catalog=Datamine;Integrated Security=True" providerName="System.Data.SqlClient"/>
		<add name="BugTrackerConnectionString" connectionString="Data Source=RBBCM\MAPDB;Initial Catalog=BugTracker;Integrated Security=True" providerName="System.Data.SqlClient"/>
    <add name="ADConnectionString" connectionString="LDAP://SSC1/CN=Users,dc=rbbcsc,dc=k12,dc=in,dc=us" />
    <customErrors mode="Off"/>
    <compilation debug="true"/>
    <authentication mode="Fo

Error on Display user's fullname using Active Directory in asp.net using vb.net



wi As System.Security.Principal.WindowsIdentity =  _System.Security.Principal.WindowsIdentity.GetCurrent()



Dim a As String() = HttpContext.Current.User.

Forms based users being prompted for windows authentication login for My Sites photos in user lists

Here's an issue I didn't see coming for our forms based authentication users. 

We have a web application extended to an external url to handle forms based authentication for users outside of our domain. Our setup looks like this...

Internal Users/Windows Authentication - moss.domain.com
External Users/Forms Based - mossext.domain.com
My Site for Internal Users - mysites.domain.com

When our forms based users are accessing user lists, or discussion pages that display user pictures, they are getting a windows authentication login for our internal users (mysites.domain.com) who have populated their my site with personal photo.

How do we fix this? 

Authentication With Active Directory AD Getting properties


Authentication with AD is just a call to the predefined function.. Surprised
you just need following references:Embarassed

using System.DirectoryServices;
using System.DirectoryServices.AccountManagement;
using System.DirectoryServices.ActiveDirectory;

and one dll:
using UserAuthentication; //dll that you need to be download.. search for it from our god: googleWink


string adPath = "LDAP://" + System.Configuration.ConfigurationSettings.AppSettings["DefaultActiveDirectoryServer"];
ActiveDirectoryValidator adAuth = new ActiveDirectoryValidator(adPath);
if (adAuth.IsAuthenticated(domainName, userName, password))
//user is authenticated with the given username and password<br/></div></div><div class=

Automatic expiration of forms authentication when user closes the browser windows without signing ou

Dear all, can u tell me how to automatically sign out a user if he/she closes the browser window without signing out. I'm using Forms Authentication.   Thanks 

Changing an authentication of SharePoint site from SQL-FBA to Active Directory

Hi,      We are using MOSS 2007. I have customized a web application using Custom web part, features and ASPX pages. we have configured SQL-Form based Authentication for this site. I have also used FBA user management functionality from Codeplex. I have created some groups and my application (custom aspx page) is referencing these groups to send an email to specific person as per his role for certail events.        I have a requirement to migrate this set up on other server and change the authentication from SQL-FBA to Active Directory. So if I have to change the Authentication from SQL-FBA to AD then what are the steps I have to follow to make this happen?      I would appreciate any help on this. Thanks, Patav    

Import user profile from another domain active directory

Hi, I have SharePoint 2010 running on DomainB andwe have corporate users on DomainA. i need to import users from both domainA and DomainB. I am able to import users from domainB and not able to import users from DomainA. I made a successful connection to both Domain A Ad and DomainB AD in SharePoint 2010 user profile synchronize connections. I am able to sync users only from DomainB (SharePoint 2010 running on domainB) and not able to synchronize profiles from DomainA (outside domain). Is there any additional configuration I need to do. Please help me on this issue. Thanks, Ratna

LDAP - directory entry issue with out user and password using impersonate and windows authentication

Hi All I am using the below code to fetch the user information from LDAP             DirectoryEntry entry = new DirectoryEntry("LDAP://DEV");             DirectorySearcher searcher =  new DirectorySearcher(entry);             SearchResult result;             searcher.Filter = "samaccountname=testuser";             result = searcher.FindOne(); here i am using windows authentication always and along with that when i enable the impersonate = true ,  the code fails at "result = searcher.FindOne();" with message "object reference not set to instance of an object "  also with the same code if i give the username and password along with the impersonate tag >> it works  or if i am using the user and password along with the DirectoryEntry  object then also it will work  but it fails with same user that i gave in impersonate tag / directory entry object with windows authentication enabled  and the  user logged to the application and no username and password tag in directory entry / impersonate tag  Interesting thing is that  in our development server ,  i am able to execute the same code with out user name p

Forms Authentication sending user to LoginURL on first hit of page even though page has [allow users

On the first hit, and only the first hit, to my page having [ALLOW users="*"] in the web.config, the user is redirected to the LoginUrl, but on all subsequent visits to the page, the user IS allowed access.  The user shoud ALWAYS be allowed access to this page.  I suspect it is a configuration problem, so here are snippets of my web.config... <compilation debug="false" strict="true" explicit="true" /> <trace enabled="false"/> <authentication mode="Forms"> <forms protection="All" cookieless="UseCookies" requireSSL="false" slidingExpiration="false" timeout="20" name="12345678-1234-1234-1234-123456789012" loginUrl="~/Web/Login.aspx" defaultUrl="~/Web/MyPage.aspx" enableCrossAppRedirects="false" /> <authentication> <httpCookies httpOnlyCookies="true" /> <sessionState cookieless="UseCookies" />         <location path="Web/Contact.aspx"> <system.web> <authorization> <allow users="*"/> <authorization> <system.web> <location>   Can you help me figure out why users are not ALWAYS allowed access to the /Web/Contact.aspx page? Thx!      

Notify user of forms authentication timeout

When the forms authentication cookie expires, I'm trying to override the default behavior of redirecting to the login page, and pass a value on the querystring (timeout=true), so I can inform the user what has happened.I'm prepared to work out the logic to know if they have actually timed out or not, I just don't know the best place to override where the response is redirected to the login page.  The best place I can find is "FormsAuthentication_OnAuthenticate", but perhaps you know of a better place?Thanks!

Unable to see Active Directory Groups in the User Profile Database after Profile Import

SharePoint Server 2010 Enterprise RTM. W2K8R2 w/multi-server setup: AD/DNS SQL 2008 WFE APP Claims Mode Web App only using Windows Integrated Auth So, this was never a problem in 2007, and I didn't even realize it was a problem in 2010 until I started to build a solution that utilized my blog article: InfoPath - User Roles in Browser-Enabled Forms Using AD Groups.  I went to utilize the same web method of the same web service, but I noticed that no data was showing up at all.  Typically, the GetUserMembership/GetCommonMembership methods return the specified user's memberships: AD Security Groups, AD Distribution Lists, and SharePoint Sites (not SharePoint Groups, though). My user profile sync is working.  All AD users are pulled in with the proper profile data. "Users and Groups" is selected in the Synchronization Entities section of my Sync Settings. Security groups are working for permissions and audience targeting.  Confirmed my users are affected properly by the use of Security Groups. My query to the GetUserMemberships web method (and GetCommonMemberships) is running (not failing), but it's not returning anything even though my user is in some Security Groups and has explicit membership to multiple sites. The GetUserProfileByName method of the same UserProfileService.asmx web service returns all the regular profile data

Active Directory Authentication with Login Control ASP.Net 3.5 or 4


Hello, I am trying to follow instructions on how to create a login page that tests against active directory.  My issue is all of the tutorials seem to be written for ASP.NET 2.0.  When I try to follow them I cannot get them to work.  Does anyone have any tutorial or information for .NET 3.5 or 4.0?


Is there a way to undo/remove/delete an active directory user profile syncronization? [SP 2010]


I successfully managed to synchronize the active directory with Sharepoint 2010.  Unfortunately, the farm I was on has different FQDN /Netbios domain names.  So all ~1000 user profiles are now imported with the wrong domain, and the subsequent errors one would expect.


Is there a way to get back to a blank slate?  technet has an article on "resetting" profile synchronization (http://technet.microsoft.com/en-us/library/ff681014.aspx), but that requires being able to verify the GUID of the user profile synchronization database, which I am also unaware of how to do.


Please help, and thank you in advance.

Active Directory User validation field in ASP.NET


I like to add a field that add active directory user in ASP.NET Web Application .




Thanks in Advance



Active Directory - User Deletion - Sync with MOSS 2007


Greetings -

I need to know if there is a sync tool that can scan all sites in a site directory and remove users that have been deleted or marked inactive within Active Directory?  I work in a company which has freaquent turn over in some positions due to internships and the like and I want to ensure that we have clean site permissions. 

Thank you for any suggested sites or addins. 


ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend