stryder83
July 27th, 2005, 04:28 PM
Hi everyone,
I am building a web site for a company that branches off to different department sites, and I want IIS or ASP to authenticate the user and allow/deny them based on their domain group.
We are using Active Directory, and I am currently hosting the site from a PC running XP Pro and IIS 5.1.
I came closest to this working in ASP, where I used the "Request.ServerVariables" method to obtain the "LOGON_USER" and "AUTH_PASSWORD" and place the values into user-defined variables. Seeing as I have Basic Authentication set in IIS, when the user tries to access the ASP page it prompts for a username and password. These values are grabbed from the 2 "Request.ServerVariables" methods mentioned above.
However, this doesn't solve my problem. I could use an "if....then" statement to validate the username and password, but that would require me to update the asp page every time a user changes his password.
Ideally, I want ASP to grab the domain group the user belongs to from Active Directory and place it into a user-defined variable. This way I can validate using the domain group, rather than the user's password.
Also, if there is a way to do this in IIS I would do that to.
Thanks,
Brandon
I am building a web site for a company that branches off to different department sites, and I want IIS or ASP to authenticate the user and allow/deny them based on their domain group.
We are using Active Directory, and I am currently hosting the site from a PC running XP Pro and IIS 5.1.
I came closest to this working in ASP, where I used the "Request.ServerVariables" method to obtain the "LOGON_USER" and "AUTH_PASSWORD" and place the values into user-defined variables. Seeing as I have Basic Authentication set in IIS, when the user tries to access the ASP page it prompts for a username and password. These values are grabbed from the 2 "Request.ServerVariables" methods mentioned above.
However, this doesn't solve my problem. I could use an "if....then" statement to validate the username and password, but that would require me to update the asp page every time a user changes his password.
Ideally, I want ASP to grab the domain group the user belongs to from Active Directory and place it into a user-defined variable. This way I can validate using the domain group, rather than the user's password.
Also, if there is a way to do this in IIS I would do that to.
Thanks,
Brandon