MikeBronner
Programmer
Could someone post an example of ASP code used to query LDAP without any proprietary components?
Thanks! Take Care,
Mike
Thanks! Take Care,
Mike
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Example of ASP LDAP query string? 14
- Thread starter MikeBronner
- Start date
- Status
1888888,
I'm not clear what you want to do. But here is a simple asp form that does authentication:
You will need to modify the DN string to match your domain.
zcolton
I'm not clear what you want to do. But here is a simple asp form that does authentication:
Code:
<%@ Language=VBScript %>
<%
on error resume next
fsCompletted = Request.QueryString("f")
If fsCompletted = 1 Then
ResultHTML = ProcessForm
else
ResultHTML = "<br>"
End If
Function ProcessForm
on error resume next
const ADS_SECURE_AUTHENTICATION=&h0001
oUsername=Request.Form("username")
oPassword=Request.Form("password")
DN="LDAP://SERVERNAME/cn=users,dc=microsoft,dc=com"
Set MyNamespace = GetObject("LDAP:")
Set X = MyNamespace.OpenDSObject(DN, oUserName, oPassword, ADS_SECURE_AUTHENTICATION)
if err.number=0 then
HTML = "<p>Authenticated</p>"
else
HTML = "<p>Not Authenticated</p>"
end if
Set MyNamespace = Nothing
Set X = Nothing
ProcessForm=HTML
End Function
PostURL = Request.ServerVariables("SCRIPT_NAME") & "?f=1"
%>
<HTML>
<HEAD>
</HEAD>
<BODY>
<%=ResultHTML%>
<%
if request.querystring("f")="" then
%>
<form method="post" Action="<%=PostURL%>">
<p>Username : <input type="text" Name="username" Size=10></p>
<p>Password : <input type="password" Name="password" Size=10></p>
<input Name=SubmitButton Value="Authenticate User" Type=submit>
</form>
<%end if%>
</BODY>
</HTML>You will need to modify the DN string to match your domain.
zcolton
Thanks for that zcolton this all works great on my machine but when I gave the link to others it doesn't work. Any ideas as to why. Its says it can't authenticate the user, however it works fine for me because iis is on my computer. Thanks for your help!
hi zcolton,
The authorisation of the user works for any computer but I still seem to have problems getting the ldap info like name, email from other computers works fine from my because I am hosting IIS, do you have any ideas. It says it can't find table, I have the anomyous access switched off.
Thanks
18888888
The authorisation of the user works for any computer but I still seem to have problems getting the ldap info like name, email from other computers works fine from my because I am hosting IIS, do you have any ideas. It says it can't find table, I have the anomyous access switched off.
Thanks
18888888
1814,
You can't write data through LDAP. LDAP connections are read only. You will need to use an alternate method. What do you want to be able write?
1888888,
Please give me a full description of what you want to do and I can tell you what you need to change.
zcolton
You can't write data through LDAP. LDAP connections are read only. You will need to use an alternate method. What do you want to be able write?
1888888,
Please give me a full description of what you want to do and I can tell you what you need to change.
zcolton
1888888,
I think I have what you're looking for. No customizations required. It's generic, but it does require that the IIS server is at least a domain member. The usernmae field will accept DOMAIN\username or username@domain.com. If the username and password authenticates, so user info is displayed.
zcolton
I think I have what you're looking for. No customizations required. It's generic, but it does require that the IIS server is at least a domain member. The usernmae field will accept DOMAIN\username or username@domain.com. If the username and password authenticates, so user info is displayed.
Code:
<%@ Language=VBScript %>
<%
fsCompletted = Request.QueryString("f")
If fsCompletted = 1 Then
ResultHTML = ProcessForm
else
ResultHTML = "<br>"
End If
Function ProcessForm
on error resume next
oUsername=Request.Form("username")
oPassword=Request.Form("password")
strUserName = Right(oUsername, Len(oUsername) - InStrRev(oUsername, "\"))
if InStr(strUserName, "@")>0 then
strUserName = Left(strUserName, InStr(strUserName, "@")-1)
end if
Set objDomain = GetObject("GC://rootDSE")
objADsPath = objDomain.Get("defaultNamingContext")
Set objDomain = Nothing
Set con = Server.CreateObject("ADODB.Connection")
con.provider ="ADsDSOObject"
con.Properties("User ID") = oUsername
con.Properties("Password") = oPassword
con.Properties("Encrypt Password") = False
con.open "Active Directory Provider"
Set Com = CreateObject("ADODB.Command")
Set Com.ActiveConnection = con
Com.CommandText ="select name,telephonenumber,mail FROM 'GC://"+objADsPath+"' where sAMAccountname='"+strUsername+"'"
Set rs = Com.Execute
if err.number=0 then
HTML = "<p>"+rs("name")+"<br>"+rs("telephonenumber")+"<br>"+rs("mail")+"</p>"
else
HTML = "<p>Not Authenticated</p>"
end if
rs.Close
con.Close
Set rs = Nothing
Set con = Nothing
ProcessForm=HTML
End Function
PostURL = Request.ServerVariables("SCRIPT_NAME") & "?f=1"
%>
<HTML>
<HEAD>
</HEAD>
<BODY>
<%=ResultHTML%>
<%
if request.querystring("f")="" then
%>
<form method="post" Action="<%=PostURL%>">
<p>Username : <input type="text" Name="username" Size=10></p>
<p>Password : <input type="password" Name="password" Size=10></p>
<input Name=SubmitButton Value="Authenticate User" Type=submit>
</form>
<%end if%>
</BODY>
</HTML>zcolton
Hi Can someone help me with converting belwo JAVA code to ASP and Write to LDAP. I really appreciate your help on this.
URL url = new URL(" + ldapProps.getProperty("host") + ":" + ldapProps.getProperty("port") + "/CON?app
=ApplicationName&uid=" + ldapProps.getProperty("sess_user") + "&pwd=" + ldapProps.getProperty("sess_pwd") + "&rtype=nvpairs");
StringBuffer sb = new StringBuffer();
InputStreamReader isr = new InputStreamReader(url.openStream());
char[] data = new char[4096];
int n = 0;
while((n=isr.read(data, 0, 4096)) != -1)
sb.append(data, 0, n);
isr.close();
String xmlInput = "<?xml version=\"1.0\"?>\n" + sb.toString();
DOMParser parser = (DOMParser)Class.forName("org.apache.xerces.parsers.DOMParser").newInstance();
parser.parse(new InputSource(new StringReader(xmlInput)));
Document doc = parser.getDocument();
if(doc.hasChildNodes()){
Node top = doc.getFirstChild();
String name = top.getNodeName();
if(name.equals("CON")){
boolean found = false;
if(top.hasChildNodes()){
for(Node ch = top.getFirstChild();ch != null; ch = ch.getNextSibling()){
if(ch.getNodeName().equals("sess")){
sessionId = ch.getFirstChild().getNodeValue();
found = true;
}
if(ch.getNodeName().equals("reason")){
if(ch.getFirstChild().getNodeValue().equals("user already in session")
){
found = true;
expireSession();
}
}
}
}
if(!found)
throw new Exception("Session ID could not be obtained:\n" + xmlInput);
}
}
}
Adding User to the group in LDAP
{
String usr = "/AUG?app=%sess%&grp=" + gname + "&uid=" + userid + "&pwd=”+password+”&rtype=nvpairs";
Object[] st = WeisXMLParser.TagIdValues(usr, "status");
for(int i=0; i<st.length; i++){
System.out.println((new java.util.Date()).toString() + " " + (String)st);
}
if(((String)st[0]).equals("OK")){
System.out.println((new java.util.Date()).toString() + " successful to get the result ");
return true;
}else{
Object[] reason = WeisXMLParser.TagIdValues(usr, "reason");
description = (String) reason[0];
return false;
}
}catch(Exception e){
e.printStackTrace();
return false;
}
URL url = new URL(" + ldapProps.getProperty("host") + ":" + ldapProps.getProperty("port") + "/CON?app
=ApplicationName&uid=" + ldapProps.getProperty("sess_user") + "&pwd=" + ldapProps.getProperty("sess_pwd") + "&rtype=nvpairs");
StringBuffer sb = new StringBuffer();
InputStreamReader isr = new InputStreamReader(url.openStream());
char[] data = new char[4096];
int n = 0;
while((n=isr.read(data, 0, 4096)) != -1)
sb.append(data, 0, n);
isr.close();
String xmlInput = "<?xml version=\"1.0\"?>\n" + sb.toString();
DOMParser parser = (DOMParser)Class.forName("org.apache.xerces.parsers.DOMParser").newInstance();
parser.parse(new InputSource(new StringReader(xmlInput)));
Document doc = parser.getDocument();
if(doc.hasChildNodes()){
Node top = doc.getFirstChild();
String name = top.getNodeName();
if(name.equals("CON")){
boolean found = false;
if(top.hasChildNodes()){
for(Node ch = top.getFirstChild();ch != null; ch = ch.getNextSibling()){
if(ch.getNodeName().equals("sess")){
sessionId = ch.getFirstChild().getNodeValue();
found = true;
}
if(ch.getNodeName().equals("reason")){
if(ch.getFirstChild().getNodeValue().equals("user already in session")
){
found = true;
expireSession();
}
}
}
}
if(!found)
throw new Exception("Session ID could not be obtained:\n" + xmlInput);
}
}
}
Adding User to the group in LDAP
{
String usr = "/AUG?app=%sess%&grp=" + gname + "&uid=" + userid + "&pwd=”+password+”&rtype=nvpairs";
Object[] st = WeisXMLParser.TagIdValues(usr, "status");
for(int i=0; i<st.length; i++){
System.out.println((new java.util.Date()).toString() + " " + (String)st);
}
if(((String)st[0]).equals("OK")){
System.out.println((new java.util.Date()).toString() + " successful to get the result ");
return true;
}else{
Object[] reason = WeisXMLParser.TagIdValues(usr, "reason");
description = (String) reason[0];
return false;
}
}catch(Exception e){
e.printStackTrace();
return false;
}
zcolton, love your work, thanks for a great little tool.
just wonding if you could help me custamise the list.asp page to display all users in the "Department" ( i am guessing that is the only one you need to change).
I still want the letters across the top to allow staff to Drill down. but it would be good to see the full list shen it is selected.
thanks in advance
Scott
thanks Heaps
In the last few nights i have been having a little play and come up with
how ever it is very messy (i just cut and pasted till it worked)
thanks heaps
Scott
In the last few nights i have been having a little play and come up with
how ever it is very messy (i just cut and pasted till it worked)
thanks heaps
Scott
To all:
I've updated some code in my ASP phonebook.
You can now view a list of all users by selecting "*" in the alphabet listing. I also changed the sendmail feature to use CDO instead of JMAIL.
The new zip file containing the entire phonebook is at:
If there are any other requests please let me know.
zcolton
I've updated some code in my ASP phonebook.
You can now view a list of all users by selecting "*" in the alphabet listing. I also changed the sendmail feature to use CDO instead of JMAIL.
The new zip file containing the entire phonebook is at:
If there are any other requests please let me know.
zcolton
CityWebGuy
MIS
zcolton,
I have found all your postings to be every helpful. I was wondering if you could help me. I have the following code
SET obSys = CreateObject("ADSystemInfo")
SET adsUser = GetObject("LDAP://" & obSys.username)
FOR EACH group in adsUser.MemberOf
response.write (group & "<BR>")
NEXT
and it returns a listing of all the groups in the following format.
CN=Domain Users,CN=Users,DC=opc,DC=local
Here is my question is there a way to get LDAP to return just the group names? Like "Domain Users" instead of the line above?
I have found all your postings to be every helpful. I was wondering if you could help me. I have the following code
SET obSys = CreateObject("ADSystemInfo")
SET adsUser = GetObject("LDAP://" & obSys.username)
FOR EACH group in adsUser.MemberOf
response.write (group & "<BR>")
NEXT
and it returns a listing of all the groups in the following format.
CN=Domain Users,CN=Users,DC=opc,DC=local
Here is my question is there a way to get LDAP to return just the group names? Like "Domain Users" instead of the line above?
This Post is JUST what all Network admin should read. Except I have a problem with zcolton's generic script. How can I request other information such as description, ou, msExchHomeServerName, and such? When I run the wonderful script, with modifications, I get a blank(white) page. Any help would be appreciated.
- Status
Similar threads
- Locked
- Question
- Locked
- Question