Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Stuck on Authentication to Active Directory from Internet

  • 21-11-2008 5:29pm
    #1
    Registered Users, Registered Users 2 Posts: 2,894 ✭✭✭


    Right. Here's my issue. I am using SQL2000, IIS 7.0, ASP .NET
    • I have an IIS Server sitting in a DMZ.
    • I have a SQL Server sitting in our intranet.
    • I have an Active Directoy server in our intranet (can query it via SQL LDAP Queries, DirectoryServices etc etc).
    • IIS Server cannot see the Intranet Active Directory.
    • The IIS Server can access the SQL Server.
    I need to be able to authenticate a user from a website on the IIS Server passing his/her username/password through a simple login screen (I can encrypt these using a 3rd party dll and SSL Cert so no issues there), so that I can authenticate his/her user credentials by querying/interrogating Active Directy via some method through the SQL Server. The username/password passed through will be their Active Directory/Domain username/password credentials. I don't want to have to store usernames/passwords in a table on the SQL Server as I want the users to use their current password that they use to log on to their Domain on the intranet.

    Any suggestions/ideas ?

    Cheers,
    TC


Comments

  • Moderators, Society & Culture Moderators Posts: 9,689 Mod ✭✭✭✭stevenmu


    If you can't allow access from the IIS box to the AD, you won't be able to directly authenticate against AD. What you can possibly do (I think) is try to use ASP.Net delegation progmatically to open your connection to SQL. If the connection succeeds count the user as authenticated, if not it's an invalid user/pass. This assumes your SQL box can see the AD and it means that everyone who uses the site will need rights to access the SQL box. Even at that I'm not sure if it'll work without the IIS box being able to see the AD.


Advertisement