I have a working login control that validate against the Active Directory.
I am trying to get it further so that the application can silently (from the user perspective) authenticate users by using just the domain name and Windows user name first and then it that fails they will see the username/password entering screen. I can retrieve the user info just fine using GetEnvironmentVariable but how do I go about checking if the user name exists in the AD and automatically authenticate the user? I am in a Intranet environment and not too concern about security associated with the lack of password.
The idea is that if users can log in Windows just fine why bother with another layer of security that asks the same username and password.

I think you need IE to do that. FireFox won't pass the Windows credentials.

You can read Active Directories a number of ways. One is ADSI but if you can avoid that you want to. Here is a bunch of sample code for .net and AD.

Quote:

Originally Posted by Learning Newbie

I think you need IE to do that. FireFox won't pass the Windows credentials.

You can read Active Directories a number of ways. One is ADSI but if you can avoid that you want to. Here is a bunch of sample code for .net and AD.

Thanks for the response, after your input I tried the website you referred. I found an article about creating a ticket and authenticate the user but I cannot seem to get it to work, after the ticket is created the default page is simply displayed as not found. Am I heading the right direction?

Code:

Protected Function AuthenticateUser(ByVal Path As String) As Boolean
  'check to see if the retrieved username exists in the AD, return true if found     
End Function

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs)
        Dim adPath As String
        adPath = "MyLDAPath"
        
        Dim cn As String = Environment.GetEnvironmentVariable("COMPUTERNAME")
        If AuthenticateUser(adPath) = True Then
            Dim ticket As New FormsAuthenticationTicket(2, "webtest", DateTime.Now, DateTime.Now.AddHours(3), False, cn)
            Dim encryptedTicket As String = FormsAuthentication.Encrypt(ticket)
            Dim authenticationCookie As New HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
            Response.Redirect("home.aspx")
        Else
            Response.Write(" Failed Authentication")
        End If
    End Sub

Yeah, actually, it looks like you're well upon your way in the right direction. I'd say it's only one line causing this bug you're seeing.

Response.Redirect("home.aspx")

I don't know your app setup well enough to tell you exactly what the correct code should be. My first guess is "/home.aspx" because the authentication code is likely to be in your App_Code folder? The way the redirect is coded, it wants your home page to be in the same folder, whatever that might be.