AD and Asp.Net ?

[WJ]

My IIS-6 box is not a member of the Windows 2003 Forest (a stand alone
active directory). I use Form authentication. I need to verify logon users
against the AD. What do I need in order to do this ? From my understanding,
I would need an AD account/pw with read access to the SAM account (user
object) on the AD box in order to verify my users ?

My IIS box will never be a member of any AD and the web site is configured
to run under "Network Service" account (anonymous). Here is the work flow:

1. User logon to my website
2. Asp.Net page check his/her credential against my MS/SQL user Profile
table. If not match, exit the web.
3. Then send the user's Logon ID/PW to AD for query. If not found, exit the
web. Otherwise, allow user to access the web.

Thanks

John

 

[Daniel Fisher\(lennybacon\)]

You can use FormsAuth and authenticate against the AD by LDAP (try to login
with the given credentials) so you won't need a user account for your app.

My IIS box will never be a member of any AD and the web site is configured
to run under "Network Service" account (anonymous). Here is the work flow:

This is NOT the Account ASP.NET runs under !!! ASP.NET by default uses
"ASPNET"

 

[WJ]

You can use FormsAuth and authenticate against the AD by LDAP (try to
login with the given credentials) so you won't need a user account for
your app.

Thanks for your reply. I got it working OK now. Yes, I still do need an
account from the Domain Forest as a "domain user" and a password. I do not
need to do anything with my current website. All I need is logon to the AD
using the given account, query a given user and log off the AD.

John