Professional Web Applications Themes

Users login: Nested groups. - ASP.NET Security

Hi there! If anyone could help me... thanks! My problem is this: our application controls the users login with Active Directory. It checks that the user is in the groups we allow, but if one of these groups has a nested group in it, the user isn't checked in this last group (or others, if there were more nested groups). How could we check users in nested groups? Thanks a lot....

  1. #1

    Default Users login: Nested groups.

    Hi there!

    If anyone could help me... thanks! My problem is this: our application
    controls the users login with Active Directory. It checks that the user is
    in
    the groups we allow, but if one of these groups has a nested group in it,
    the
    user isn't checked in this last group (or others, if there were more nested
    groups). How could we check users in nested groups?


    Thanks a lot.
    Tomas Martinez Guest

  2. #2

    Default Re: Users login: Nested groups.

    If you use Windows authentication in IIS and ASP.NET, then the
    WindowsPrincipal created by the runtime will do this for you. Otherwise,
    you need to calculate them correctly somehow. If your AD domain is 2003
    native mode and your server is a domain member, then you can use Kerberos
    S4U to do this easily by creating a WindowsIdentity object using the user's
    userPrincipalName attribute and using the resulting WindowsIdentity to
    create a WindowsPrincipal.

    If you absolutely have to use LDAP to get the user's group membership, I'd
    suggest you use the tokenGroups attribute.
    [url]http://groups.google.com/groups?hl=en&lr=&selm=eGzmt3W9DHA.2404%40TK2MSFTNG P12.phx.gbl[/url]

    Joe K.

    "Tomas Martinez" <TomasMartinezdiscussions.microsoft.com> wrote in message
    news:B3085492-2013-4747-B652-C1A92A7AC84Dmicrosoft.com...
    > Hi there!
    >
    > If anyone could help me... thanks! My problem is this: our application
    > controls the users login with Active Directory. It checks that the user is
    > in
    > the groups we allow, but if one of these groups has a nested group in it,
    > the
    > user isn't checked in this last group (or others, if there were more
    > nested
    > groups). How could we check users in nested groups?
    >
    >
    > Thanks a lot.

    Joe Kaplan \(MVP - ADSI\) Guest

Similar Threads

  1. Selecting users that are in multiple groups
    By jlavetan in forum Macromedia ColdFusion
    Replies: 10
    Last Post: June 13th, 05:44 PM
  2. PrincipalPermission Attribute and Nested Groups
    By Anthony Christianson in forum ASP.NET Security
    Replies: 1
    Last Post: April 9th, 05:05 AM
  3. [Carbon] how do i get a list of users and groups??
    By Logan Murray in forum Mac Programming
    Replies: 2
    Last Post: September 16th, 03:28 PM
  4. adding users to different groups
    By Patryk 'Silver Dream !' Łogiewa in forum Mac Programming
    Replies: 3
    Last Post: August 11th, 11:53 AM
  5. local users and groups
    By nichols in forum Windows Setup, Administration & Security
    Replies: 1
    Last Post: July 9th, 03:14 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139