ASP.NET AD認證

參考

http://adamschen9921.pixnet.net/blog/post/96401557-c%23%E7%B6%B2%E9%A0%81%E7%99%BB%E5%85%A5ad%E7%B6%B2%E5%9F%9F%E9%80%B2%E8%A1%8Cldap%E9%A9%97%E8%AD%89

https://dotblogs.com.tw/jellycheng/archive/2010/12/14/20116.aspx

https://dotblogs.com.tw/jellycheng/archive/2010/12/14/20115.aspx

 

 

2. Framework 2.0web.config先加

<system.web>

        <compilation debug=”false” strict=”false” explicit=”true”>

              <assemblies>

                         <add assembly=”System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A”/>

              </assemblies>

        </compilation>

</system.web>

 
 

如為Framework 4.0web.config則加

<system.web>

        <compilation debug=”true” targetFramework=”4.0″>

                <assemblies>

                        <add assembly=”System.DirectoryServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A”/>

                </assemblies>

        </compilation>

</system.web>

 
 

 
 

Login.aspx

 
 

<%@ Page Language=”C#” AutoEventWireup=”true” CodeFile=”Login.aspx.cs” Inherits=”Login” debug=”true” %>

<html>

<head>

<title>AD驗證測試</title>

 
 

</head>

<body bgcolor=”#ffffff”>

<form id=”form1″ runat=”server”>

帳號:<asp:TextBox ID=”TextBox1″ runat=”server”></asp:TextBox><br><br>

密碼:<asp:TextBox ID=”TextBox2″ runat=”server” TextMode=”Password”></asp:TextBox><br><br>

<asp:Button ID=”Button1″ runat=”server” Text=”   ” OnClick=”Button1_Click” />

 
 

<asp:Label ID=”Label99″ runat=”server” Text=””></asp:Label>

</form>

</body>

</html>

 
 

 
 

Login.aspx.cs

 
 

using System;

using System.Collections;

using System.Configuration;

using System.Data;

using System.DirectoryServices;

using System.Security.Principal;

using System.Web;

using System.Web.Security;

using System.Web.UI;

using System.Web.UI.HtmlControls;

using System.Web.UI.WebControls;

using System.Web.UI.WebControls.WebParts;

 
 

public partial class Login : System.Web.UI.Page

{

    protected void Page_Load(object sender, EventArgs e)

    {

 
 

    }

 
 

    protected void Button1_Click(object sender, EventArgs e)

    {

        string strComputerName = “192.168.1.1”;  

        string strUserName = TextBox1.Text;

        string strPassword = TextBox2.Text;

 
 

        string strValidateUser = ValidateUser(strComputerName, strUserName, strPassword);

        if (strValidateUser != null)

        {

                Response.Write(“<script>   alert(‘” + strUserName + “認證成功!!!’);</script>”);

        }

        else

        {

                Response.Write(“<script>   alert(‘” + strUserName + “認證失敗!!!’);</script>”);

        }

    }

 
 

    public static string ValidateUser(string ComputerName, string UserName, string Password)

    {

        if (ComputerName.IndexOf(‘.’) != -1)

        {

            DirectoryEntry entry = new DirectoryEntry(LDAP://192.168.1.1/CN=sync,CN=users,DC=test,DC=com, UserName, Password);   //AD上如有建sync帳號就用CN=sync,如無,用CN=administrator也可以

            try

            {

                string objectSid =  (new SecurityIdentifier((byte[])entry.Properties[“objectSid”].Value, 0).Value);

                return objectSid;

            }

            catch

            {

                return null;

            }

            finally

            {

                entry.Dispose();

            }

        }

        else

        {

            DirectoryEntry entry = new DirectoryEntry(“WinNT://” + ComputerName, UserName, Password);

            try

            {

                string objectSid =  (new SecurityIdentifier((byte[])entry.Properties[“objectSid”].Value, 0).Value);

                return objectSid;

            }

            catch

            {

                return null;

            }

            finally

            {

                entry.Dispose();

            }

        }

    }

}

跳至工具列