active-directory

问题 I'm working on a Django-based application in a corporate environment and would like to use the existing Active Directory system for authentication of users (so they don't get yet another login/password combo). I would also like to continue to use Django's user authorization / permission system to manage user capabilities. Does anyone have a good example of this? 回答1: Here's another more recent snippet (July 2008, updated Dec 2015): Authentication Against Active Directory (LDAP) over SSL 回答2:

问题 My goal is to move an account to another OU. My understanding is that the following code should do the job. However, it returns false . There is no error, warning or exceptions. How do I debug why this isn't working? secure_ldap.rename( olddn: self.dn, newrdn: "CN=#{self.cn}", delete_attributes: true, new_superior: "#{ou}" ) 回答1: Well, one approach might be to add pry and pry-byebug to your application. Modify your code to include binding.pry then run your application: Frame number: 0/0 From:

问题 I'm developing an application that manages information about users and save the data in a SQL Server. I would like to 'somehow' connect this application with our Active Directory, so all the changes this app will make will be reflected in the Active Directory too (if we add a new user in the app, it will be added also in the Active Directory) Is it possible? if so, which are my options? Thanks in advance 回答1: Don't do it. Let AD be the authoritative copy of your user base, and let the users

问题 I've got AngularJS and Web.API WAAD authentication up and running. For client side I use great library ADAL.JS. For backend I use Microsoft.Owin.Security.OAuth. This part went quite smooth. Now I want to implement authorization based on roles (which will be mapped to WAAD groups). Groups are not included in authentication token so I must ask Azure Graph API for them. I saw various ways to do it, using custom claims providers, adding web services to project, etc. Some examples already

问题 I have an ASP.NET website and I would like to only allow users in an AD group access to the site. I am using a web.config snippet as below, but this does not seem to work: <authorization> <deny users="*" /> <add accessType="Allow" roles="DOMAIN\GroupTest" /> </authorization> Any advice how to implement this is much appreciated! 回答1: You need to change your configuration as follows: <configuration> <system.web> <!-- ... --> <authorization> <allow roles="DOMAIN\GroupTest" /> <deny users="*" />

问题 I've created a small application which attempts to authenticate a user based on their username and password. This application works correctly when run on the same domain which Active Directory resides on. I must now extend the application to also work on domains which are "closed" in terms of security and permissions. In other words, is there a way to run the application based on an administrator account, or an account which has the necessary permissions to access the Active Directory? This

问题 While using loginRedirect() OR acquireTokenRedirect() , I am getting below given error: redirect_uri_mismatch:AADB2C90006%3a The redirect URI 'http%3a%2f%2flocalhost%3a4200%2fsubscription' provided in the request is not registered for the client id 'blah-blah-blah'. Correlation ID%3a 29978079-45a7-4f85-a9bf-4cde9d3adc84 Timestamp%3a 2017-09-29 05%3a32%3a22Z Note: client id is same which I am using in my tenant config as well as configured in Azure. Please let me know why I am getting a

问题 PowerShell is capable of pulling list of 1492 records. When I using Python with ldap3 module I'm bumping into 1000 records limit. Please help me change Python code to exceed the limit. PowerShell input: get-aduser -filter * -SearchBase "OU=SMZ USERS,OU=SMZ,OU=EUR,DC=my_dc,DC=COM" | Measure-Object output: Count : 1492 Average : Sum : Maximum : Minimum : Property : import json from ldap3 import Server, \ Connection, \ AUTO_BIND_NO_TLS, \ SUBTREE, \ ALL_ATTRIBUTES def get_ldap_info(u): with

问题 PowerShell is capable of pulling list of 1492 records. When I using Python with ldap3 module I'm bumping into 1000 records limit. Please help me change Python code to exceed the limit. PowerShell input: get-aduser -filter * -SearchBase "OU=SMZ USERS,OU=SMZ,OU=EUR,DC=my_dc,DC=COM" | Measure-Object output: Count : 1492 Average : Sum : Maximum : Minimum : Property : import json from ldap3 import Server, \ Connection, \ AUTO_BIND_NO_TLS, \ SUBTREE, \ ALL_ATTRIBUTES def get_ldap_info(u): with

问题 I'm trying to use Windows Azure Active Directory as an Identity Provider for my MVC 4 app and need to figure out how to implement a user registration functionality. I know that Graph API can be used for updating WAAD. However, from reading http://msdn.microsoft.com/en-us/library/windowsazure/dn151791.aspx I've got a sense that, in order to use Graph API, a user has to be authenticated through WAAD first. Only then will he receive a token to be used with Graph API. But what if I have an