active-directory

问题 I'm trying to use Windows Azure Active Directory as an Identity Provider for my MVC 4 app and need to figure out how to implement a user registration functionality. I know that Graph API can be used for updating WAAD. However, from reading http://msdn.microsoft.com/en-us/library/windowsazure/dn151791.aspx I've got a sense that, in order to use Graph API, a user has to be authenticated through WAAD first. Only then will he receive a token to be used with Graph API. But what if I have an

问题 Just wrote a script that disables an account, moves it to a disabled OU and changes the description on the user object, but I want to make it more efficient. My work AD structure has all users under Root - accounts OU, and the 50 or so department OUs under that accounts OU. How can I START my search at the accounts OU and have it check every sub OU in accounts? 回答1: If I understand you correctly, you need to use -SearchBase: Get-ADUser -SearchBase "OU=Accounts,OU=RootOU,DC=ChildDomain,DC

问题 I do have a web application where i have a login page.How do i authenticate against the active directory users ? As of now i am able to get some properties from the active directory,which concludes i am able to communicate with AD with LDAP string.I know its not possible to extract password from AD and authenticate against user entered password !!. Is there a way i can authenticate against the active directory users ? Here is my code so far public class Userdetails { public static string

问题 I am using LdapAuthentication to log a user into Active Directory. I want to find all the groups that the user belongs to. I am using the following code: string adPath = "LDAP://OU=HR Controlled Users,OU=All Users,DC=myDomain,DC=local"; LdapAuthentication adAuth = new LdapAuthentication(adPath); try { if (true == adAuth.IsAuthenticated("myDomain", txtLoginEmail.Text, txtLoginPassword.Text)) { string email = txtLoginEmail.Text; using (PrincipalContext context = new PrincipalContext(ContextType

问题 I would like to find out if there is any .Net way to validate an Active Directory user credential even if the user's password is expired or the user has "user must change password at next logon" set. I have tried PrincipalContext.ValidateCredential and this returns false for my user. I also tried Ldap Bind and that does not work either. My purpose is to authenticate the user and then prompt him with a change password dialog if his password is expired or he has to change passwored at next

问题 In my asp.net mvc app i am using the activedirectorymembershipprovider. In the active directory i have created a couple of roles (groups) similar to, for simplicity of this example, "normal" and "administrator". I am currently querying whether user is in role by getting the IPrincipal of the httpcontext and calling User.IsInRole(nameOfRoleGoesHere);. The behaviour im looking for is for me to be able to ask whether user is in role "administrator" and then implicitly be asking whether user is

问题 This question already has answers here : How do I resolve “WILL_NOT_PERFORM” MS AD reply when trying to change password in scala w/ the unboundid LDAP SDK? (3 answers) Closed 2 years ago . when I create a user using JNDI to communicate to active directory , I am now getting LDAP Error 53 (WILL_NOT_PERFORM) . I'm trying set password for the created user. Also I've disabled the 'User must change password at next logon' option. attrs.put("unicodePwd", "\"Test123\"".getBytes("UTF-16LE") ); String

问题 This question already has answers here : How do I resolve “WILL_NOT_PERFORM” MS AD reply when trying to change password in scala w/ the unboundid LDAP SDK? (3 answers) Closed 2 years ago . when I create a user using JNDI to communicate to active directory , I am now getting LDAP Error 53 (WILL_NOT_PERFORM) . I'm trying set password for the created user. Also I've disabled the 'User must change password at next logon' option. attrs.put("unicodePwd", "\"Test123\"".getBytes("UTF-16LE") ); String

问题 I have very limited knowledge in AD and LDAP queries so I have a simple question on how to use wildcards. Supposed there is object with a displayName of "ITSM - Problem Management" My current implementation of the filter with a wildcard is as such: (displayName=SEARCHKEYWORD*) If a user would enter a keyword of "Problem", he wouldn't be able to find the object since it needs the first part of the name, that is "ITSM - " I would like to implement the wildcard on both ends like below:

问题 I am trying to find out how to secure my web services with Windows Authentication (Active Directory). I am using the "NEW" templates provided for c# 4.0 (vs 2010) and currently have this but i need to host it in a windows service - is this possible? I thought the WCF Rest clientCredentialType ="Windows" actually uses IIS to provide this type of security? I have searched the internet and found many examples with C# 3.5 but none for the new template provided to vs 2010 C# 4.0 to create a rest