Rob, Try these one or combination of following options.
Option #1 Check the ldap path. Try with LDAP://dc=XXX,dc=org Option #2 Pass the user as [email protected] rather than <loginname>. The complete one with domain. Also you can try as xxx\loginname In case of authentication only, why cant you use impersonate, iff the machine & logon user is in domain? It will take current login credentials,where end user efforts will get reduced of re-login . This will be more useful if the clients is having n number of applications which requires AD authentication. How you are defining which member can access the appilcation? By using member groups??? In that case, you can use IsInRole(GroupName).For better understanding of Authentication, go through WindowsIdentity class. For memberships, go through WindowsPrincipal Class. For application restrictions defined by rbs(role based system) refer PrincipalPermission class. In case of further assistance, pls give the forest structure. Eg, Are you trying to authenticate with in same forest or other, parent-child relationship. Rgds, Velsankar. On Aug 28, 9:19 pm, rob muzzy <[email protected]> wrote: > I have two functions > > Private Function AuthenticateUser() As Boolean > Dim username = txtUN.Text > Dim password = txtPW.Text > 'Dim domain As String = 'this can be in a config file, hard > coded (I wouldnt do that), or inputed from the UI > Dim domain As String = "LDAP://XXX.ORG/ > CN=DrugReports,OU=Application Access Groups,OU=Security Groups - > Global,DC=jmhosp,DC=org" > Dim isAuthenticated As Boolean = > ValidateActiveDirectoryLogin(domain, username, password) > Return isAuthenticated > End Function > > Private Function ValidateActiveDirectoryLogin(ByVal Domain As > String, ByVal Username As String, ByVal Password As String) As Boolean > Dim Success As Boolean = False > Dim Entry As New System.DirectoryServices.DirectoryEntry > (Domain, Username, Password) > Dim Searcher As New System.DirectoryServices.DirectorySearcher > (Entry) > Searcher.SearchScope = DirectoryServices.SearchScope.OneLevel > Try > Dim Results As System.DirectoryServices.SearchResult = > Searcher.FindOne > Success = Not (Results Is Nothing) > Catch ex As Exception > Success = False > End Try > Return Success > End Function > > I Know I am a member of this group but I cannot authenticate against > it. > If i Just change the domain to XXX.ORG and get rid of all the > containers it authenticates fine however I want AD to control which > users can access the application > > can someone help?
