question

cubangt avatar image
0 Votes"
cubangt asked Bruce-SqlWork answered

Windows authentication asp page

We are working on replacing a old VBscript page that is on a system that is being disabled later this year.. the only purpose this existing page serves is to determine where the user is located and redirect them to another page with some predefined url parameters.

We have an IIS server to host this page, we currently use active directory and all we need is a way to have our intranet point to this page, determine what location the user is from and then populate the url parameters before landing on the 2nd page..

Can anyone offer any suggestions or examples on something that would help us accomplish this?

The users can come from 2 places (main office or store location) if they come from our main office, then the parameters are generic, but if they are from a store location, then the parameters are the 3 digit location number.

mypage.asp?loc=044
or
mypage.asp?loc=main

Since they are already on our network they dont need to login to anything, we use this to present them information specific to their location..

windows-server-iiswindows-server-securitydotnet-aspnet-generaldotnet-ad
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @cubangt,
According to your description, I have some doubts. Your old VBscript page distinguishes where the user came from bases on the loc parameter of the URL, and then redirects to another page. What page do they need to be redirected to? Does the loc parameter in the original URL still remain?

0 Votes 0 ·
MotoX80 avatar image
0 Votes"
MotoX80 answered

What are you replacing the "old VBscript page" with? If the ASP page works, just migrate it to the new server.

https://docs.microsoft.com/en-us/troubleshoot/developer/webapps/iis/general/asp-support-windows

Forum users can't possibly know what that page is doing. Don't you have any web developers in your organization who could look at the code and make recommendations?




5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

cubangt avatar image
0 Votes"
cubangt answered AgaveJoe commented

So the short story is that the old page was some form of work around that apparently worked and was left in place for years and the person or group that supported it is no longer here and the system they set it up on is going away. They have a ASP page yes, BUT that first ASP page sends users (behind the scenes to a "LotusNotes" form, which is where the vbscript is at and gets the users information before sending them to the final ASP that expects the parameters be passed from that page) ....the developer structure here is not typical, and there is no one that works with ASP, so just trying to help point them in the right direction. Plus whomever comes up with the solution is the one that has to support it, so there are no volunteers

Since we know high level what the lotusnotes form/vbscript is doing, we just looking for a ASP option that would work...the whole purpose is to take the user to a page that is specific to their location by default and without them having to login or have to chose their location..

Because every user belongs to specific user groups within AD, figured if ASP could look for 1 specific group, then we would know what location they are from and take them to the page already presenting them with their location information.

And since the script is pointing to the lotusnotes server and using its variables specific to lotus notes, we cant just copy the code over to asp, it woudl still need to be ported over to use AD instead.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Windows authentication is a browser/IIS feature in Windows based Intranet applications. In a standard .NET Framework web application, the user's identity is exposed on the server by...

 User.Identity.Name

Once you have the user, you should be able to look up the user in whatever datastore you're using to get the location.

0 Votes 0 ·
MotoX80 avatar image
0 Votes"
MotoX80 answered MotoX80 edited

I don't see that there is a lot that we can help you with. You already recognize that you need to convert the Lotus Notes web page to either ASP or ASPX. Since it's VB script, you should be able to copy most of the core logic. You just need to put in into an ASP format that displays the appropriate HTML output. If the code is reading a Notes database, then you need to migrate the data to SQL.

Someone has to look at the Notes code to see what it is doing. There has to be some reason that the original developers did not just implement this process entirely in ASP.

https://www.w3schools.com/asp/asp_examples.asp

If you don't have any volunteers, then walk into your managers office and tell him that he needs to assign the task to someone to do the conversion. If your organization doesn't have anyone who can do that, then hire an outside consulting firm who can do the conversion.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Bruce-SqlWork avatar image
0 Votes"
Bruce-SqlWork answered

if I understand correctly, the current page uses the users id to lookup their office in active directly. so you want to create an IIS windows authenticated site and use DirectoryServices to lookup the office.

https://docs.microsoft.com/en-us/dotnet/api/system.directoryservices?view=dotnet-plat-ext-6.0

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

cubangt avatar image
0 Votes"
cubangt answered cubangt edited

So a little update after meeting with our infrastructure team, seems that they have enough information setup for each user and generic accounts within Active Directory that if possible we can get that information to help with this solution.

The active directory properties that contain what we can use would be the "UserPrincipleName" and "SamAccountName"

So i guess my question can be simply broken out into a few things..

1 - How can an ASP page be written to access and retrieve the above 2 properties from Active Directory?


I think starting with that would be a great first step.so any suggestions or examples would be great. because with that, i can provide a concept on what can be done.214429-asp-page.jpg





asp-page.jpg (115.2 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Bruce-SqlWork avatar image
0 Votes"
Bruce-SqlWork answered

as I said you use DirectorySevices. see this thread for example of validating password, and lookup of ad entry:

https://stackoverflow.com/questions/290548/validate-a-username-and-password-against-active-directory

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.