| fsu torches | | florida state university |
  FSUID Home > Project Documentation > Project History > 02/08/2006 | Home | Search | Help | Contact || Home || Search || Help || Contact |


References

LDAP/eDir Documents
LDAP
Windows AD LDAP Schema

 
   
  
VB Script that Makes an SSL LDAP Connection
February 8, 2006
 

Below is a VBScript file that performs a secure authentication against mdsoti.

'==========================================================================
'
' VBScript Source File -- Created with SAPIEN Technologies PrimalScript 3.1 '
' NAME: ldapauth.vbs
'
' AUTHOR: Technology-Enhanced Classrooms , University Computing Services ' DATE : 7/7/2005 '
' COMMENT: Authenticates user against mdsoti ldap server using secure channel '
'==========================================================================
 Option Explicit

'usage: wscript.Echo AuthUser("username", "password") wscript.Echo AuthUser("fsuid", "password")

Function AuthUser(strFSUID, strPwd)

    Const ADS_FAST_BIND_SSL = 34 'forces fast binding and SSL connection
    Const strADSPath =
    "LDAP://mdsoti.fsu.edu:636/ou=People,dc=fsu,dc=edu" 'full path to LDAP server
    Const strProxyUser = "proxy-user" 'proxy username For establishing initial connection to LDAP
    Const strProxyPass = "proxy-pass" 'proxy password For establishing initial connection To LDAP

    Dim conADODB 'LDAP admin connection
    Dim comADODB 'User DB connection
    Dim rsLDAP 'recordset to hold user information
    Dim dsoLDAP 'LDAP system object
    Dim conUser 'LDAP connection to validate username and password
    Dim strPath 'users FQDN path
    Dim strUser 'users dn stripped from ADsPath
    Dim blnAuthenticated 'has user been authenticated: 0 = no, -1 = yes

    On Error Resume Next
    blnAuthenticated = False

    'Create our admin connection for retrieving user DN
    Set conADODB = CreateObject("ADODB.Connection")
    conADODB.Provider = "ADsDSOObject"
    conADODB.Properties("user ID") = "cn=" & strProxyUser & ",ou=proxy-users,dc=fsu,dc=edu"
    conADODB.Properties("Password") = strProxyPass
    conADODB.Properties("ADSI Flag") = ADS_FAST_BIND_SSL

    conADODB.Open "ADSI"

    'next we get the users dn
    Set comADODB = CreateObject("ADODB.Command")
    Set comADODB.ActiveConnection = conADODB
    comADODB.CommandText = "<" & strADSPath & ">;(cn=" & strFSUID & ");Adspath,cn,;subtree"
    Set rsLDAP = comADODB.Execute

    'finally, we validate the actual username and password
    While Not (rsLDAP.EOF)
      strPath = rsLDAP.fields("ADsPath")
      wscript.echo strPath

      'strip out user dn from ADsPath
      strUser = InStrRev(strPath, "/")
      strUser = Mid(strPath, strUser + 1)
      wscript.echo strUser

      'open connection to authenticate users FSUID and password
      Set dsoLDAP = GetObject("LDAP:")
      Set conUser = dsoLDAP.OpenDSObject(strADSPath, strUser, strPwd, ADS_FAST_BIND_SSL)

      'see if the user's password worked. if not print error message
      If Err.Number <> 0 Then
         blnAuthenticated = False
      Else
         blnAuthenticated = True
      End If

      v = rsLDAP.fields("cn")
      wscript.echo v(0)

      rsLDAP.MoveNext
    Wend

    AuthUser = blnAuthenticated
End Function
     
FSU | UCS | IS | OMNI | FSUCard | Comments | ©Copyright
| florida state university |