2

I am working on ASP.NET Core 1.1 - MVC application. I need to authenticate windows users using Login screen(mvc view). I need to use Active Directory to authenticate users.

I found wonderful article, http://tech.trailmax.info/2016/03/using-owin-and-active-directory-to-authenticate-users-in-asp-net-mvc-5-application/ I downloaded the sample app and sample itself works great. But I as I need to implement this with .net core 1.1, it does not support System.DirectoryServices.AccountManagement and Microsoft.Owin.Security.Cookies, Microsoft.Owin.Host.SystemWeb nuget packages. so it does not seem this solution will work for me.

I investigated more and found Novell.Directory.Ldap.NETStandard (ASP.NET Core and on premise AD authentication) which works for active directory users validation (.net core 1.1)

I also found Microsoft.AspNetCore.Authentication.ActiveDirectory (middleware.github.com/OneBitSoftware/Microsoft.AspNetCore.Authentication.ActiveDirectory)

One more, AspNetCoreActiveDirectoryStarterKit (github.com/WinLwinOoNet/AspNetCoreActiveDirectoryStarterKit)

Is there any other way I can achieve this? Anybody has experience using above mentioned options and suggest me the good one? Please suggest.

Improve this question
4
  • AD authentication isn't supported in ASP.NET Core due to security concerns (you can't throttle logins, you can't temporary disable accounts on to many attempts etc.), as it would basically allow bruteforce against the AD. For intranet application you should use NTLM and windows authentication capabilities of IIS or Weblistener to obtain an access token from the user who is currently logged into windows (w/o form for entering credentials) or use Azure AD which uses oauth/openid to authenticate users (you can setup local AD to sync with Azure AD though) Commented Oct 16, 2017 at 5:14
  • learn.microsoft.com/en-us/azure/active-directory/connect/… on Azure AD connect/synchronization Commented Oct 16, 2017 at 5:14
  • Thanks for your reply. Thats sad actually. So there is no way we can query active directory in asp.net core mvc app (without Azure AD)? How about this article : nicolas.guelpa.me/blog/2017/02/15/… Commented Oct 16, 2017 at 6:21
  • Use an SSO layer like thinktecture identityserver in .NET 4.7 and use that to OpenID auth in your dotnetcore Commented Oct 16, 2017 at 8:08

1 Answer 1

Reset to default
1

Thanks for your comments.It was helpful as well.

It worked for me with the help of Novell.Directory.Ldap.NETStandard Nuget. I was able to refernece LDAP stuff in my code. I referenced https://nicolas.guelpa.me/blog/2017/02/15/dotnet-core-ldap-authentication.html article with some code improvements and modifications as per my requirements.Please feel free to write your views.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.