|
 |
security_asp thread: identifying the user at first hit.. (intranet based)
Message #1 by Abhilash_Shanmugham <Abhilash_Shanmugham@c...> on Tue, 22 May 2001 11:15:18 +0530
|
|
You could use a component which resolves the clients IP-address to
their NetBIOS, and the you could integrate AD to fetch the current
user. Question is: Why do you need to know which machine it is
that's making the request?
If the reason is reguarding network security, that no one outside
the local network should get access to the site, you should not
build this functionality into your site. You should look over your
firewalls, maybe set some IP-restrictions at the IIS-server and
integrate your AD into all servers.
In AD you create one account for a user and another account for a
machine present on the network, if you can verify the user with AD
you can verify the machine the same way. But you should not use this
as the only line-of-defense if your intranet demands a more secure
environment.
/andreas.q3p
-----Original Message-----
From: Abhilash_Shanmugham [mailto:Abhilash_Shanmugham@c...]
Sent: Tuesday, 22 May 2001 3:45 PM
To: Security_asp
Subject: [security_asp] identifying the user at first hit.. (intranet
based)
I have a requirement in which when a user hits a home page of the IIS
server.. which is an ASP page I have to determine his machine.. the user
at the machine.. (this is an intranet scenario... ) .. and then show him the
menu on the left according to his rights..
I could go ahead and do this by finding the machine variable s take the ip
resolve it to machine name.. and the user from the AD .. and do this..
what I want to know is ther a better way of doing this.. ??
Your thoughts and views will be highly appreciated thanking you in
advance..
|
|
|
View Cart
