我有几个工作网站位于公司 LAN 之外——因此不在 Active Directory (A/D) 的直接通信范围内——但我希望能够对其进行身份验证用户针对公司 A/D 服务器以及用户/角色的辅助存储库***.这个活动的伪代码是这样的:
I have a few websites for work that live outside of the corporate LAN -- and, therefore, out of direct-communication range of Active Directory (A/D) -- but for which I would like to be able to authenticate users against the corporate A/D servers as well as a secondary repository of users/roles***. The pseudo code for this activity is this:
*** 这个想法是我们不希望将数十个——可能是数百个——承包商和附属机构放入 Active Directory,因为他们只会登录到我们的外部 Web 服务器.因此采用了二级身份验证方案.
*** The idea is that we don't want to put dozens -- potentially hundreds -- of contractors and affiliates into Active Directory when all they will only be logging into our external web servers. Hence the secondary auth scheme.
您可能想看看@这两个资源.第一个将为您提供您想了解的有关 Active Directory 的所有信息,第二个将向您展示如何连接.
You might want to take a look @ these two resources. The first will provide you with everything you want to know about active directory, and the second will show you how to connect.
不过,您可能会遇到连接到远程 AD 服务器的挑战.因此,作为一种潜在的解决方法,我会考虑让 Web 应用程序调用驻留在公司网络上的身份验证 Web 服务.
You might have challenges connecting to the remote AD server though. So as a potential work around, I would consider having the web application call an authentication webservice that resides on the corporate network.
这篇关于如何从 ASP.NET Web 服务代码对 Active Directory 进行身份验证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!