ActiveDirectory Component
Properties Methods Events Configuration Settings Errors
The ActiveDirectory component can be used to authenticate users against Active Directory using Kerberos 5.0.
Syntax
ipworksauth.Activedirectory
Remarks
The ActiveDirectory component authenticates users against Active Directory. Authentication is performed using the Kerberos protocol defined in RFC 1510 and RFC 4120.
Authentication
When Authenticate is called the component will attempt to authenticate the user with the Active Directory server. The component will communicate with the ADHost to obtain a service ticket and populate AuthToken. The following properties are required when calling this method:
A typical sequence of messages would be:
- KRB_AS_REQ -> KDC
- KRB_AS_REP <- KDC
- KRB_TGS_REQ -> KDC
- KRB_TGS_REP <- KDC
- AuthToken is populated with the constructed KRB_AP_REP message.
Communication with the ADHost can be seen through the PITrail event.
Property List
The following is the full list of the properties of the component with short descriptions. Click on the links for further details.
ADHost | The domain name or IP address of the Active Directory server. |
ADPort | The port for the Active Directory server. |
AuthMechanism | The authentication mechanism to be used when connecting to the Active Directory server. |
AuthToken | The authentication token. |
Password | The user's password. |
SPN | The Service Principal Name (SPN). |
Timeout | A timeout for the component. |
User | The name and domain of the user to authenticate. |
Method List
The following is the full list of the methods of the component with short descriptions. Click on the links for further details.
Authenticate | Authenticates the user. |
ChangePassword | Changes the password for the specified user. |
Config | Sets or retrieves a configuration setting. |
DoEvents | Processes events from the internal message queue. |
Interrupt | Interrupt the current method. |
ListComputers | Lists all computers in the directory. |
ListGroupMembers | List all members of a group. |
ListGroups | List all groups in the directory. |
ListUserGroups | Lists all groups a user is a part of. |
Reset | Resets the component properties to their default values. |
Event List
The following is the full list of the events fired by the component with short descriptions. Click on the links for further details.
ComputerList | Fired for each computer entry returned. |
Error | Information about errors during data delivery. |
GroupList | Fired for each group entry returned. |
Log | Fires once for each log message. |
PITrail | Traces the messages sent to the server, and the respective replies. |
UserList | Fired once for each user entry returned. |
Configuration Settings
The following is a list of configuration settings for the component with short descriptions. Click on the links for further details.
CredentialsCacheFile | The credentials cache file. |
EncodeAuthToken | Whether to Base64 encode the AuthToken. |
EncryptionTypes | The encryption types used during authentication. |
KeytabFile | The Kerberos Keytab file. |
LogKerberosPackets | Whether to include the raw Kerberos packets in PITrail output. |
LogLevel | The level of detail that is logged. |
UsePlatformKerberosAPI | Whether to use the platform Kerberos API. |
CaptureIPPacketInfo | Used to capture the packet information. |
DestinationAddress | Used to get the destination address from the packet information. |
DontFragment | Used to set the Don't Fragment flag of outgoing packets. |
LocalHost | The name of the local host through which connections are initiated or accepted. |
LocalPort | The port in the local host where the component binds. |
MaxPacketSize | The maximum length of the packets that can be received. |
QOSDSCPValue | Used to specify an arbitrary QOS/DSCP setting (optional). |
QOSTrafficType | Used to specify QOS/DSCP settings (optional). |
ShareLocalPort | If set to True, allows more than one instance of the component to be active on the same local port. |
UseConnection | Determines whether to use a connected socket. |
UseIPv6 | Whether or not to use IPv6. |
AbsoluteTimeout | Determines whether timeouts are inactivity timeouts or absolute timeouts. |
FirewallData | Used to send extra data to the firewall. |
InBufferSize | The size in bytes of the incoming queue of the socket. |
OutBufferSize | The size in bytes of the outgoing queue of the socket. |
BuildInfo | Information about the product's build. |
GUIAvailable | Tells the component whether or not a message loop is available for processing events. |
LicenseInfo | Information about the current license. |
UseDaemonThreads | Whether threads created by the component are daemon threads. |
UseInternalSecurityAPI | Tells the component whether or not to use the system security libraries or an internal implementation. |