LDAP provides several attributes when you complete a successful query. You can set specific attributes to request, or you can get a full list by outputting "session.ldap.last.*". To see what you are getting back you can add a Logging event to the VPE and select LDAP which automatically populates with "session.ldap.last.*".
You can also check under APM > Reports and it will show you all results for that specific session.
For the ASP.NET solution, you could use a Forms Based SSO or AAA profile to look for a specific value by a resulting redirect or presence of a cookie.