active directory and asp.net error

Discussion in 'ASP .Net Security' started by Jamie, Nov 7, 2003.

  1. Jamie

    Jamie Guest

    I'm getting the following error exception when using the code below.

    I've seen a number of people post the same problem. Many of the solutions
    say to use impersonate=true in web.config, or update machine.config to
    specify the username and password in the processmodel element, or to use
    delegation, but they've all said you don't need to do those things if you
    specify a username and password in the DirectoryEntry constructor... which
    is what i'm doing.

    This works fine on my local webserver, but as soon as i publish it to
    another webserver it throws an exception. Does anybody have any other
    suggestions? By the way, i'm using Visual Studio .NET 2003.

    thanks.

    Unknown error (0x80005000)
    at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
    at System.DirectoryServices.DirectoryEntry.Bind()
    at System.DirectoryServices.DirectoryEntry.get_AdsObject()
    at System.DirectoryServices.PropertyValueCollection.PopulateList()
    at System.DirectoryServices.PropertyCollection.get_Item(String propertyName)


    -------------

    DirectoryEntry root = new DirectoryEntry(LDAP://my_domain,
    "my_domain\\some_domain_user", "password");
    DirectorySearcher searcher = new DirectorySearcher(root);
    searcher.Filter = "(&(objectClass=user)(sAMAccountName=some_domain_user))";
    SearchResult searchResult = searcher.FindOne();
    DirectoryEntry entry = searchResult.GetDirectoryEntry();
    object o = entry.Properties["givenname"].Value; // exeception occurs here
    />
     
    Jamie, Nov 7, 2003
    #1
    1. Advertising

  2. Jamie

    MSFT Guest

    Hi Jamie,

    An ASP.NET application need proper permission to create a DirectoryEntry
    object. For example, before a DirectoryEntry object is created, it may need
    to read some system file or registry value. This do nothing with the
    account you sepcify in following line.

    DirectoryEntry root = new DirectoryEntry(LDAP://my_domain,
    "my_domain\\some_domain_user", "password");

    "my_domain\\some_domain_user" is used when AD authenticating the client. I
    believe you still need to impersonate in your ASP.NET application to get
    proper permission.

    Hope this help,

    Luke
    Microsoft Online Support

    Get Secure! www.microsoft.com/security
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)
     
    MSFT, Nov 10, 2003
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jamie
    Replies:
    2
    Views:
    1,075
  2. Patrick.O.Ige

    ASP.NET and active directory code

    Patrick.O.Ige, Aug 19, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    380
    Patrick.O.Ige
    Aug 19, 2004
  3. =?Utf-8?B?UGF0cmljaw==?=

    "Sudden" Active Directory error on ASP.NET

    =?Utf-8?B?UGF0cmljaw==?=, Sep 5, 2005, in forum: ASP .Net
    Replies:
    10
    Views:
    5,529
    vaidyanet
    Oct 10, 2006
  4. ejcosta
    Replies:
    2
    Views:
    885
    Eurico Costa
    Oct 8, 2004
  5. carlos seramos
    Replies:
    2
    Views:
    497
    carlos seramos
    Aug 1, 2003
Loading...

Share This Page