ADSI - Able to authenticate but unable to get memberOf information

Discussion in 'ASP .Net Security' started by deltalimagolf, Apr 17, 2008.

  1. I've got an asp.net site where it's setup to use forms authentication. I
    take the username and password provided and authenticate them by calling the
    LogonUser method (from advapi32). If that is successful I call the
    DuplicateToken method and then using WindowsIdentity impersonate the user and
    attempt to get the groups the user is a member of. Everything works up to
    the attempt to get the groups, I get a 'The specified domain either does not
    exist or could not be contacted.' error. The following code works on my
    local box (even when running IE as a local - non AD - user), but when it is
    deployed to a web server in the DMZ the error mentioned is seen.

    [DllImport("advapi32.dll", SetLastError = true)]
    public static extern bool LogonUser(
    string principal, string authority, string password,
    LogonSessionType logonType, LogonProvider logonProvider, out IntPtr token);

    [DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
    public static extern int DuplicateToken(IntPtr hToken, int
    impersonationLevel, ref IntPtr hNewToken);

    public static ArrayList UserMemberOf(string path, string username)
    {
    DirectorySearcher search = new DirectorySearcher(path);
    search.Filter = "(sAMAccountName=" + username + ")";
    search.PropertiesToLoad.Add("memberOf");
    ArrayList groups = new ArrayList();
    try
    {
    SearchResult result = search.FindOne();
    if (result != null)
    {
    int propertyCount = result.Properties["memberOf"].Count;
    String dn;
    int equalsIndex, commaIndex;

    for (int propertyCounter = 0; propertyCounter < propertyCount;
    propertyCounter++)
    {
    dn = (String)result.Properties["memberOf"][propertyCounter];

    equalsIndex = dn.IndexOf("=", 1);
    commaIndex = dn.IndexOf(",", 1);
    if (-1 == equalsIndex)
    {
    return null;
    }
    groups.Add(dn.Substring((equalsIndex + 1), (commaIndex - equalsIndex)
    - 1));
    }
    }
    }
    catch (Exception ex)
    {
    throw new Exception("Error obtaining group names ('" + path + "','" +
    username + "'). " + ex.Message);
    }
    return groups;
    }


    protected void clkLogin(object sender, EventArgs e)
    {
    IntPtr iptrUserToken = IntPtr.Zero;
    IntPtr iptrDuplicateToken = IntPtr.Zero;
    try
    {
    bool bAuthenticated =
    LDAP.LogonUser(txtUserName.Text,
    GatewayAdministrationWebConfig.AuthenticationDomain, txtPassword.Text,
    LDAP.LogonSessionType.NewCredentials, LDAP.LogonProvider.Default, out
    iptrUserToken);
    if (!bAuthenticated)
    {
    return;
    }
    if (LDAP.DuplicateToken(iptrUserToken,
    (int)TokenImpersonationLevel.Impersonation, ref iptrDuplicateToken) != 0)
    {
    using (WindowsImpersonationContext winImpersonation =
    WindowsIdentity.Impersonate(iptrDuplicateToken))
    {
    if (winImpersonation == null)
    {
    throw new Exception("impersonation context is null");
    }
    string sUserDn = "LDAP://[authentication server ip
    address]/OU=[],dc=[],dc=net";
    ArrayList alGroups = LDAP.UserMemberOf(sUserDn, txtUserName.Text);
    winImpersonation.Undo();
    if ((alGroups == null) || (alGroups.IndexOf("[AD Group]") == -1))
    {
    return;
    }
    FormsAuthenticationTicket authTicket =
    new FormsAuthenticationTicket(1,
    txtUserName.Text,
    DateTime.Now,
    DateTime.Now.AddMinutes(60),
    false,
    string.Empty);
    string sTicket = FormsAuthentication.Encrypt(authTicket);
    HttpCookie cookieTicket = new
    HttpCookie(FormsAuthentication.FormsCookieName, sTicket);
    Response.Cookies.Add(cookieTicket);
    Response.Redirect(FormsAuthentication.GetRedirectUrl(txtUserName.Text,
    false));
    }
    }
    else
    {
    return;
    }
    }
    catch (Exception ex)
    {
    throw ex;
    }
    finally
    { // Free the tokens
    if (iptrUserToken != IntPtr.Zero)
    LDAP.CloseHandle(iptrUserToken);
    if (iptrDuplicateToken != IntPtr.Zero)
    LDAP.CloseHandle(iptrDuplicateToken);
    }
    }
     
    deltalimagolf, Apr 17, 2008
    #1
    1. Advertising

  2. deltalimagolf

    Joe Kaplan Guest

    This seems like a waste. If you have a WindowsIdentity for the user, why
    not just use the Groups property on the WindowsIdentity? The data you need
    is already in memory at that point.

    Joe K.

    --
    Joe Kaplan-MS MVP Directory Services Programming
    Co-author of "The .NET Developer's Guide to Directory Services Programming"
    http://www.directoryprogramming.net
    --
    "deltalimagolf" <> wrote in message
    news:...
    > I've got an asp.net site where it's setup to use forms authentication. I
    > take the username and password provided and authenticate them by calling
    > the
    > LogonUser method (from advapi32). If that is successful I call the
    > DuplicateToken method and then using WindowsIdentity impersonate the user
    > and
    > attempt to get the groups the user is a member of. Everything works up to
    > the attempt to get the groups, I get a 'The specified domain either does
    > not
    > exist or could not be contacted.' error. The following code works on my
    > local box (even when running IE as a local - non AD - user), but when it
    > is
    > deployed to a web server in the DMZ the error mentioned is seen.
    >
    > [DllImport("advapi32.dll", SetLastError = true)]
    > public static extern bool LogonUser(
    > string principal, string authority, string password,
    > LogonSessionType logonType, LogonProvider logonProvider, out IntPtr
    > token);
    >
    > [DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
    > public static extern int DuplicateToken(IntPtr hToken, int
    > impersonationLevel, ref IntPtr hNewToken);
    >
    > public static ArrayList UserMemberOf(string path, string username)
    > {
    > DirectorySearcher search = new DirectorySearcher(path);
    > search.Filter = "(sAMAccountName=" + username + ")";
    > search.PropertiesToLoad.Add("memberOf");
    > ArrayList groups = new ArrayList();
    > try
    > {
    > SearchResult result = search.FindOne();
    > if (result != null)
    > {
    > int propertyCount = result.Properties["memberOf"].Count;
    > String dn;
    > int equalsIndex, commaIndex;
    >
    > for (int propertyCounter = 0; propertyCounter < propertyCount;
    > propertyCounter++)
    > {
    > dn = (String)result.Properties["memberOf"][propertyCounter];
    >
    > equalsIndex = dn.IndexOf("=", 1);
    > commaIndex = dn.IndexOf(",", 1);
    > if (-1 == equalsIndex)
    > {
    > return null;
    > }
    > groups.Add(dn.Substring((equalsIndex + 1), (commaIndex - equalsIndex)
    > - 1));
    > }
    > }
    > }
    > catch (Exception ex)
    > {
    > throw new Exception("Error obtaining group names ('" + path + "','" +
    > username + "'). " + ex.Message);
    > }
    > return groups;
    > }
    >
    >
    > protected void clkLogin(object sender, EventArgs e)
    > {
    > IntPtr iptrUserToken = IntPtr.Zero;
    > IntPtr iptrDuplicateToken = IntPtr.Zero;
    > try
    > {
    > bool bAuthenticated =
    > LDAP.LogonUser(txtUserName.Text,
    > GatewayAdministrationWebConfig.AuthenticationDomain, txtPassword.Text,
    > LDAP.LogonSessionType.NewCredentials, LDAP.LogonProvider.Default, out
    > iptrUserToken);
    > if (!bAuthenticated)
    > {
    > return;
    > }
    > if (LDAP.DuplicateToken(iptrUserToken,
    > (int)TokenImpersonationLevel.Impersonation, ref iptrDuplicateToken) != 0)
    > {
    > using (WindowsImpersonationContext winImpersonation =
    > WindowsIdentity.Impersonate(iptrDuplicateToken))
    > {
    > if (winImpersonation == null)
    > {
    > throw new Exception("impersonation context is null");
    > }
    > string sUserDn = "LDAP://[authentication server ip
    > address]/OU=[],dc=[],dc=net";
    > ArrayList alGroups = LDAP.UserMemberOf(sUserDn, txtUserName.Text);
    > winImpersonation.Undo();
    > if ((alGroups == null) || (alGroups.IndexOf("[AD Group]") == -1))
    > {
    > return;
    > }
    > FormsAuthenticationTicket authTicket =
    > new FormsAuthenticationTicket(1,
    > txtUserName.Text,
    > DateTime.Now,
    > DateTime.Now.AddMinutes(60),
    > false,
    > string.Empty);
    > string sTicket = FormsAuthentication.Encrypt(authTicket);
    > HttpCookie cookieTicket = new
    > HttpCookie(FormsAuthentication.FormsCookieName, sTicket);
    > Response.Cookies.Add(cookieTicket);
    > Response.Redirect(FormsAuthentication.GetRedirectUrl(txtUserName.Text,
    > false));
    > }
    > }
    > else
    > {
    > return;
    > }
    > }
    > catch (Exception ex)
    > {
    > throw ex;
    > }
    > finally
    > { // Free the tokens
    > if (iptrUserToken != IntPtr.Zero)
    > LDAP.CloseHandle(iptrUserToken);
    > if (iptrDuplicateToken != IntPtr.Zero)
    > LDAP.CloseHandle(iptrDuplicateToken);
    > }
    > }
     
    Joe Kaplan, Apr 17, 2008
    #2
    1. Advertising

  3. Re: ADSI - Able to authenticate but unable to get memberOf informa

    Apparently I'm missing something, at what point to I have a WindowsIdentity
    for the user? I'm using the WindowsIdentity.Impersonate method to get a
    WindowsImpersonationContext, is that what you are referring to?

    "Joe Kaplan" wrote:

    > This seems like a waste. If you have a WindowsIdentity for the user, why
    > not just use the Groups property on the WindowsIdentity? The data you need
    > is already in memory at that point.
    >
    > Joe K.
    >
    > --
    > Joe Kaplan-MS MVP Directory Services Programming
    > Co-author of "The .NET Developer's Guide to Directory Services Programming"
    > http://www.directoryprogramming.net
    > --
    >
    >
    >
     
    deltalimagolf, Apr 17, 2008
    #3
  4. deltalimagolf

    Joe Kaplan Guest

    Re: ADSI - Able to authenticate but unable to get memberOf informa

    Yes, exactly. You build the WindowsIdentity from the token and then just
    access the Groups property. If you want friendly names instead of SIDs (you
    probably do), then you just use the Translate method on the
    IdentityReferenceCollection.

    Do LDAP calls for this is much more complicated, slower and more error
    prone.

    We could definitely fix your LDAP code, but for this particular application
    it isn't worth the effort.

    Joe K.
    --
    Joe Kaplan-MS MVP Directory Services Programming
    Co-author of "The .NET Developer's Guide to Directory Services Programming"
    http://www.directoryprogramming.net
    --
    "deltalimagolf" <> wrote in message
    news:...
    > Apparently I'm missing something, at what point to I have a
    > WindowsIdentity
    > for the user? I'm using the WindowsIdentity.Impersonate method to get a
    > WindowsImpersonationContext, is that what you are referring to?
    >
    > "Joe Kaplan" wrote:
    >
    >> This seems like a waste. If you have a WindowsIdentity for the user, why
    >> not just use the Groups property on the WindowsIdentity? The data you
    >> need
    >> is already in memory at that point.
    >>
    >> Joe K.
    >>
    >> --
    >> Joe Kaplan-MS MVP Directory Services Programming
    >> Co-author of "The .NET Developer's Guide to Directory Services
    >> Programming"
    >> http://www.directoryprogramming.net
    >> --
    >>
    >>
    >>
     
    Joe Kaplan, Apr 18, 2008
    #4
  5. Re: ADSI - Able to authenticate but unable to get memberOf informa

    Here's my new clkLogin method -

    protected void clkLogin(object sender, EventArgs e)
    {
    IntPtr iptrUserToken = IntPtr.Zero;
    IntPtr iptrDuplicateToken = IntPtr.Zero;
    try
    {
    bool bAuthenticated =
    LDAP.LogonUser(txtUserName.Text,
    GatewayAdministrationWebConfig.AuthenticationDomain, txtPassword.Text,
    LDAP.LogonSessionType.NewCredentials, LDAP.LogonProvider.Default, out
    iptrUserToken);
    if (!bAuthenticated)
    {
    [display error message]
    }
    else
    {
    if (LDAP.DuplicateToken(iptrUserToken,
    (int)TokenImpersonationLevel.Impersonation, ref iptrDuplicateToken) != 0)
    {
    using (WindowsIdentity winIdentity = new WindowsIdentity(iptrUserToken))
    {
    IdentityReferenceCollection colRefIdentity =
    winIdentity.Groups.Translate(typeof(NTAccount));
    foreach (IdentityReference refIdentity in colRefIdentity)
    {
    if (refIdentity.Value.ToUpper().CompareTo([AD Group].ToUpper()) == 0)
    {
    FormsAuthenticationTicket authTicket =
    new FormsAuthenticationTicket(1,
    txtUserName.Text,
    DateTime.Now,
    DateTime.Now.AddMinutes(60),
    false,
    string.Empty);
    string sTicket = FormsAuthentication.Encrypt(authTicket);
    HttpCookie cookieTicket = new
    HttpCookie(FormsAuthentication.FormsCookieName, sTicket);
    Response.Cookies.Add(cookieTicket);
    Response.Redirect(FormsAuthentication.GetRedirectUrl(txtUserName.Text, false));
    break;
    }
    }
    }
    }
    }
    }
    catch (Exception ex)
    {
    throw ex;
    }
    finally
    { // Free the tokens
    if (iptrUserToken != IntPtr.Zero)
    LDAP.CloseHandle(iptrUserToken);
    if (iptrDuplicateToken != IntPtr.Zero)
    LDAP.CloseHandle(iptrDuplicateToken);
    }
    }

    No matter what username and password I put in I'm getting the groups for the
    user I'm logged into the box as (this is happening locally, I haven't
    deployed it to the server in the dmz yet).

    TIA,
    Dave

    "Joe Kaplan" wrote:

    > Yes, exactly. You build the WindowsIdentity from the token and then just
    > access the Groups property. If you want friendly names instead of SIDs (you
    > probably do), then you just use the Translate method on the
    > IdentityReferenceCollection.
    >
    > [message snipped]
    >
    > Joe K.
    > --
    > Joe Kaplan-MS MVP Directory Services Programming
    > Co-author of "The .NET Developer's Guide to Directory Services Programming"
    > http://www.directoryprogramming.net
    >
     
    deltalimagolf, Apr 18, 2008
    #5
  6. deltalimagolf

    Joe Kaplan Guest

    Re: ADSI - Able to authenticate but unable to get memberOf informa

    I don't understand why you are calling DuplicateToken. You don't need that,
    do you? You also don't use the token for building the WindowsIdentity in
    the code below, so that is a little strange.

    I think the main problem is that you are using the NewCredentials logon type
    here. That type of token only transitions to the user's token when you use
    the network. For a local token, you should use Network logon type.

    Joe K.

    --
    Joe Kaplan-MS MVP Directory Services Programming
    Co-author of "The .NET Developer's Guide to Directory Services Programming"
    http://www.directoryprogramming.net
    --
    "deltalimagolf" <> wrote in message
    news:...
    > Here's my new clkLogin method -
    >
    > protected void clkLogin(object sender, EventArgs e)
    > {
    > IntPtr iptrUserToken = IntPtr.Zero;
    > IntPtr iptrDuplicateToken = IntPtr.Zero;
    > try
    > {
    > bool bAuthenticated =
    > LDAP.LogonUser(txtUserName.Text,
    > GatewayAdministrationWebConfig.AuthenticationDomain, txtPassword.Text,
    > LDAP.LogonSessionType.NewCredentials, LDAP.LogonProvider.Default, out
    > iptrUserToken);
    > if (!bAuthenticated)
    > {
    > [display error message]
    > }
    > else
    > {
    > if (LDAP.DuplicateToken(iptrUserToken,
    > (int)TokenImpersonationLevel.Impersonation, ref iptrDuplicateToken) != 0)
    > {
    > using (WindowsIdentity winIdentity = new WindowsIdentity(iptrUserToken))
    > {
    > IdentityReferenceCollection colRefIdentity =
    > winIdentity.Groups.Translate(typeof(NTAccount));
    > foreach (IdentityReference refIdentity in colRefIdentity)
    > {
    > if (refIdentity.Value.ToUpper().CompareTo([AD Group].ToUpper()) == 0)
    > {
    > FormsAuthenticationTicket authTicket =
    > new FormsAuthenticationTicket(1,
    > txtUserName.Text,
    > DateTime.Now,
    > DateTime.Now.AddMinutes(60),
    > false,
    > string.Empty);
    > string sTicket = FormsAuthentication.Encrypt(authTicket);
    > HttpCookie cookieTicket = new
    > HttpCookie(FormsAuthentication.FormsCookieName, sTicket);
    > Response.Cookies.Add(cookieTicket);
    > Response.Redirect(FormsAuthentication.GetRedirectUrl(txtUserName.Text,
    > false));
    > break;
    > }
    > }
    > }
    > }
    > }
    > }
    > catch (Exception ex)
    > {
    > throw ex;
    > }
    > finally
    > { // Free the tokens
    > if (iptrUserToken != IntPtr.Zero)
    > LDAP.CloseHandle(iptrUserToken);
    > if (iptrDuplicateToken != IntPtr.Zero)
    > LDAP.CloseHandle(iptrDuplicateToken);
    > }
    > }
    >
    > No matter what username and password I put in I'm getting the groups for
    > the
    > user I'm logged into the box as (this is happening locally, I haven't
    > deployed it to the server in the dmz yet).
    >
    > TIA,
    > Dave
    >
    > "Joe Kaplan" wrote:
    >
    >> Yes, exactly. You build the WindowsIdentity from the token and then just
    >> access the Groups property. If you want friendly names instead of SIDs
    >> (you
    >> probably do), then you just use the Translate method on the
    >> IdentityReferenceCollection.
    >>
    >> [message snipped]
    >>
    >> Joe K.
    >> --
    >> Joe Kaplan-MS MVP Directory Services Programming
    >> Co-author of "The .NET Developer's Guide to Directory Services
    >> Programming"
    >> http://www.directoryprogramming.net
    >>
     
    Joe Kaplan, Apr 18, 2008
    #6
  7. Re: ADSI - Able to authenticate but unable to get memberOf informa

    The DuplicateToken was left over from the impersonation (I orginally got it
    from an example I found). I changed the logon type to Network, it works
    great on my local box but now the LogonUser method returns false (when
    deployed to the server in the DMZ).

    Current clkLogin method -

    protected void clkLogin(object sender, EventArgs e)
    {
    IntPtr iptrUserToken = IntPtr.Zero;
    try
    {
    bool bAuthenticated =
    LDAP.LogonUser(txtUserName.Text,
    GatewayAdministrationWebConfig.AuthenticationDomain, txtPassword.Text,
    LDAP.LogonSessionType.Network, LDAP.LogonProvider.Default, out
    iptrUserToken);
    if (!bAuthenticated)
    {
    return;
    }
    else
    {
    using (WindowsIdentity winIdentity = new WindowsIdentity(iptrUserToken))
    {
    IdentityReferenceCollection colRefIdentity =
    winIdentity.Groups.Translate(typeof(NTAccount));
    foreach (IdentityReference refIdentity in colRefIdentity)
    {
    if (refIdentity.Value.ToUpper().CompareTo([AD Group]) == 0)
    {
    FormsAuthenticationTicket authTicket =
    new FormsAuthenticationTicket(1,
    txtUserName.Text,
    DateTime.Now,
    DateTime.Now.AddMinutes(60),
    false,
    string.Empty);
    string sTicket = FormsAuthentication.Encrypt(authTicket);
    HttpCookie cookieTicket = new
    HttpCookie(FormsAuthentication.FormsCookieName, sTicket);
    Response.Cookies.Add(cookieTicket);
    Response.Redirect(FormsAuthentication.GetRedirectUrl(txtUserName.Text, false));
    break;
    }
    }
    }
    }
    }
    catch (Exception ex)
    {
    throw ex;
    }
    finally
    { // Free the tokens
    if (iptrUserToken != IntPtr.Zero)
    LDAP.CloseHandle(iptrUserToken);
    }
    }

    "Joe Kaplan" wrote:

    > I don't understand why you are calling DuplicateToken. You don't need that,
    > do you? You also don't use the token for building the WindowsIdentity in
    > the code below, so that is a little strange.
    >
    > I think the main problem is that you are using the NewCredentials logon type
    > here. That type of token only transitions to the user's token when you use
    > the network. For a local token, you should use Network logon type.
    >
    > Joe K.
    >
    > --
    > Joe Kaplan-MS MVP Directory Services Programming
    > Co-author of "The .NET Developer's Guide to Directory Services Programming"
    > http://www.directoryprogramming.net
     
    deltalimagolf, Apr 18, 2008
    #7
  8. deltalimagolf

    Joe Kaplan Guest

    Re: ADSI - Able to authenticate but unable to get memberOf informa

    For the server in the DMZ, you need to make sure:
    - It is domain joined to a domain that is part of the forest your users are
    from or has a trust with that forest or domain somehow
    - Users have rights to do network login. They usually do, but sometimes
    people remove the "authenticated users" built in group from the "access this
    computer from the network" local security policy setting and break this.

    Note that if the machine is not domain joined to meet the first requirement,
    you aren't going to be able to use LogonUser for this. You will probably be
    better off using the ActiveDirectoryMembershipProvider and possibly
    something like the open source AD role provider (www.codeplex.com/adrp) for
    roles. It does the LDAP stuff for you.

    Joe K.

    --
    Joe Kaplan-MS MVP Directory Services Programming
    Co-author of "The .NET Developer's Guide to Directory Services Programming"
    http://www.directoryprogramming.net
    --
    "deltalimagolf" <> wrote in message
    news:...
    > The DuplicateToken was left over from the impersonation (I orginally got
    > it
    > from an example I found). I changed the logon type to Network, it works
    > great on my local box but now the LogonUser method returns false (when
    > deployed to the server in the DMZ).
    >
    > Current clkLogin method -
    >
    > protected void clkLogin(object sender, EventArgs e)
    > {
    > IntPtr iptrUserToken = IntPtr.Zero;
    > try
    > {
    > bool bAuthenticated =
    > LDAP.LogonUser(txtUserName.Text,
    > GatewayAdministrationWebConfig.AuthenticationDomain, txtPassword.Text,
    > LDAP.LogonSessionType.Network, LDAP.LogonProvider.Default, out
    > iptrUserToken);
    > if (!bAuthenticated)
    > {
    > return;
    > }
    > else
    > {
    > using (WindowsIdentity winIdentity = new WindowsIdentity(iptrUserToken))
    > {
    > IdentityReferenceCollection colRefIdentity =
    > winIdentity.Groups.Translate(typeof(NTAccount));
    > foreach (IdentityReference refIdentity in colRefIdentity)
    > {
    > if (refIdentity.Value.ToUpper().CompareTo([AD Group]) == 0)
    > {
    > FormsAuthenticationTicket authTicket =
    > new FormsAuthenticationTicket(1,
    > txtUserName.Text,
    > DateTime.Now,
    > DateTime.Now.AddMinutes(60),
    > false,
    > string.Empty);
    > string sTicket = FormsAuthentication.Encrypt(authTicket);
    > HttpCookie cookieTicket = new
    > HttpCookie(FormsAuthentication.FormsCookieName, sTicket);
    > Response.Cookies.Add(cookieTicket);
    > Response.Redirect(FormsAuthentication.GetRedirectUrl(txtUserName.Text,
    > false));
    > break;
    > }
    > }
    > }
    > }
    > }
    > catch (Exception ex)
    > {
    > throw ex;
    > }
    > finally
    > { // Free the tokens
    > if (iptrUserToken != IntPtr.Zero)
    > LDAP.CloseHandle(iptrUserToken);
    > }
    > }
    >
    > "Joe Kaplan" wrote:
    >
    >> I don't understand why you are calling DuplicateToken. You don't need
    >> that,
    >> do you? You also don't use the token for building the WindowsIdentity in
    >> the code below, so that is a little strange.
    >>
    >> I think the main problem is that you are using the NewCredentials logon
    >> type
    >> here. That type of token only transitions to the user's token when you
    >> use
    >> the network. For a local token, you should use Network logon type.
    >>
    >> Joe K.
    >>
    >> --
    >> Joe Kaplan-MS MVP Directory Services Programming
    >> Co-author of "The .NET Developer's Guide to Directory Services
    >> Programming"
    >> http://www.directoryprogramming.net

    >
     
    Joe Kaplan, Apr 18, 2008
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?ZG90bmV0dGVzdGVy?=

    Retrieving mailbox information through ADSI

    =?Utf-8?B?ZG90bmV0dGVzdGVy?=, Aug 31, 2005, in forum: ASP .Net
    Replies:
    0
    Views:
    425
    =?Utf-8?B?ZG90bmV0dGVzdGVy?=
    Aug 31, 2005
  2. Replies:
    1
    Views:
    447
    Manuel Ricca
    Dec 13, 2007
  3. John Boghossian

    CanĀ“t get AD groups to authenticate via web.config

    John Boghossian, Nov 12, 2003, in forum: ASP .Net Security
    Replies:
    1
    Views:
    361
  4. F C
    Replies:
    0
    Views:
    197
  5. sed_y
    Replies:
    0
    Views:
    1,024
    sed_y
    Feb 15, 2012
Loading...

Share This Page