ASP.NET 2.0 with ADAM - problem

Discussion in 'ASP .Net Security' started by news.blueyonder.co.uk, Dec 3, 2005.

  1. Hi,
    I'm having problems with ASP.Net 2.0 web site connecting to AD Application
    Mode instance for role management. I have been following the example shown
    at
    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html/paght000018.asp .

    Now, this works a treat when I run the web app within VS2005 , but, the
    moment I publish this and run it via IIS on the local machine , i get the
    following error:


    Server Error in '/' Application.
    ----------------------------------------------------------------------------
    ----

    Unable to update the password. The value provided as the current password is
    incorrect. (Exception from HRESULT: 0x8007052B)
    Description: An unhandled exception occurred during the execution of the
    current web request. Please review the stack trace for more information
    about the error and where it originated in the code.

    Exception Details: System.Runtime.InteropServices.COMException: Unable to
    update the password. The value provided as the current password is
    incorrect. (Exception from HRESULT: 0x8007052B)

    Source Error:


    An unhandled exception was generated during the execution of the
    current web request. Information regarding the origin and location of the
    exception can be identified using the exception stack trace below.


    Stack Trace:


    [COMException (0x8007052b): Unable to update the password. The value
    provided as the current password is incorrect. (Exception from HRESULT:
    0x8007052B)]

    [TargetInvocationException: Exception has been thrown by the target of an
    invocation.]
    System.RuntimeType.InvokeDispMethod(String name, BindingFlags invokeAttr,
    Object target, Object[] args, Boolean[] byrefModifiers, Int32 culture,
    String[] namedParameters) +0
    System.RuntimeType.InvokeMember(String name, BindingFlags bindingFlags,
    Binder binder, Object target, Object[] providedArgs, ParameterModifier[]
    modifiers, CultureInfo culture, String[] namedParams) +2501232
    System.Type.InvokeMember(String name, BindingFlags invokeAttr, Binder
    binder, Object target, Object[] args, CultureInfo culture) +31
    System.Web.Security.AuthorizationStoreRoleProvider.CallMethod(Object
    objectToCallOn, String methodName, Object[] args) +178
    System.Web.Security.AuthorizationStoreRoleProvider.InitApp() +1489
    System.Web.Security.AuthorizationStoreRoleProvider.GetRole(String
    roleName) +13
    System.Web.Security.AuthorizationStoreRoleProvider.RoleExists(String
    roleName) +154
    System.Web.Security.Roles.RoleExists(String roleName) +242
    _Default.Page_Load(Object sender, EventArgs e) +71
    System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o,
    Object t, EventArgs e) +15
    System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender,
    EventArgs e) +34
    System.Web.UI.Control.OnLoad(EventArgs e) +99
    System.Web.UI.Control.LoadRecursive() +47
    System.Web.UI.Page.ProcessRequestMain(Boolean
    includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1061





    ----------------------------------------------------------------------------
    ----

    Version Information: Microsoft .NET Framework Version:2.0.50727.42; ASP.NET
    Version:2.0.50727.42

    OR the following when I publish to another machine:


    Server Error in '/' Application.
    ----------------------------------------------------------------------------
    ----

    The system cannot find the file specified. (Exception from HRESULT:
    0x80070002)
    Description: An unhandled exception occurred during the execution of the
    current web request. Please review the stack trace for more information
    about the error and where it originated in the code.

    Exception Details: System.IO.FileNotFoundException: The system cannot find
    the file specified. (Exception from HRESULT: 0x80070002)

    Source Error:


    An unhandled exception was generated during the execution of the
    current web request. Information regarding the origin and location of the
    exception can be identified using the exception stack trace below.


    Stack Trace:


    [FileNotFoundException: The system cannot find the file specified.
    (Exception from HRESULT: 0x80070002)]

    [TargetInvocationException: Exception has been thrown by the target of an
    invocation.]
    System.RuntimeType.InvokeDispMethod(String name, BindingFlags invokeAttr,
    Object target, Object[] args, Boolean[] byrefModifiers, Int32 culture,
    String[] namedParameters) +0
    System.RuntimeType.InvokeMember(String name, BindingFlags bindingFlags,
    Binder binder, Object target, Object[] providedArgs, ParameterModifier[]
    modifiers, CultureInfo culture, String[] namedParams) +2501504
    System.Type.InvokeMember(String name, BindingFlags invokeAttr, Binder
    binder, Object target, Object[] args, CultureInfo culture) +31
    System.Web.Security.AuthorizationStoreRoleProvider.CallMethod(Object
    objectToCallOn, String methodName, Object[] args) +178
    System.Web.Security.AuthorizationStoreRoleProvider.InitApp() +1489
    System.Web.Security.AuthorizationStoreRoleProvider.GetRole(String
    roleName) +13
    System.Web.Security.AuthorizationStoreRoleProvider.RoleExists(String
    roleName) +154
    System.Web.Security.Roles.RoleExists(String roleName) +242
    _Default.Page_Load(Object sender, EventArgs e) +13
    System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o,
    Object t, EventArgs e) +15
    System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender,
    EventArgs e) +34
    System.Web.UI.Control.OnLoad(EventArgs e) +99
    System.Web.UI.Control.LoadRecursive() +47
    System.Web.UI.Page.ProcessRequestMain(Boolean
    includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1061





    ----------------------------------------------------------------------------
    ----

    Version Information: Microsoft .NET Framework Version:2.0.50727.42; ASP.NET
    Version:2.0.50727.42


    There's obviously some sort of security problem here but I cant figure out
    whereit is or how to fix it. In VS2005 I can even use the ASP.NET Web Site
    Admin Tool to search the Role provider, create new roles etc.
    I'm really stuck here. Can anyone help as I i've been going crazy over this
    one!!!!

    Thanks in advance.
    Nick
     
    news.blueyonder.co.uk, Dec 3, 2005
    #1
    1. Advertising

  2. Hello news.blueyonder.co.uk,

    under which account does your web app run - does this account have access
    to ADAM?

    is the account in the "reader" role in AzMan?

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Hi,
    > I'm having problems with ASP.Net 2.0 web site connecting to AD
    > Application
    > Mode instance for role management. I have been following the example
    > shown
    > at
    > http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag
    > 2/html/paght000018.asp .
    > Now, this works a treat when I run the web app within VS2005 , but,
    > the moment I publish this and run it via IIS on the local machine , i
    > get the following error:
    >
    > Server Error in '/' Application.
    > ----------------------------------------------------------------------
    > ------ ----
    >
    > Unable to update the password. The value provided as the current
    > password is
    > incorrect. (Exception from HRESULT: 0x8007052B)
    > Description: An unhandled exception occurred during the execution of
    > the
    > current web request. Please review the stack trace for more
    > information
    > about the error and where it originated in the code.
    > Exception Details: System.Runtime.InteropServices.COMException: Unable
    > to update the password. The value provided as the current password is
    > incorrect. (Exception from HRESULT: 0x8007052B)
    >
    > Source Error:
    >
    > An unhandled exception was generated during the execution of the
    > current web request. Information regarding the origin and location of
    > the exception can be identified using the exception stack trace below.
    >
    > Stack Trace:
    >
    > [COMException (0x8007052b): Unable to update the password. The value
    > provided as the current password is incorrect. (Exception from
    > HRESULT: 0x8007052B)]
    >
    > [TargetInvocationException: Exception has been thrown by the target of
    > an
    > invocation.]
    > System.RuntimeType.InvokeDispMethod(String name, BindingFlags
    > invokeAttr,
    > Object target, Object[] args, Boolean[] byrefModifiers, Int32 culture,
    > String[] namedParameters) +0
    > System.RuntimeType.InvokeMember(String name, BindingFlags
    > bindingFlags,
    > Binder binder, Object target, Object[] providedArgs,
    > ParameterModifier[]
    > modifiers, CultureInfo culture, String[] namedParams) +2501232
    > System.Type.InvokeMember(String name, BindingFlags invokeAttr,
    > Binder
    > binder, Object target, Object[] args, CultureInfo culture) +31
    >
    > System.Web.Security.AuthorizationStoreRoleProvider.CallMethod(Object
    > objectToCallOn, String methodName, Object[] args) +178
    > System.Web.Security.AuthorizationStoreRoleProvider.InitApp() +1489
    > System.Web.Security.AuthorizationStoreRoleProvider.GetRole(String
    > roleName) +13
    >
    > System.Web.Security.AuthorizationStoreRoleProvider.RoleExists(String
    > roleName) +154
    > System.Web.Security.Roles.RoleExists(String roleName) +242
    > _Default.Page_Load(Object sender, EventArgs e) +71
    > System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp,
    > Object o,
    > Object t, EventArgs e) +15
    > System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object
    > sender,
    > EventArgs e) +34
    > System.Web.UI.Control.OnLoad(EventArgs e) +99
    > System.Web.UI.Control.LoadRecursive() +47
    > System.Web.UI.Page.ProcessRequestMain(Boolean
    > includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
    > +1061
    > ----------------------------------------------------------------------
    > ------ ----
    >
    > Version Information: Microsoft .NET Framework Version:2.0.50727.42;
    > ASP.NET Version:2.0.50727.42
    >
    > OR the following when I publish to another machine:
    >
    > Server Error in '/' Application.
    > ----------------------------------------------------------------------
    > ------ ----
    >
    > The system cannot find the file specified. (Exception from HRESULT:
    > 0x80070002)
    > Description: An unhandled exception occurred during the execution of
    > the
    > current web request. Please review the stack trace for more
    > information
    > about the error and where it originated in the code.
    > Exception Details: System.IO.FileNotFoundException: The system cannot
    > find the file specified. (Exception from HRESULT: 0x80070002)
    >
    > Source Error:
    >
    > An unhandled exception was generated during the execution of the
    > current web request. Information regarding the origin and location of
    > the exception can be identified using the exception stack trace below.
    >
    > Stack Trace:
    >
    > [FileNotFoundException: The system cannot find the file specified.
    > (Exception from HRESULT: 0x80070002)]
    >
    > [TargetInvocationException: Exception has been thrown by the target of
    > an
    > invocation.]
    > System.RuntimeType.InvokeDispMethod(String name, BindingFlags
    > invokeAttr,
    > Object target, Object[] args, Boolean[] byrefModifiers, Int32 culture,
    > String[] namedParameters) +0
    > System.RuntimeType.InvokeMember(String name, BindingFlags
    > bindingFlags,
    > Binder binder, Object target, Object[] providedArgs,
    > ParameterModifier[]
    > modifiers, CultureInfo culture, String[] namedParams) +2501504
    > System.Type.InvokeMember(String name, BindingFlags invokeAttr,
    > Binder
    > binder, Object target, Object[] args, CultureInfo culture) +31
    >
    > System.Web.Security.AuthorizationStoreRoleProvider.CallMethod(Object
    > objectToCallOn, String methodName, Object[] args) +178
    > System.Web.Security.AuthorizationStoreRoleProvider.InitApp() +1489
    > System.Web.Security.AuthorizationStoreRoleProvider.GetRole(String
    > roleName) +13
    >
    > System.Web.Security.AuthorizationStoreRoleProvider.RoleExists(String
    > roleName) +154
    > System.Web.Security.Roles.RoleExists(String roleName) +242
    > _Default.Page_Load(Object sender, EventArgs e) +13
    > System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp,
    > Object o,
    > Object t, EventArgs e) +15
    > System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object
    > sender,
    > EventArgs e) +34
    > System.Web.UI.Control.OnLoad(EventArgs e) +99
    > System.Web.UI.Control.LoadRecursive() +47
    > System.Web.UI.Page.ProcessRequestMain(Boolean
    > includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
    > +1061
    > ----------------------------------------------------------------------
    > ------ ----
    >
    > Version Information: Microsoft .NET Framework Version:2.0.50727.42;
    > ASP.NET Version:2.0.50727.42
    >
    > There's obviously some sort of security problem here but I cant figure
    > out
    > whereit is or how to fix it. In VS2005 I can even use the ASP.NET Web
    > Site
    > Admin Tool to search the Role provider, create new roles etc.
    > I'm really stuck here. Can anyone help as I i've been going crazy over
    > this
    > one!!!!
    > Thanks in advance.
    > Nick
     
    Dominick Baier [DevelopMentor], Dec 3, 2005
    #2
    1. Advertising

  3. "Dominick Baier [DevelopMentor]" <>
    wrote in message news:...
    > Hello news.blueyonder.co.uk,
    >
    > under which account does your web app run - does this account have access
    > to ADAM?


    The azMan setup on the other server allows NETWORK SERVICE to have
    administrator rights.

    >
    > is the account in the "reader" role in AzMan?
    >


    This is the error from the application log:

    Event code: 3005
    Event message: An unhandled exception has occurred.
    Event time: 03/12/2005 16:27:39
    Event time (UTC): 03/12/2005 16:27:39
    Event ID: e25adabd18f84335bbda77653d8b71bf
    Event sequence: 9
    Event occurrence: 2
    Event detail code: 0

    Application information:
    Application domain: /LM/W3SVC/4/Root-12-127780996803758768
    Trust level: Full
    Application Virtual Path: /
    Application Path: E:\Published Sites\AzMan\SITE\
    Machine name: SUNDOWN

    Process information:
    Process ID: 1584
    Process name: aspnet_wp.exe
    Account name: SUNDOWN\ASPNET

    Exception information:
    Exception type: TargetInvocationException
    Exception message: Exception has been thrown by the target of an
    invocation.

    Request information:
    Request URL: http://localhost:83/Default.aspx
    Request path: /Default.aspx
    User host address: 127.0.0.1
    User: SCOSOLUTIONS\bssnxm
    Is authenticated: True
    Authentication Type: NTLM
    Thread account name: SUNDOWN\ASPNET

    Thread information:
    Thread ID: 6
    Thread account name: SUNDOWN\ASPNET
    Is impersonating: False
    Stack trace: at System.RuntimeType.InvokeDispMethod(String name,
    BindingFlags invokeAttr, Object target, Object[] args, Boolean[]
    byrefModifiers, Int32 culture, String[] namedParameters)
    at System.RuntimeType.InvokeMember(String name, BindingFlags
    bindingFlags, Binder binder, Object target, Object[] providedArgs,
    ParameterModifier[] modifiers, CultureInfo culture, String[] namedParams)
    at System.Type.InvokeMember(String name, BindingFlags invokeAttr, Binder
    binder, Object target, Object[] args, CultureInfo culture)
    at System.Web.Security.AuthorizationStoreRoleProvider.CallMethod(Object
    objectToCallOn, String methodName, Object[] args)
    at System.Web.Security.AuthorizationStoreRoleProvider.InitApp()
    at System.Web.Security.AuthorizationStoreRoleProvider.GetRole(String
    roleName)
    at System.Web.Security.AuthorizationStoreRoleProvider.RoleExists(String
    roleName)
    at System.Web.Security.Roles.RoleExists(String roleName)
    at _Default.Page_Load(Object sender, EventArgs e)
    at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object
    o, Object t, EventArgs e)
    at System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender,
    EventArgs e)
    at System.Web.UI.Control.OnLoad(EventArgs e)
    at System.Web.UI.Control.LoadRecursive()
    at System.Web.UI.Page.ProcessRequestMain(Boolean
    includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)



    The setup is SUNDOWN, running Windows2000, ASP 2.0

    ADAM setup on DELLSERVER running win2k3


    Any ideas?

    Regards,
    Nick

    > ---------------------------------------
    > Dominick Baier - DevelopMentor
    > http://www.leastprivilege.com
    >
    > > Hi,
    > > I'm having problems with ASP.Net 2.0 web site connecting to AD
    > > Application
    > > Mode instance for role management. I have been following the example
    > > shown
    > > at
    > > http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag
    > > 2/html/paght000018.asp .
    > > Now, this works a treat when I run the web app within VS2005 , but,
    > > the moment I publish this and run it via IIS on the local machine , i
    > > get the following error:
    > >
    > > Server Error in '/' Application.
    > > ----------------------------------------------------------------------
    > > ------ ----
    > >
    > > Unable to update the password. The value provided as the current
    > > password is
    > > incorrect. (Exception from HRESULT: 0x8007052B)
    > > Description: An unhandled exception occurred during the execution of
    > > the
    > > current web request. Please review the stack trace for more
    > > information
    > > about the error and where it originated in the code.
    > > Exception Details: System.Runtime.InteropServices.COMException: Unable
    > > to update the password. The value provided as the current password is
    > > incorrect. (Exception from HRESULT: 0x8007052B)
    > >
    > > Source Error:
    > >
    > > An unhandled exception was generated during the execution of the
    > > current web request. Information regarding the origin and location of
    > > the exception can be identified using the exception stack trace below.
    > >
    > > Stack Trace:
    > >
    > > [COMException (0x8007052b): Unable to update the password. The value
    > > provided as the current password is incorrect. (Exception from
    > > HRESULT: 0x8007052B)]
    > >
    > > [TargetInvocationException: Exception has been thrown by the target of
    > > an
    > > invocation.]
    > > System.RuntimeType.InvokeDispMethod(String name, BindingFlags
    > > invokeAttr,
    > > Object target, Object[] args, Boolean[] byrefModifiers, Int32 culture,
    > > String[] namedParameters) +0
    > > System.RuntimeType.InvokeMember(String name, BindingFlags
    > > bindingFlags,
    > > Binder binder, Object target, Object[] providedArgs,
    > > ParameterModifier[]
    > > modifiers, CultureInfo culture, String[] namedParams) +2501232
    > > System.Type.InvokeMember(String name, BindingFlags invokeAttr,
    > > Binder
    > > binder, Object target, Object[] args, CultureInfo culture) +31
    > >
    > > System.Web.Security.AuthorizationStoreRoleProvider.CallMethod(Object
    > > objectToCallOn, String methodName, Object[] args) +178
    > > System.Web.Security.AuthorizationStoreRoleProvider.InitApp() +1489
    > > System.Web.Security.AuthorizationStoreRoleProvider.GetRole(String
    > > roleName) +13
    > >
    > > System.Web.Security.AuthorizationStoreRoleProvider.RoleExists(String
    > > roleName) +154
    > > System.Web.Security.Roles.RoleExists(String roleName) +242
    > > _Default.Page_Load(Object sender, EventArgs e) +71
    > > System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp,
    > > Object o,
    > > Object t, EventArgs e) +15
    > > System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object
    > > sender,
    > > EventArgs e) +34
    > > System.Web.UI.Control.OnLoad(EventArgs e) +99
    > > System.Web.UI.Control.LoadRecursive() +47
    > > System.Web.UI.Page.ProcessRequestMain(Boolean
    > > includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
    > > +1061
    > > ----------------------------------------------------------------------
    > > ------ ----
    > >
    > > Version Information: Microsoft .NET Framework Version:2.0.50727.42;
    > > ASP.NET Version:2.0.50727.42
    > >
    > > OR the following when I publish to another machine:
    > >
    > > Server Error in '/' Application.
    > > ----------------------------------------------------------------------
    > > ------ ----
    > >
    > > The system cannot find the file specified. (Exception from HRESULT:
    > > 0x80070002)
    > > Description: An unhandled exception occurred during the execution of
    > > the
    > > current web request. Please review the stack trace for more
    > > information
    > > about the error and where it originated in the code.
    > > Exception Details: System.IO.FileNotFoundException: The system cannot
    > > find the file specified. (Exception from HRESULT: 0x80070002)
    > >
    > > Source Error:
    > >
    > > An unhandled exception was generated during the execution of the
    > > current web request. Information regarding the origin and location of
    > > the exception can be identified using the exception stack trace below.
    > >
    > > Stack Trace:
    > >
    > > [FileNotFoundException: The system cannot find the file specified.
    > > (Exception from HRESULT: 0x80070002)]
    > >
    > > [TargetInvocationException: Exception has been thrown by the target of
    > > an
    > > invocation.]
    > > System.RuntimeType.InvokeDispMethod(String name, BindingFlags
    > > invokeAttr,
    > > Object target, Object[] args, Boolean[] byrefModifiers, Int32 culture,
    > > String[] namedParameters) +0
    > > System.RuntimeType.InvokeMember(String name, BindingFlags
    > > bindingFlags,
    > > Binder binder, Object target, Object[] providedArgs,
    > > ParameterModifier[]
    > > modifiers, CultureInfo culture, String[] namedParams) +2501504
    > > System.Type.InvokeMember(String name, BindingFlags invokeAttr,
    > > Binder
    > > binder, Object target, Object[] args, CultureInfo culture) +31
    > >
    > > System.Web.Security.AuthorizationStoreRoleProvider.CallMethod(Object
    > > objectToCallOn, String methodName, Object[] args) +178
    > > System.Web.Security.AuthorizationStoreRoleProvider.InitApp() +1489
    > > System.Web.Security.AuthorizationStoreRoleProvider.GetRole(String
    > > roleName) +13
    > >
    > > System.Web.Security.AuthorizationStoreRoleProvider.RoleExists(String
    > > roleName) +154
    > > System.Web.Security.Roles.RoleExists(String roleName) +242
    > > _Default.Page_Load(Object sender, EventArgs e) +13
    > > System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp,
    > > Object o,
    > > Object t, EventArgs e) +15
    > > System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object
    > > sender,
    > > EventArgs e) +34
    > > System.Web.UI.Control.OnLoad(EventArgs e) +99
    > > System.Web.UI.Control.LoadRecursive() +47
    > > System.Web.UI.Page.ProcessRequestMain(Boolean
    > > includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
    > > +1061
    > > ----------------------------------------------------------------------
    > > ------ ----
    > >
    > > Version Information: Microsoft .NET Framework Version:2.0.50727.42;
    > > ASP.NET Version:2.0.50727.42
    > >
    > > There's obviously some sort of security problem here but I cant figure
    > > out
    > > whereit is or how to fix it. In VS2005 I can even use the ASP.NET Web
    > > Site
    > > Admin Tool to search the Role provider, create new roles etc.
    > > I'm really stuck here. Can anyone help as I i've been going crazy over
    > > this
    > > one!!!!
    > > Thanks in advance.
    > > Nick

    >
    >
     
    Nick McCulloch, Dec 3, 2005
    #3
  4. Hello Nick,

    your web app runs as ASPNET -

    the ASPNET account has no read access to the AzMan store ....

    you have to change the processModel to run ASP.NET under a specific account
    - or set a fixed impersonation in web.config - you have to use some account
    that you can assign read ACLs on the target machine.

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > "Dominick Baier [DevelopMentor]"
    > <> wrote in message
    > news:...
    >
    >> Hello news.blueyonder.co.uk,
    >>
    >> under which account does your web app run - does this account have
    >> access to ADAM?
    >>

    > The azMan setup on the other server allows NETWORK SERVICE to have
    > administrator rights.
    >
    >> is the account in the "reader" role in AzMan?
    >>

    > This is the error from the application log:
    >
    > Event code: 3005
    > Event message: An unhandled exception has occurred.
    > Event time: 03/12/2005 16:27:39
    > Event time (UTC): 03/12/2005 16:27:39
    > Event ID: e25adabd18f84335bbda77653d8b71bf
    > Event sequence: 9
    > Event occurrence: 2
    > Event detail code: 0
    > Application information:
    > Application domain: /LM/W3SVC/4/Root-12-127780996803758768
    > Trust level: Full
    > Application Virtual Path: /
    > Application Path: E:\Published Sites\AzMan\SITE\
    > Machine name: SUNDOWN
    > Process information:
    > Process ID: 1584
    > Process name: aspnet_wp.exe
    > Account name: SUNDOWN\ASPNET
    > Exception information:
    > Exception type: TargetInvocationException
    > Exception message: Exception has been thrown by the target of an
    > invocation.
    > Request information:
    > Request URL: http://localhost:83/Default.aspx
    > Request path: /Default.aspx
    > User host address: 127.0.0.1
    > User: SCOSOLUTIONS\bssnxm
    > Is authenticated: True
    > Authentication Type: NTLM
    > Thread account name: SUNDOWN\ASPNET
    > Thread information:
    > Thread ID: 6
    > Thread account name: SUNDOWN\ASPNET
    > Is impersonating: False
    > Stack trace: at System.RuntimeType.InvokeDispMethod(String
    > name,
    > BindingFlags invokeAttr, Object target, Object[] args, Boolean[]
    > byrefModifiers, Int32 culture, String[] namedParameters)
    > at System.RuntimeType.InvokeMember(String name, BindingFlags
    > bindingFlags, Binder binder, Object target, Object[] providedArgs,
    > ParameterModifier[] modifiers, CultureInfo culture, String[]
    > namedParams)
    > at System.Type.InvokeMember(String name, BindingFlags invokeAttr,
    > Binder
    > binder, Object target, Object[] args, CultureInfo culture)
    > at
    > System.Web.Security.AuthorizationStoreRoleProvider.CallMethod(Object
    > objectToCallOn, String methodName, Object[] args)
    > at System.Web.Security.AuthorizationStoreRoleProvider.InitApp()
    > at
    > System.Web.Security.AuthorizationStoreRoleProvider.GetRole(String
    > roleName)
    > at
    > System.Web.Security.AuthorizationStoreRoleProvider.RoleExists(String
    > roleName)
    > at System.Web.Security.Roles.RoleExists(String roleName)
    > at _Default.Page_Load(Object sender, EventArgs e)
    > at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp,
    > Object
    > o, Object t, EventArgs e)
    > at System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object
    > sender,
    > EventArgs e)
    > at System.Web.UI.Control.OnLoad(EventArgs e)
    > at System.Web.UI.Control.LoadRecursive()
    > at System.Web.UI.Page.ProcessRequestMain(Boolean
    > includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
    > The setup is SUNDOWN, running Windows2000, ASP 2.0
    >
    > ADAM setup on DELLSERVER running win2k3
    >
    > Any ideas?
    >
    > Regards,
    > Nick
    >> ---------------------------------------
    >> Dominick Baier - DevelopMentor
    >> http://www.leastprivilege.com
    >>> Hi,
    >>> I'm having problems with ASP.Net 2.0 web site connecting to AD
    >>> Application
    >>> Mode instance for role management. I have been following the example
    >>> shown
    >>> at
    >>> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnp
    >>> ag
    >>> 2/html/paght000018.asp .
    >>> Now, this works a treat when I run the web app within VS2005 , but,
    >>> the moment I publish this and run it via IIS on the local machine ,
    >>> i
    >>> get the following error:
    >>> Server Error in '/' Application.
    >>> --------------------------------------------------------------------
    >>> -- ------ ----
    >>>
    >>> Unable to update the password. The value provided as the current
    >>> password is
    >>> incorrect. (Exception from HRESULT: 0x8007052B)
    >>> Description: An unhandled exception occurred during the execution of
    >>> the
    >>> current web request. Please review the stack trace for more
    >>> information
    >>> about the error and where it originated in the code.
    >>> Exception Details: System.Runtime.InteropServices.COMException:
    >>> Unable
    >>> to update the password. The value provided as the current password
    >>> is
    >>> incorrect. (Exception from HRESULT: 0x8007052B)
    >>> Source Error:
    >>>
    >>> An unhandled exception was generated during the execution of the
    >>> current web request. Information regarding the origin and location
    >>> of the exception can be identified using the exception stack trace
    >>> below.
    >>>
    >>> Stack Trace:
    >>>
    >>> [COMException (0x8007052b): Unable to update the password. The value
    >>> provided as the current password is incorrect. (Exception from
    >>> HRESULT: 0x8007052B)]
    >>>
    >>> [TargetInvocationException: Exception has been thrown by the target
    >>> of
    >>> an
    >>> invocation.]
    >>> System.RuntimeType.InvokeDispMethod(String name, BindingFlags
    >>> invokeAttr,
    >>> Object target, Object[] args, Boolean[] byrefModifiers, Int32
    >>> culture,
    >>> String[] namedParameters) +0
    >>> System.RuntimeType.InvokeMember(String name, BindingFlags
    >>> bindingFlags,
    >>> Binder binder, Object target, Object[] providedArgs,
    >>> ParameterModifier[]
    >>> modifiers, CultureInfo culture, String[] namedParams) +2501232
    >>> System.Type.InvokeMember(String name, BindingFlags invokeAttr,
    >>> Binder
    >>> binder, Object target, Object[] args, CultureInfo culture) +31
    >>> System.Web.Security.AuthorizationStoreRoleProvider.CallMethod(Object
    >>> objectToCallOn, String methodName, Object[] args) +178
    >>> System.Web.Security.AuthorizationStoreRoleProvider.InitApp() +1489
    >>> System.Web.Security.AuthorizationStoreRoleProvider.GetRole(String
    >>> roleName) +13
    >>>
    >>> System.Web.Security.AuthorizationStoreRoleProvider.RoleExists(String
    >>> roleName) +154
    >>> System.Web.Security.Roles.RoleExists(String roleName) +242
    >>> _Default.Page_Load(Object sender, EventArgs e) +71
    >>> System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp,
    >>> Object o,
    >>> Object t, EventArgs e) +15
    >>> System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object
    >>> sender,
    >>> EventArgs e) +34
    >>> System.Web.UI.Control.OnLoad(EventArgs e) +99
    >>> System.Web.UI.Control.LoadRecursive() +47
    >>> System.Web.UI.Page.ProcessRequestMain(Boolean
    >>> includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
    >>> +1061
    >>> --------------------------------------------------------------------
    >>> --
    >>> ------ ----
    >>> Version Information: Microsoft .NET Framework Version:2.0.50727.42;
    >>> ASP.NET Version:2.0.50727.42
    >>>
    >>> OR the following when I publish to another machine:
    >>>
    >>> Server Error in '/' Application.
    >>> --------------------------------------------------------------------
    >>> -- ------ ----
    >>>
    >>> The system cannot find the file specified. (Exception from HRESULT:
    >>> 0x80070002)
    >>> Description: An unhandled exception occurred during the execution of
    >>> the
    >>> current web request. Please review the stack trace for more
    >>> information
    >>> about the error and where it originated in the code.
    >>> Exception Details: System.IO.FileNotFoundException: The system
    >>> cannot
    >>> find the file specified. (Exception from HRESULT: 0x80070002)
    >>> Source Error:
    >>>
    >>> An unhandled exception was generated during the execution of the
    >>> current web request. Information regarding the origin and location
    >>> of the exception can be identified using the exception stack trace
    >>> below.
    >>>
    >>> Stack Trace:
    >>>
    >>> [FileNotFoundException: The system cannot find the file specified.
    >>> (Exception from HRESULT: 0x80070002)]
    >>>
    >>> [TargetInvocationException: Exception has been thrown by the target
    >>> of
    >>> an
    >>> invocation.]
    >>> System.RuntimeType.InvokeDispMethod(String name, BindingFlags
    >>> invokeAttr,
    >>> Object target, Object[] args, Boolean[] byrefModifiers, Int32
    >>> culture,
    >>> String[] namedParameters) +0
    >>> System.RuntimeType.InvokeMember(String name, BindingFlags
    >>> bindingFlags,
    >>> Binder binder, Object target, Object[] providedArgs,
    >>> ParameterModifier[]
    >>> modifiers, CultureInfo culture, String[] namedParams) +2501504
    >>> System.Type.InvokeMember(String name, BindingFlags invokeAttr,
    >>> Binder
    >>> binder, Object target, Object[] args, CultureInfo culture) +31
    >>> System.Web.Security.AuthorizationStoreRoleProvider.CallMethod(Object
    >>> objectToCallOn, String methodName, Object[] args) +178
    >>> System.Web.Security.AuthorizationStoreRoleProvider.InitApp() +1489
    >>> System.Web.Security.AuthorizationStoreRoleProvider.GetRole(String
    >>> roleName) +13
    >>>
    >>> System.Web.Security.AuthorizationStoreRoleProvider.RoleExists(String
    >>> roleName) +154
    >>> System.Web.Security.Roles.RoleExists(String roleName) +242
    >>> _Default.Page_Load(Object sender, EventArgs e) +13
    >>> System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp,
    >>> Object o,
    >>> Object t, EventArgs e) +15
    >>> System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object
    >>> sender,
    >>> EventArgs e) +34
    >>> System.Web.UI.Control.OnLoad(EventArgs e) +99
    >>> System.Web.UI.Control.LoadRecursive() +47
    >>> System.Web.UI.Page.ProcessRequestMain(Boolean
    >>> includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
    >>> +1061
    >>> --------------------------------------------------------------------
    >>> --
    >>> ------ ----
    >>> Version Information: Microsoft .NET Framework Version:2.0.50727.42;
    >>> ASP.NET Version:2.0.50727.42
    >>>
    >>> There's obviously some sort of security problem here but I cant
    >>> figure
    >>> out
    >>> whereit is or how to fix it. In VS2005 I can even use the ASP.NET
    >>> Web
    >>> Site
    >>> Admin Tool to search the Role provider, create new roles etc.
    >>> I'm really stuck here. Can anyone help as I i've been going crazy
    >>> over
    >>> this
    >>> one!!!!
    >>> Thanks in advance.
    >>> Nick
     
    Dominick Baier [DevelopMentor], Dec 4, 2005
    #4
  5. Dominick,
    You're a star! Did a quick test changing the "identity" in web.config to
    administrator and the results came back correctly.
    Fantastic, thanks again!

    BTW, what are the implications of changing the "identity" for the web app?
    Should it be a "weak" account? Will I end up breaking something else if I
    change this? What should I watch out for by doing this?

    Nick

    "Dominick Baier [DevelopMentor]" <>
    wrote in message news:...
    > Hello Nick,
    >
    > your web app runs as ASPNET -
    >
    > the ASPNET account has no read access to the AzMan store ....
    >
    > you have to change the processModel to run ASP.NET under a specific

    account
    > - or set a fixed impersonation in web.config - you have to use some

    account
    > that you can assign read ACLs on the target machine.
    >
    > ---------------------------------------
    > Dominick Baier - DevelopMentor
    > http://www.leastprivilege.com
    >
    > > "Dominick Baier [DevelopMentor]"
    > > <> wrote in message
    > > news:...
    > >
    > >> Hello news.blueyonder.co.uk,
    > >>
    > >> under which account does your web app run - does this account have
    > >> access to ADAM?
    > >>

    > > The azMan setup on the other server allows NETWORK SERVICE to have
    > > administrator rights.
    > >
    > >> is the account in the "reader" role in AzMan?
    > >>

    > > This is the error from the application log:
    > >
    > > Event code: 3005
    > > Event message: An unhandled exception has occurred.
    > > Event time: 03/12/2005 16:27:39
    > > Event time (UTC): 03/12/2005 16:27:39
    > > Event ID: e25adabd18f84335bbda77653d8b71bf
    > > Event sequence: 9
    > > Event occurrence: 2
    > > Event detail code: 0
    > > Application information:
    > > Application domain: /LM/W3SVC/4/Root-12-127780996803758768
    > > Trust level: Full
    > > Application Virtual Path: /
    > > Application Path: E:\Published Sites\AzMan\SITE\
    > > Machine name: SUNDOWN
    > > Process information:
    > > Process ID: 1584
    > > Process name: aspnet_wp.exe
    > > Account name: SUNDOWN\ASPNET
    > > Exception information:
    > > Exception type: TargetInvocationException
    > > Exception message: Exception has been thrown by the target of an
    > > invocation.
    > > Request information:
    > > Request URL: http://localhost:83/Default.aspx
    > > Request path: /Default.aspx
    > > User host address: 127.0.0.1
    > > User: SCOSOLUTIONS\bssnxm
    > > Is authenticated: True
    > > Authentication Type: NTLM
    > > Thread account name: SUNDOWN\ASPNET
    > > Thread information:
    > > Thread ID: 6
    > > Thread account name: SUNDOWN\ASPNET
    > > Is impersonating: False
    > > Stack trace: at System.RuntimeType.InvokeDispMethod(String
    > > name,
    > > BindingFlags invokeAttr, Object target, Object[] args, Boolean[]
    > > byrefModifiers, Int32 culture, String[] namedParameters)
    > > at System.RuntimeType.InvokeMember(String name, BindingFlags
    > > bindingFlags, Binder binder, Object target, Object[] providedArgs,
    > > ParameterModifier[] modifiers, CultureInfo culture, String[]
    > > namedParams)
    > > at System.Type.InvokeMember(String name, BindingFlags invokeAttr,
    > > Binder
    > > binder, Object target, Object[] args, CultureInfo culture)
    > > at
    > > System.Web.Security.AuthorizationStoreRoleProvider.CallMethod(Object
    > > objectToCallOn, String methodName, Object[] args)
    > > at System.Web.Security.AuthorizationStoreRoleProvider.InitApp()
    > > at
    > > System.Web.Security.AuthorizationStoreRoleProvider.GetRole(String
    > > roleName)
    > > at
    > > System.Web.Security.AuthorizationStoreRoleProvider.RoleExists(String
    > > roleName)
    > > at System.Web.Security.Roles.RoleExists(String roleName)
    > > at _Default.Page_Load(Object sender, EventArgs e)
    > > at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp,
    > > Object
    > > o, Object t, EventArgs e)
    > > at System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object
    > > sender,
    > > EventArgs e)
    > > at System.Web.UI.Control.OnLoad(EventArgs e)
    > > at System.Web.UI.Control.LoadRecursive()
    > > at System.Web.UI.Page.ProcessRequestMain(Boolean
    > > includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
    > > The setup is SUNDOWN, running Windows2000, ASP 2.0
    > >
    > > ADAM setup on DELLSERVER running win2k3
    > >
    > > Any ideas?
    > >
    > > Regards,
    > > Nick
    > >> ---------------------------------------
    > >> Dominick Baier - DevelopMentor
    > >> http://www.leastprivilege.com
    > >>> Hi,
    > >>> I'm having problems with ASP.Net 2.0 web site connecting to AD
    > >>> Application
    > >>> Mode instance for role management. I have been following the example
    > >>> shown
    > >>> at
    > >>> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnp
    > >>> ag
    > >>> 2/html/paght000018.asp .
    > >>> Now, this works a treat when I run the web app within VS2005 , but,
    > >>> the moment I publish this and run it via IIS on the local machine ,
    > >>> i
    > >>> get the following error:
    > >>> Server Error in '/' Application.
    > >>> --------------------------------------------------------------------
    > >>> -- ------ ----
    > >>>
    > >>> Unable to update the password. The value provided as the current
    > >>> password is
    > >>> incorrect. (Exception from HRESULT: 0x8007052B)
    > >>> Description: An unhandled exception occurred during the execution of
    > >>> the
    > >>> current web request. Please review the stack trace for more
    > >>> information
    > >>> about the error and where it originated in the code.
    > >>> Exception Details: System.Runtime.InteropServices.COMException:
    > >>> Unable
    > >>> to update the password. The value provided as the current password
    > >>> is
    > >>> incorrect. (Exception from HRESULT: 0x8007052B)
    > >>> Source Error:
    > >>>
    > >>> An unhandled exception was generated during the execution of the
    > >>> current web request. Information regarding the origin and location
    > >>> of the exception can be identified using the exception stack trace
    > >>> below.
    > >>>
    > >>> Stack Trace:
    > >>>
    > >>> [COMException (0x8007052b): Unable to update the password. The value
    > >>> provided as the current password is incorrect. (Exception from
    > >>> HRESULT: 0x8007052B)]
    > >>>
    > >>> [TargetInvocationException: Exception has been thrown by the target
    > >>> of
    > >>> an
    > >>> invocation.]
    > >>> System.RuntimeType.InvokeDispMethod(String name, BindingFlags
    > >>> invokeAttr,
    > >>> Object target, Object[] args, Boolean[] byrefModifiers, Int32
    > >>> culture,
    > >>> String[] namedParameters) +0
    > >>> System.RuntimeType.InvokeMember(String name, BindingFlags
    > >>> bindingFlags,
    > >>> Binder binder, Object target, Object[] providedArgs,
    > >>> ParameterModifier[]
    > >>> modifiers, CultureInfo culture, String[] namedParams) +2501232
    > >>> System.Type.InvokeMember(String name, BindingFlags invokeAttr,
    > >>> Binder
    > >>> binder, Object target, Object[] args, CultureInfo culture) +31
    > >>> System.Web.Security.AuthorizationStoreRoleProvider.CallMethod(Object
    > >>> objectToCallOn, String methodName, Object[] args) +178
    > >>> System.Web.Security.AuthorizationStoreRoleProvider.InitApp() +1489
    > >>> System.Web.Security.AuthorizationStoreRoleProvider.GetRole(String
    > >>> roleName) +13
    > >>>
    > >>> System.Web.Security.AuthorizationStoreRoleProvider.RoleExists(String
    > >>> roleName) +154
    > >>> System.Web.Security.Roles.RoleExists(String roleName) +242
    > >>> _Default.Page_Load(Object sender, EventArgs e) +71
    > >>> System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp,
    > >>> Object o,
    > >>> Object t, EventArgs e) +15
    > >>> System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object
    > >>> sender,
    > >>> EventArgs e) +34
    > >>> System.Web.UI.Control.OnLoad(EventArgs e) +99
    > >>> System.Web.UI.Control.LoadRecursive() +47
    > >>> System.Web.UI.Page.ProcessRequestMain(Boolean
    > >>> includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
    > >>> +1061
    > >>> --------------------------------------------------------------------
    > >>> --
    > >>> ------ ----
    > >>> Version Information: Microsoft .NET Framework Version:2.0.50727.42;
    > >>> ASP.NET Version:2.0.50727.42
    > >>>
    > >>> OR the following when I publish to another machine:
    > >>>
    > >>> Server Error in '/' Application.
    > >>> --------------------------------------------------------------------
    > >>> -- ------ ----
    > >>>
    > >>> The system cannot find the file specified. (Exception from HRESULT:
    > >>> 0x80070002)
    > >>> Description: An unhandled exception occurred during the execution of
    > >>> the
    > >>> current web request. Please review the stack trace for more
    > >>> information
    > >>> about the error and where it originated in the code.
    > >>> Exception Details: System.IO.FileNotFoundException: The system
    > >>> cannot
    > >>> find the file specified. (Exception from HRESULT: 0x80070002)
    > >>> Source Error:
    > >>>
    > >>> An unhandled exception was generated during the execution of the
    > >>> current web request. Information regarding the origin and location
    > >>> of the exception can be identified using the exception stack trace
    > >>> below.
    > >>>
    > >>> Stack Trace:
    > >>>
    > >>> [FileNotFoundException: The system cannot find the file specified.
    > >>> (Exception from HRESULT: 0x80070002)]
    > >>>
    > >>> [TargetInvocationException: Exception has been thrown by the target
    > >>> of
    > >>> an
    > >>> invocation.]
    > >>> System.RuntimeType.InvokeDispMethod(String name, BindingFlags
    > >>> invokeAttr,
    > >>> Object target, Object[] args, Boolean[] byrefModifiers, Int32
    > >>> culture,
    > >>> String[] namedParameters) +0
    > >>> System.RuntimeType.InvokeMember(String name, BindingFlags
    > >>> bindingFlags,
    > >>> Binder binder, Object target, Object[] providedArgs,
    > >>> ParameterModifier[]
    > >>> modifiers, CultureInfo culture, String[] namedParams) +2501504
    > >>> System.Type.InvokeMember(String name, BindingFlags invokeAttr,
    > >>> Binder
    > >>> binder, Object target, Object[] args, CultureInfo culture) +31
    > >>> System.Web.Security.AuthorizationStoreRoleProvider.CallMethod(Object
    > >>> objectToCallOn, String methodName, Object[] args) +178
    > >>> System.Web.Security.AuthorizationStoreRoleProvider.InitApp() +1489
    > >>> System.Web.Security.AuthorizationStoreRoleProvider.GetRole(String
    > >>> roleName) +13
    > >>>
    > >>> System.Web.Security.AuthorizationStoreRoleProvider.RoleExists(String
    > >>> roleName) +154
    > >>> System.Web.Security.Roles.RoleExists(String roleName) +242
    > >>> _Default.Page_Load(Object sender, EventArgs e) +13
    > >>> System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp,
    > >>> Object o,
    > >>> Object t, EventArgs e) +15
    > >>> System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object
    > >>> sender,
    > >>> EventArgs e) +34
    > >>> System.Web.UI.Control.OnLoad(EventArgs e) +99
    > >>> System.Web.UI.Control.LoadRecursive() +47
    > >>> System.Web.UI.Page.ProcessRequestMain(Boolean
    > >>> includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
    > >>> +1061
    > >>> --------------------------------------------------------------------
    > >>> --
    > >>> ------ ----
    > >>> Version Information: Microsoft .NET Framework Version:2.0.50727.42;
    > >>> ASP.NET Version:2.0.50727.42
    > >>>
    > >>> There's obviously some sort of security problem here but I cant
    > >>> figure
    > >>> out
    > >>> whereit is or how to fix it. In VS2005 I can even use the ASP.NET
    > >>> Web
    > >>> Site
    > >>> Admin Tool to search the Role provider, create new roles etc.
    > >>> I'm really stuck here. Can anyone help as I i've been going crazy
    > >>> over
    > >>> this
    > >>> one!!!!
    > >>> Thanks in advance.
    > >>> Nick

    >
    >
     
    Nick McCulloch, Dec 4, 2005
    #5
  6. Hello Nick,

    did you change the processModel oder <identity impersonate=..." />

    ??

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Dominick,
    > You're a star! Did a quick test changing the "identity" in web.config
    > to
    > administrator and the results came back correctly.
    > Fantastic, thanks again!
    > BTW, what are the implications of changing the "identity" for the web
    > app? Should it be a "weak" account? Will I end up breaking something
    > else if I change this? What should I watch out for by doing this?
    >
    > Nick
    >
    > "Dominick Baier [DevelopMentor]"
    > <> wrote in message
    > news:...
    >
    >> Hello Nick,
    >>
    >> your web app runs as ASPNET -
    >>
    >> the ASPNET account has no read access to the AzMan store ....
    >>
    >> you have to change the processModel to run ASP.NET under a specific
    >>

    > account
    >
    >> - or set a fixed impersonation in web.config - you have to use some
    >>

    > account
    >
    >> that you can assign read ACLs on the target machine.
    >>
    >> ---------------------------------------
    >> Dominick Baier - DevelopMentor
    >> http://www.leastprivilege.com
    >>> "Dominick Baier [DevelopMentor]"
    >>> <> wrote in message
    >>> news:...
    >>>
    >>>> Hello news.blueyonder.co.uk,
    >>>>
    >>>> under which account does your web app run - does this account have
    >>>> access to ADAM?
    >>>>
    >>> The azMan setup on the other server allows NETWORK SERVICE to have
    >>> administrator rights.
    >>>
    >>>> is the account in the "reader" role in AzMan?
    >>>>
    >>> This is the error from the application log:
    >>>
    >>> Event code: 3005
    >>> Event message: An unhandled exception has occurred.
    >>> Event time: 03/12/2005 16:27:39
    >>> Event time (UTC): 03/12/2005 16:27:39
    >>> Event ID: e25adabd18f84335bbda77653d8b71bf
    >>> Event sequence: 9
    >>> Event occurrence: 2
    >>> Event detail code: 0
    >>> Application information:
    >>> Application domain: /LM/W3SVC/4/Root-12-127780996803758768
    >>> Trust level: Full
    >>> Application Virtual Path: /
    >>> Application Path: E:\Published Sites\AzMan\SITE\
    >>> Machine name: SUNDOWN
    >>> Process information:
    >>> Process ID: 1584
    >>> Process name: aspnet_wp.exe
    >>> Account name: SUNDOWN\ASPNET
    >>> Exception information:
    >>> Exception type: TargetInvocationException
    >>> Exception message: Exception has been thrown by the target of an
    >>> invocation.
    >>> Request information:
    >>> Request URL: http://localhost:83/Default.aspx
    >>> Request path: /Default.aspx
    >>> User host address: 127.0.0.1
    >>> User: SCOSOLUTIONS\bssnxm
    >>> Is authenticated: True
    >>> Authentication Type: NTLM
    >>> Thread account name: SUNDOWN\ASPNET
    >>> Thread information:
    >>> Thread ID: 6
    >>> Thread account name: SUNDOWN\ASPNET
    >>> Is impersonating: False
    >>> Stack trace: at System.RuntimeType.InvokeDispMethod(String
    >>> name,
    >>> BindingFlags invokeAttr, Object target, Object[] args, Boolean[]
    >>> byrefModifiers, Int32 culture, String[] namedParameters)
    >>> at System.RuntimeType.InvokeMember(String name, BindingFlags
    >>> bindingFlags, Binder binder, Object target, Object[] providedArgs,
    >>> ParameterModifier[] modifiers, CultureInfo culture, String[]
    >>> namedParams)
    >>> at System.Type.InvokeMember(String name, BindingFlags invokeAttr,
    >>> Binder
    >>> binder, Object target, Object[] args, CultureInfo culture)
    >>> at
    >>> System.Web.Security.AuthorizationStoreRoleProvider.CallMethod(Object
    >>> objectToCallOn, String methodName, Object[] args)
    >>> at System.Web.Security.AuthorizationStoreRoleProvider.InitApp()
    >>> at
    >>> System.Web.Security.AuthorizationStoreRoleProvider.GetRole(String
    >>> roleName)
    >>> at
    >>> System.Web.Security.AuthorizationStoreRoleProvider.RoleExists(String
    >>> roleName)
    >>> at System.Web.Security.Roles.RoleExists(String roleName)
    >>> at _Default.Page_Load(Object sender, EventArgs e)
    >>> at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp,
    >>> Object
    >>> o, Object t, EventArgs e)
    >>> at System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object
    >>> sender,
    >>> EventArgs e)
    >>> at System.Web.UI.Control.OnLoad(EventArgs e)
    >>> at System.Web.UI.Control.LoadRecursive()
    >>> at System.Web.UI.Page.ProcessRequestMain(Boolean
    >>> includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
    >>> The setup is SUNDOWN, running Windows2000, ASP 2.0
    >>> ADAM setup on DELLSERVER running win2k3
    >>>
    >>> Any ideas?
    >>>
    >>> Regards,
    >>> Nick
    >>>> ---------------------------------------
    >>>> Dominick Baier - DevelopMentor
    >>>> http://www.leastprivilege.com
    >>>>> Hi,
    >>>>> I'm having problems with ASP.Net 2.0 web site connecting to AD
    >>>>> Application
    >>>>> Mode instance for role management. I have been following the
    >>>>> example
    >>>>> shown
    >>>>> at
    >>>>> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/d
    >>>>> np
    >>>>> ag
    >>>>> 2/html/paght000018.asp .
    >>>>> Now, this works a treat when I run the web app within VS2005 ,
    >>>>> but,
    >>>>> the moment I publish this and run it via IIS on the local machine
    >>>>> ,
    >>>>> i
    >>>>> get the following error:
    >>>>> Server Error in '/' Application.
    >>>>> ------------------------------------------------------------------
    >>>>> --
    >>>>> -- ------ ----
    >>>>> Unable to update the password. The value provided as the current
    >>>>> password is
    >>>>> incorrect. (Exception from HRESULT: 0x8007052B)
    >>>>> Description: An unhandled exception occurred during the execution
    >>>>> of
    >>>>> the
    >>>>> current web request. Please review the stack trace for more
    >>>>> information
    >>>>> about the error and where it originated in the code.
    >>>>> Exception Details: System.Runtime.InteropServices.COMException:
    >>>>> Unable
    >>>>> to update the password. The value provided as the current password
    >>>>> is
    >>>>> incorrect. (Exception from HRESULT: 0x8007052B)
    >>>>> Source Error:
    >>>>> An unhandled exception was generated during the execution of the
    >>>>> current web request. Information regarding the origin and location
    >>>>> of the exception can be identified using the exception stack trace
    >>>>> below.
    >>>>>
    >>>>> Stack Trace:
    >>>>>
    >>>>> [COMException (0x8007052b): Unable to update the password. The
    >>>>> value provided as the current password is incorrect. (Exception
    >>>>> from HRESULT: 0x8007052B)]
    >>>>>
    >>>>> [TargetInvocationException: Exception has been thrown by the
    >>>>> target
    >>>>> of
    >>>>> an
    >>>>> invocation.]
    >>>>> System.RuntimeType.InvokeDispMethod(String name, BindingFlags
    >>>>> invokeAttr,
    >>>>> Object target, Object[] args, Boolean[] byrefModifiers, Int32
    >>>>> culture,
    >>>>> String[] namedParameters) +0
    >>>>> System.RuntimeType.InvokeMember(String name, BindingFlags
    >>>>> bindingFlags,
    >>>>> Binder binder, Object target, Object[] providedArgs,
    >>>>> ParameterModifier[]
    >>>>> modifiers, CultureInfo culture, String[] namedParams) +2501232
    >>>>> System.Type.InvokeMember(String name, BindingFlags invokeAttr,
    >>>>> Binder
    >>>>> binder, Object target, Object[] args, CultureInfo culture) +31
    >>>>> System.Web.Security.AuthorizationStoreRoleProvider.CallMethod(Obje
    >>>>> ct
    >>>>> objectToCallOn, String methodName, Object[] args) +178
    >>>>> System.Web.Security.AuthorizationStoreRoleProvider.InitApp() +1489
    >>>>> System.Web.Security.AuthorizationStoreRoleProvider.GetRole(String
    >>>>> roleName) +13
    >>>>> System.Web.Security.AuthorizationStoreRoleProvider.RoleExists(Stri
    >>>>> ng
    >>>>> roleName) +154
    >>>>> System.Web.Security.Roles.RoleExists(String roleName) +242
    >>>>> _Default.Page_Load(Object sender, EventArgs e) +71
    >>>>> System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp,
    >>>>> Object o,
    >>>>> Object t, EventArgs e) +15
    >>>>> System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object
    >>>>> sender,
    >>>>> EventArgs e) +34
    >>>>> System.Web.UI.Control.OnLoad(EventArgs e) +99
    >>>>> System.Web.UI.Control.LoadRecursive() +47
    >>>>> System.Web.UI.Page.ProcessRequestMain(Boolean
    >>>>> includeStagesBeforeAsyncPoint, Boolean
    >>>>> includeStagesAfterAsyncPoint)
    >>>>> +1061
    >>>>> ------------------------------------------------------------------
    >>>>> --
    >>>>> --
    >>>>> ------ ----
    >>>>> Version Information: Microsoft .NET Framework
    >>>>> Version:2.0.50727.42;
    >>>>> ASP.NET Version:2.0.50727.42
    >>>>> OR the following when I publish to another machine:
    >>>>>
    >>>>> Server Error in '/' Application.
    >>>>> ------------------------------------------------------------------
    >>>>> -- -- ------ ----
    >>>>>
    >>>>> The system cannot find the file specified. (Exception from
    >>>>> HRESULT:
    >>>>> 0x80070002)
    >>>>> Description: An unhandled exception occurred during the execution
    >>>>> of
    >>>>> the
    >>>>> current web request. Please review the stack trace for more
    >>>>> information
    >>>>> about the error and where it originated in the code.
    >>>>> Exception Details: System.IO.FileNotFoundException: The system
    >>>>> cannot
    >>>>> find the file specified. (Exception from HRESULT: 0x80070002)
    >>>>> Source Error:
    >>>>> An unhandled exception was generated during the execution of the
    >>>>> current web request. Information regarding the origin and location
    >>>>> of the exception can be identified using the exception stack trace
    >>>>> below.
    >>>>>
    >>>>> Stack Trace:
    >>>>>
    >>>>> [FileNotFoundException: The system cannot find the file specified.
    >>>>> (Exception from HRESULT: 0x80070002)]
    >>>>>
    >>>>> [TargetInvocationException: Exception has been thrown by the
    >>>>> target
    >>>>> of
    >>>>> an
    >>>>> invocation.]
    >>>>> System.RuntimeType.InvokeDispMethod(String name, BindingFlags
    >>>>> invokeAttr,
    >>>>> Object target, Object[] args, Boolean[] byrefModifiers, Int32
    >>>>> culture,
    >>>>> String[] namedParameters) +0
    >>>>> System.RuntimeType.InvokeMember(String name, BindingFlags
    >>>>> bindingFlags,
    >>>>> Binder binder, Object target, Object[] providedArgs,
    >>>>> ParameterModifier[]
    >>>>> modifiers, CultureInfo culture, String[] namedParams) +2501504
    >>>>> System.Type.InvokeMember(String name, BindingFlags invokeAttr,
    >>>>> Binder
    >>>>> binder, Object target, Object[] args, CultureInfo culture) +31
    >>>>> System.Web.Security.AuthorizationStoreRoleProvider.CallMethod(Obje
    >>>>> ct
    >>>>> objectToCallOn, String methodName, Object[] args) +178
    >>>>> System.Web.Security.AuthorizationStoreRoleProvider.InitApp() +1489
    >>>>> System.Web.Security.AuthorizationStoreRoleProvider.GetRole(String
    >>>>> roleName) +13
    >>>>> System.Web.Security.AuthorizationStoreRoleProvider.RoleExists(Stri
    >>>>> ng
    >>>>> roleName) +154
    >>>>> System.Web.Security.Roles.RoleExists(String roleName) +242
    >>>>> _Default.Page_Load(Object sender, EventArgs e) +13
    >>>>> System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp,
    >>>>> Object o,
    >>>>> Object t, EventArgs e) +15
    >>>>> System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object
    >>>>> sender,
    >>>>> EventArgs e) +34
    >>>>> System.Web.UI.Control.OnLoad(EventArgs e) +99
    >>>>> System.Web.UI.Control.LoadRecursive() +47
    >>>>> System.Web.UI.Page.ProcessRequestMain(Boolean
    >>>>> includeStagesBeforeAsyncPoint, Boolean
    >>>>> includeStagesAfterAsyncPoint)
    >>>>> +1061
    >>>>> ------------------------------------------------------------------
    >>>>> --
    >>>>> --
    >>>>> ------ ----
    >>>>> Version Information: Microsoft .NET Framework
    >>>>> Version:2.0.50727.42;
    >>>>> ASP.NET Version:2.0.50727.42
    >>>>> There's obviously some sort of security problem here but I cant
    >>>>> figure
    >>>>> out
    >>>>> whereit is or how to fix it. In VS2005 I can even use the ASP.NET
    >>>>> Web
    >>>>> Site
    >>>>> Admin Tool to search the Role provider, create new roles etc.
    >>>>> I'm really stuck here. Can anyone help as I i've been going crazy
    >>>>> over
    >>>>> this
    >>>>> one!!!!
    >>>>> Thanks in advance.
    >>>>> Nick
     
    Dominick Baier [DevelopMentor], Dec 4, 2005
    #6
  7. "Dominick Baier [DevelopMentor]" <>
    wrote in message news:...
    > Hello Nick,
    >
    > did you change the processModel oder <identity impersonate=..." />
    >
    > ??


    web.config quick test has following

    <identity impersonate="true" userName="scosolutions\administrator"
    password="xxxxxx" />

    BUT, I'm sure I dont want to use the Administrator level for this!!!
    Is that where you were expecting the modification? I don't want to change
    machine.config as that would impact all sites on the server.

    Nick
     
    Nick McCulloch, Dec 4, 2005
    #7
  8. Hello Nick,

    this means that the request is executed with the specified credentials. You
    should not go for administrator :)

    Choose a normal user account - and give this account read access to the AzMan
    store..

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > "Dominick Baier [DevelopMentor]"
    > <> wrote in message
    > news:...
    >
    >> Hello Nick,
    >>
    >> did you change the processModel oder <identity impersonate=..." />
    >>
    >> ??
    >>

    > web.config quick test has following
    >
    > <identity impersonate="true" userName="scosolutions\administrator"
    > password="xxxxxx" />
    > BUT, I'm sure I dont want to use the Administrator level for this!!!
    > Is that where you were expecting the modification? I don't want to
    > change
    > machine.config as that would impact all sites on the server.
    > Nick
    >
     
    Dominick Baier [DevelopMentor], Dec 4, 2005
    #8
  9. Thanks Dominick. Your help is much appreciated!
    Nick

    "Dominick Baier [DevelopMentor]" <>
    wrote in message news:...
    > Hello Nick,
    >
    > this means that the request is executed with the specified credentials.

    You
    > should not go for administrator :)
    >
    > Choose a normal user account - and give this account read access to the

    AzMan
    > store..
    >
    > ---------------------------------------
    > Dominick Baier - DevelopMentor
    > http://www.leastprivilege.com
    >
    > > "Dominick Baier [DevelopMentor]"
    > > <> wrote in message
    > > news:...
    > >
    > >> Hello Nick,
    > >>
    > >> did you change the processModel oder <identity impersonate=..." />
    > >>
    > >> ??
    > >>

    > > web.config quick test has following
    > >
    > > <identity impersonate="true" userName="scosolutions\administrator"
    > > password="xxxxxx" />
    > > BUT, I'm sure I dont want to use the Administrator level for this!!!
    > > Is that where you were expecting the modification? I don't want to
    > > change
    > > machine.config as that would impact all sites on the server.
    > > Nick
    > >

    >
    >
     
    Nick McCulloch, Dec 4, 2005
    #9
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Michael Herman \(Parallelspace\)

    ASP.NET 2.0, MS AD/ADAM and Authorization Manager (AzMan)

    Michael Herman \(Parallelspace\), Jul 6, 2005, in forum: ASP .Net
    Replies:
    1
    Views:
    911
    Michael Herman \(Parallelspace\)
    Jul 9, 2005
  2. =?Utf-8?B?SmFtZXMgQ29sZW1hbg==?=

    ADAM and AzMan with ASP.NET 2.0

    =?Utf-8?B?SmFtZXMgQ29sZW1hbg==?=, Feb 24, 2006, in forum: ASP .Net
    Replies:
    0
    Views:
    612
    =?Utf-8?B?SmFtZXMgQ29sZW1hbg==?=
    Feb 24, 2006
  3. =?Utf-8?B?c2hpa2FyaXNoYW1idQ==?=

    ASP.NET - SEcurity Configuration with ADAM error

    =?Utf-8?B?c2hpa2FyaXNoYW1idQ==?=, Mar 31, 2006, in forum: ASP .Net
    Replies:
    0
    Views:
    524
    =?Utf-8?B?c2hpa2FyaXNoYW1idQ==?=
    Mar 31, 2006
  4. James Coleman

    ADAM & AzMan with ASP.NET 2.0

    James Coleman, Feb 25, 2006, in forum: ASP .Net Security
    Replies:
    1
    Views:
    163
    DeadOnArrival
    Mar 8, 2006
  5. Replies:
    0
    Views:
    196
Loading...

Share This Page