S
Steve P
We're running an ASP page (the stock page that comes with IIS for password
changing with some minor tweaks) which makes some ADSI calls - note: it
connects to the Active Directory a few times.
We are having trouble connecting to the Active Directory with these calls
(especially in a multiple NT Domain scenario - I.e. user ID's are in a
different domain that the web servers).
My question: How can we find out which identity is being used to make those
Active Directory calls from the ASP page?
We're having some confusion since there are a number of identities:
1. The configured identity for the virtual directory in IIS
2. The configured identity for the COM+ app space which maps to our virtual
dir.
3. The logged in user (to the desktop).
4. Other?
Can someone please tell me how to figure out which identity is being used to
connect to the AD?
Also, does anyone have experience with these Microsoft change password
pages? The pages don't see to work at all when the user IDs & the web
servers are in different (peer/trusted) NT Domains.
An interesting note: If we hardcode a particular identity into the actual
ADSI calls, we can get these AD connections to work. But we need a solution
without hardcoding plaintext passwords
. We need a solution where we can
just configure IIS, or COM+, or somewhere else with a good identity that has
permissions to make the connection - we're just not sure where to configure
this.
TIA.
--Steve P
changing with some minor tweaks) which makes some ADSI calls - note: it
connects to the Active Directory a few times.
We are having trouble connecting to the Active Directory with these calls
(especially in a multiple NT Domain scenario - I.e. user ID's are in a
different domain that the web servers).
My question: How can we find out which identity is being used to make those
Active Directory calls from the ASP page?
We're having some confusion since there are a number of identities:
1. The configured identity for the virtual directory in IIS
2. The configured identity for the COM+ app space which maps to our virtual
dir.
3. The logged in user (to the desktop).
4. Other?
Can someone please tell me how to figure out which identity is being used to
connect to the AD?
Also, does anyone have experience with these Microsoft change password
pages? The pages don't see to work at all when the user IDs & the web
servers are in different (peer/trusted) NT Domains.
An interesting note: If we hardcode a particular identity into the actual
ADSI calls, we can get these AD connections to work. But we need a solution
without hardcoding plaintext passwords
. We need a solution where we canjust configure IIS, or COM+, or somewhere else with a good identity that has
permissions to make the connection - we're just not sure where to configure
this.
TIA.
--Steve P