G
Guest
Hi Joe and All
Here are the lines of code I have tried, but seems like authentication was
not successful, as it returned just the sn whether or not (nName, pwd,
AuthenticationType.Secure) was specified. When I tried the same credentials
with ldp.exe and I was able to get the attributes I wanted.
By the way, for my application setting, I have not turned on impersonation
yet, but I assume this should not make any difference as credential was
specified when doing the bind, right? Did I do anything wrong in binding?
Any idea?
TIA
String uName = "cn=Administrator, cn=Users, dc=domain, dc=com";
String pwd = "admpwd";
String searchPath = "ldap://ou=myou, dc=domain, dc=com";
//Bind to the server and authenticate
DirectoryEntry entry = new DirectoryEntry(searchPath, uName,
pwd, AuthenticationTypes.Secure);
//DirectoryEntry entry = new DirectoryEntry(searchPath);
Object native = entry.NativeObject;
//do a DirectorySearch
DirectorySearcher mySearcher = new DirectorySearcher(entry);
mySearcher.PropertiesToLoad.Add("sn");
mySearcher.PropertiesToLoad.Add("givenName");
mySearcher.PropertiesToLoad.Add("telephoneNumber");
mySearcher.Filter = "(objectClass=user)";
SearchResultCollection resEntAll = mySearcher.FindAll();
--
Here are the lines of code I have tried, but seems like authentication was
not successful, as it returned just the sn whether or not (nName, pwd,
AuthenticationType.Secure) was specified. When I tried the same credentials
with ldp.exe and I was able to get the attributes I wanted.
By the way, for my application setting, I have not turned on impersonation
yet, but I assume this should not make any difference as credential was
specified when doing the bind, right? Did I do anything wrong in binding?
Any idea?
TIA
String uName = "cn=Administrator, cn=Users, dc=domain, dc=com";
String pwd = "admpwd";
String searchPath = "ldap://ou=myou, dc=domain, dc=com";
//Bind to the server and authenticate
DirectoryEntry entry = new DirectoryEntry(searchPath, uName,
pwd, AuthenticationTypes.Secure);
//DirectoryEntry entry = new DirectoryEntry(searchPath);
Object native = entry.NativeObject;
//do a DirectorySearch
DirectorySearcher mySearcher = new DirectorySearcher(entry);
mySearcher.PropertiesToLoad.Add("sn");
mySearcher.PropertiesToLoad.Add("givenName");
mySearcher.PropertiesToLoad.Add("telephoneNumber");
mySearcher.Filter = "(objectClass=user)";
SearchResultCollection resEntAll = mySearcher.FindAll();
Joe Kaplan (MVP - ADSI) said:I'm not sure of any good articles or books (yet). MS has an article for
forms auth with AD that I rarely recommend to people because I think it is
pretty flawed, but you can look at it.
http://support.microsoft.com/default.aspx?scid=kb;en-us;326340
The next thing I'd try is using a utility to ldp.exe to try your searches
there and see if you get similar results. Sometimes it is helpful to get
the extra layers out of the way and test things in a UI.
You might also try the contains method to verify whether the
SearchResult.Properties has the attributes you want.
Joe K.
Hi Joe
I just tried passing in the credentials with DirectoryEntry(strpath,
uName,
pwd, AuthenticationTypes.Secure) but it is still giving me the last name
only!
I guess I might have to revisit my whole dev setup for forms
authentication.
Is there a place / book I can look into about forms authentication with AD
in ASP.NET? I thing I need to workout a checklist in each area.
TIA
in message news:[email protected]...codeThe directoryentry used for the searchroot object determines the security
context that the search is performed with. It is possible that you are
authenticating anonymously, and thus can't see many properties. You can
verify this by passing in credentials to the DirectoryEntry before executing
the search and seeing if you get different results. If so, that was the
problem.
If that is the problem, there are other ways to solve it than using a
hard-coded service account, but it is the easiest way to verify the
issue.
Joe K.
<dl> wrote in message I did tried to throw in the PropertiesToLoad lines; one for each
property
that I was going to get. But that didn't make any difference.
Interesting
enough the account I am using (to login via login.aspx) to list this
directory is the same as the one I used to create the entries and the OU.
Do I need to pass on the credential (somewhere) to this page ? or do I
need
to bind with the credential?
TIA
Here is my code before the foreach statements ..
String strPath = "LDAP://ou=" + txtOUName.Text +
",dc=domain,dc=com";
//Bind to the OU
DirectoryEntry myEnt = new DirectoryEntry(strPath);
//do a DirectorySearch
DirectorySearcher mySearcher = new DirectorySearcher(myEnt);
mySearcher.PropertiesToLoad.Add("sn");
mySearcher.PropertiesToLoad.Add("givenName");
mySearcher.PropertiesToLoad.Add("telephoneNumber");
mySearcher.Filter = "(objectClass=user)";
SearchResultCollection resEntAll = mySearcher.FindAll();
in message What did you put in to PropertiesToLoad? Also, it is possible that
the
security context you bound with only has rights to see a subset of the
properties you requested.
Those are my two best guesses given what you've told us.
Joe K.
<dl> wrote in message Hi
I have the following lines of code that are suppose to list some
selected
properties of all the object entries in a SearchResult but the
isonly
listing one property ie. the 'sn' and the corresponding value for
all
the
entries, do you have a clue why?
TIA
----------------------
foreach (SearchResult resEnt in resEntAll)
{
i++;
dr = dt.NewRow();
foreach (string propKy in
resEnt.Properties.PropertyNames)
{
switch (propKy)
{
case "sn":
y = 0;
break;
case "givenName":
y = 1;
break;
case "telephoneNumber":
y = 2;
break;
default:
y = 3;
break;
}
if (y < 3)
{
ResultPropertyValueCollection valco =
resEnt.Properties[propKy];
foreach (Object prop in valco)
{
dr[y] = prop.ToString();
}
}
}
dt.Rows.Add(dr);
}
--