Impersonate + AD

Discussion in 'ASP .Net Security' started by Alberto Ortega, Mar 2, 2005.

  1. Hi, I've got a difficult situation...
    Is a website that runs on IIS with Anonymous Authentication, the tag
    <identity impersonate="false"> on the Web.config file. So the thread is
    executed by user "NT AUTHORITY".
    So when I use AD API ( FindOne() ) it works well.
    The point is that when I impersonate that user by code (that works well too)
    when I execute that function from the AD API it returns an error:

    {"Operation Error" } [System.Runtime.InteropServices.COMException]:
    {System.Runtime.InteropServices.COMException} System.Object:
    {System.Runtime.InteropServices.COMException} _className: null
    _COMPlusExceptionCode: -532459699 _exceptionMethod:
    {System.Reflection.RuntimeMethodInfo} _exceptionMethodString: null _helpURL:
    null _HResult: -2147016672 _innerException: { } _message: "Operation Error"
    _remoteStackIndex: 0 _remoteStackTraceString: null _source:
    "System.DirectoryServices" _stackTrace: {System.Array} _stackTraceString: "
    at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)\r\n at
    System.DirectoryServices.DirectoryEntry.Bind()\r\n at
    System.DirectoryServices.DirectoryEntry.get_AdsObject()\r\n at
    System.DirectoryServices.DirectorySearcher.FindAll(Boolean
    findMoreThanOne)\r\n at
    System.DirectoryServices.DirectorySearcher.FindOne()\r\n at
    Banelco.CSB.DNN.Providers.ActiveDirectory.LdapAuthentication.GetUser(String
    username)" _xcode: -532459699 _xptrs: 0 HelpLink: null HResul


    Thanks

    Alberto Ortega
     
    Alberto Ortega, Mar 2, 2005
    #1
    1. Advertising

  2. Alberto Ortega

    mpes Guest

    I could have had a similar problem, try to check:
    http://support.microsoft.com/default.aspx?scid=kb;en-us;329986

    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sds/sds/tro
    ubleshooting_authentication_problems_on_asp_pages.asp?frame=true

    Martin



    "Alberto Ortega" <> wrote in message
    news:#...
    > Hi, I've got a difficult situation...
    > Is a website that runs on IIS with Anonymous Authentication, the tag
    > <identity impersonate="false"> on the Web.config file. So the thread is
    > executed by user "NT AUTHORITY".
    > So when I use AD API ( FindOne() ) it works well.
    > The point is that when I impersonate that user by code (that works well

    too)
    > when I execute that function from the AD API it returns an error:
    >
    > {"Operation Error" } [System.Runtime.InteropServices.COMException]:
    > {System.Runtime.InteropServices.COMException} System.Object:
    > {System.Runtime.InteropServices.COMException} _className: null
    > _COMPlusExceptionCode: -532459699 _exceptionMethod:
    > {System.Reflection.RuntimeMethodInfo} _exceptionMethodString: null

    _helpURL:
    > null _HResult: -2147016672 _innerException: { } _message: "Operation

    Error"
    > _remoteStackIndex: 0 _remoteStackTraceString: null _source:
    > "System.DirectoryServices" _stackTrace: {System.Array} _stackTraceString:

    "
    > at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)\r\n

    at
    > System.DirectoryServices.DirectoryEntry.Bind()\r\n at
    > System.DirectoryServices.DirectoryEntry.get_AdsObject()\r\n at
    > System.DirectoryServices.DirectorySearcher.FindAll(Boolean
    > findMoreThanOne)\r\n at
    > System.DirectoryServices.DirectorySearcher.FindOne()\r\n at
    >

    Banelco.CSB.DNN.Providers.ActiveDirectory.LdapAuthentication.GetUser(String
    > username)" _xcode: -532459699 _xptrs: 0 HelpLink: null HResul
    >
    >
    > Thanks
    >
    > Alberto Ortega
    >
    >
     
    mpes, Mar 10, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Christian Binder

    <identity impersonate> and NETWORK ACCESS DB-HELP

    Christian Binder, Jul 25, 2003, in forum: ASP .Net
    Replies:
    0
    Views:
    463
    Christian Binder
    Jul 25, 2003
  2. William F. Robertson, Jr.

    identity impersonate for web applications

    William F. Robertson, Jr., Aug 29, 2003, in forum: ASP .Net
    Replies:
    0
    Views:
    426
    William F. Robertson, Jr.
    Aug 29, 2003
  3. Peter O'Reilly
    Replies:
    2
    Views:
    10,932
    Peter O'Reilly
    Nov 3, 2003
  4. Kathy Burke
    Replies:
    3
    Views:
    2,686
    Kathy Burke
    Dec 22, 2003
  5. Bill Belliveau

    DirectoryEntry Impersonate or WindowsIdentity Impersonate?

    Bill Belliveau, Jan 28, 2004, in forum: ASP .Net Security
    Replies:
    3
    Views:
    371
    Joe Kaplan \(MVP - ADSI\)
    Jan 31, 2004
Loading...

Share This Page