J
johnny
Hello, I got this weird problem. I have an intranet application that needs to
communicate with Active directory. Authentication to Web application is done
by means of active directory accounts.
Now I have this code:
DirectoryEntry objDomain = new DirectoryEntry("LDAP://rootDse");
string domain = objDomain.Properties["defaultNamingContext"].Value.ToString();
DirectorySearcher ds = new DirectorySearcher();
ds.SearchRoot = new DirectoryEntry(string.Format("LDAP://{0}",domain));
ds.Filter = "(&(objectClass=group)(sAMAccountName=group_name))";
ds.SearchScope = SearchScope.Subtree;
SearchResult res = ds.FindOne();
When I run the application from any computer and authenticate as a user with
domain administrator privilige, everything works fine. When I authenticate as
a normal user application fail at line
SearchResult res = ds.FindOne();
throwing this exception:
Text: An operations error occurred
Exception Details: System.Runtime.InteropServices.COMException: An
operations error occurred
Stack Trace:
System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) +513
System.DirectoryServices.DirectoryEntry.Bind() +10
System.DirectoryServices.DirectoryEntry.get_AdsObject() +10
System.DirectoryServices.DirectorySearcher.FindAll(Boolean
findMoreThanOne) +198
System.DirectoryServices.DirectorySearcher.FindOne() +31
To remind: This bunch of code is called from a library that is inside GAC to
assert it's not consindered as partially trusted code.
I have no idea, where the problem could be. As a first thing I thought the
user doesn't have a privilige to communicate to AD, so I took this piece of
code and put it into a Windows application and run as a normal user. It
worked ok.
Can anybody have any idea what I should do? I'd be very grateful. Thanks in
advance.
communicate with Active directory. Authentication to Web application is done
by means of active directory accounts.
Now I have this code:
DirectoryEntry objDomain = new DirectoryEntry("LDAP://rootDse");
string domain = objDomain.Properties["defaultNamingContext"].Value.ToString();
DirectorySearcher ds = new DirectorySearcher();
ds.SearchRoot = new DirectoryEntry(string.Format("LDAP://{0}",domain));
ds.Filter = "(&(objectClass=group)(sAMAccountName=group_name))";
ds.SearchScope = SearchScope.Subtree;
SearchResult res = ds.FindOne();
When I run the application from any computer and authenticate as a user with
domain administrator privilige, everything works fine. When I authenticate as
a normal user application fail at line
SearchResult res = ds.FindOne();
throwing this exception:
Text: An operations error occurred
Exception Details: System.Runtime.InteropServices.COMException: An
operations error occurred
Stack Trace:
System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) +513
System.DirectoryServices.DirectoryEntry.Bind() +10
System.DirectoryServices.DirectoryEntry.get_AdsObject() +10
System.DirectoryServices.DirectorySearcher.FindAll(Boolean
findMoreThanOne) +198
System.DirectoryServices.DirectorySearcher.FindOne() +31
To remind: This bunch of code is called from a library that is inside GAC to
assert it's not consindered as partially trusted code.
I have no idea, where the problem could be. As a first thing I thought the
user doesn't have a privilige to communicate to AD, so I took this piece of
code and put it into a Windows application and run as a normal user. It
worked ok.
Can anybody have any idea what I should do? I'd be very grateful. Thanks in
advance.