Re: LDAP lookup: fails on remote computers -- Please help
From: bruce barker (nospam_brubar_at_safeco.com)
Date: 04/29/04
- Next message: Cowboy \(Gregory A. Beamer\): "Re: SQLServer IsNull() & DataReader"
- Previous message: jamiewalker_at_wp.shawcable.net: "Bin Laden Captured - photos and video"
- In reply to: Jay: "LDAP lookup: fails on remote computers -- Please help"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 29 Apr 2004 08:44:55 -0700
unless you are using digest (and have delagation turned on), credentials
will not delegate. you will have to have your code impersonate a primary
token with access to the ad.
-- bruce (sqlwork.com)
"Jay" <jgpassport@scf.sk.ca> wrote in message
news:OpgazdWLEHA.268@TK2MSFTNGP10.phx.gbl...
> I have a simple LDAP query (grabs all users from a particular AD group and
> populates a checkboxlist) that works perfectly fine on the development
> machine logged on locally as any user. When I access the website and run
> the query from a client however the query fails to run. Someone please
> help?
>
> Here's the code for the query (in CheckBoxListsFill sub):
>
> 'Impersonate the Windows AD user running the application
> Dim impersonationContext As
> System.Security.Principal.WindowsImpersonationContext
> Dim currentWindowsIdentity As System.Security.Principal.WindowsIdentity
> currentWindowsIdentity = CType(User.Identity,
> System.Security.Principal.WindowsIdentity)
> impersonationContext = currentWindowsIdentity.Impersonate()
>
> Try
> 'Fill Approvers checkbox lists from AD LDAP
> 'Get all users in the G_SCA_Change_Control_Approvers group
> Dim Approvers_entry As New
>
DirectoryEntry("LDAP://CN=G_SCA_Change_Control_Approvers,OU=Groups,DC=sca,DC
> =hin,DC=sk,DC=ca")
> Dim Approvers_result As String
> Dim entry As New DirectoryEntry("LDAP://SCA")
> Dim searcher As New DirectorySearcher(entry)
> Dim result As SearchResult
> Dim results As SearchResultCollection
> searcher.PropertiesToLoad.Add("samAccountName")
>
> 'Get the members of the group
> For Each Approvers_result In Approvers_entry.Properties("member")
> Approvers_result = Approvers_result.ToString.Split(",")(0)
> Approvers_result = Approvers_result.ToString.Split("=")(1)
> 'Find the samAccountName of the current Approvers_result
> searcher.Filter = ("(&(objectClass=person)(cn=" & Approvers_result
&
> "))")
> result = searcher.FindOne
> cblApprovers.Items.Add(New
> ListItem(result.Properties("samAccountName")(0).ToString))
> Next
>
> Catch ex As Exception
> Response.Write(ex.Message)
> End Try
> impersonationContext.Undo()
>
> And here's the error message I get as any remote client running the web
> page:
>
> Source Error:
>
> An unhandled exception was generated during the execution of the
> current web request. Information regarding the origin and location of the
> exception can be identified using the exception stack trace below.
>
> Stack Trace:
>
> [COMException (0x80072020): An operations error occurred]
> System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) +513
> System.DirectoryServices.DirectoryEntry.Bind() +10
> System.DirectoryServices.DirectoryEntry.get_AdsObject() +10
> System.DirectoryServices.PropertyValueCollection.PopulateList() +234
> System.DirectoryServices.PropertyCollection.get_Item(String
propertyName)
> +45
> Change_Request.frmNewRequest.CheckBoxListsFill() +210
> Change_Request.frmNewRequest.Page_Load(Object sender, EventArgs e) +395
> System.Web.UI.Control.OnLoad(EventArgs e) +67
> System.Web.UI.Control.LoadRecursive() +35
> System.Web.UI.Page.ProcessRequestMain() +731
>
> Like I said, any help in this would be very very much appreciated.
>
> Thanks in advance,
>
> Jason
>
>
- Next message: Cowboy \(Gregory A. Beamer\): "Re: SQLServer IsNull() & DataReader"
- Previous message: jamiewalker_at_wp.shawcable.net: "Bin Laden Captured - photos and video"
- In reply to: Jay: "LDAP lookup: fails on remote computers -- Please help"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
