RE: Add New Users

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Cowboy (Gregory A. Beamer) - MVP (NoSpamMgbworld_at_comcast.netNoSpamM)
Date: 02/21/05 

Date: Mon, 21 Feb 2005 12:27:03 -0800

Most likely, your ASP.NET app is set up for anonymous access. If so, there
are a couple of ways to accomplish what you want.

1. Make the page so it is not available for the anonymous user. This forces
a logon and gives you the right to create the child (assuming domain admin
priveleges).

2. Put the above code in its own assembly and place it in a place where
impersonation of an account with priveleges is possible. COM+ is the easiest
option, as it is declarative (note a minor perf issue, as you are entering
Interop). Watch who has access to this page, however, as you have opened the
keys to the kingdom.

3. Shut off anon access to the site. This accomplishes the same as #1.

4. Create a separate process to do the work and fire it off using the
Process object. Note that this can still fail due to code access security,
which can be changed by altering current profiles or creating a new profile.

The issue here is you are running as you with a script, but as ASPNET when
you hit the page. 

---
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA
***************************
Think Outside the Box!
***************************
"Tina Smith" wrote:
> This sample code works perfectly in Console App.    It will fail on the
> Children.Add line when running the same code in a Web App.   I'm assuming
> it's a permissions issue but I can't see to solve it.   Any help would be
> appreciated.
> 
> ----------------------------------------------------------------------------
> --------------
> Imports System.DirectoryServices
> Module Module1
> 
> Sub Main()
> Try
>     Dim AD As DirectoryEntry = _
>       New DirectoryEntry("WinNT://" + Environment.MachineName + ",computer")
>     Dim NewUser As DirectoryEntry = AD.Children.Add("TestUser1", "user")
>     NewUser.Invoke("SetPassword", New Object() {"#12345Abc"})
>     NewUser.Invoke("Put", New Object() {"Description", "Test User from
> ..NET"})
>     NewUser.CommitChanges()
>     Dim grp As DirectoryEntry
> 
>     grp = AD.Children.Find("Guests", "group")
>     If grp.Name <> "" Then
>         grp.Invoke("Add", New Object() {NewUser.Path.ToString()})
>     End If
> 
> Catch ex As Exception
>     End Try
> End Sub
> 
> End Module
> 
> 
>

Relevant Pages

  • How to have windows security w/ anonymous access?
    ... I'm a bit confused as to how to have windows authentication / integrated ... windows authentication with allowing anonymous access. ... for example, i have an app where pages A,B,C i want to allow anonymous ... What's the best approach to accomplish this? ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Using Generics with System.DirectoryServices
    ... First, I never used the WinNT objects, I always used LDAP. ... I'm in the process of updating an ASP.NET v1.1 web app to v2. ... DirectoryEntry objADEntry = null; ... foreach (object objChild in (IEnumerable)objChildren) ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Invoke(SetPassword) in Active Directory, Works, Then Access is
    ... ADAM) to check out what the server is advertising for its capabilities. ... internal static DirectoryEntry GetDirectoryObject(string UserName, ... // Run the invoke from a console app, ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Whats .sps?
    ... the app. ... I once saw, on a "how to crack" site, that the .exe has a symbol ... I do however know my capabilities and when something is beyond them or would take an inordinate amount of time to acquire the skills, I happily defer to someone else. ... Cracking is one of those skills that I would rather somebody else do so I can utilize my time using the program they cracked to accomplish whatever it was I was trying to accomplish when I went looking for the crack. ...
    (alt.2600)
  • Re: How to make the right corner closing cross invisible
    ... them will use Task Manager to nuke your app if you go down that way. ... So what are you really trying to accomplish? ... Microsoft Access MVP ... closing cross in the above right corner. ...
    (comp.databases.ms-access)