Re: ASP.NET Adding a User to Active Directory

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Save this code to a file named "identity.aspx",
within the app in question, and run it.

identity.aspx:
-------------------
<%@ Page Language="VB" %>
<%@ Import NameSpace = System.Security.Principal %>
<script runat="server">
Sub Page_Load()
Dim tmp As String = WindowsIdentity.GetCurrent.Name()
Label1.Text = "ASP.NET is running as the account : " & tmp
End Sub
</script>
<html>
<head>
<title>What account is ASP.NET running as ?</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Label ID="Label1" Runat="server" Text="Label"></asp:Label>
</div>
</form>
</body>
</html>
----------------

Whichever account is returned by the page is the account which needs AD access permissions.

Silly question : are you running a web server on your domain controller ?
That, generally, is considered to be a no-no for security reasons.

Active Directory runs on Windows Server 2008, Windows Server 2003,
and Windows 2000 Server domain controllers.

If you're not running one of those servers, or AD hasn't been installed on your OS,
you will not be able to add a user to a non-existent AD.




Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
======================================
"Mick Walker" <materialised@xxxxxxxxxxx> wrote in message news:5oe7h0Fmb1utU1@xxxxxxxxxxxxxxxxxxxxx
Hi All,

I have an asp.net app, which is supposed to add a user to the AD Users group.
I am using the ASP Memberhsip provider for this and have configured it in the web.config file. All works Well, I can
login, list users, etc etc.

However when it comes to creating a user, I get the following error:

Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack
trace for more information about the error and where it originated in the code.
Exception Details: System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005
(E_ACCESSDENIED))

ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the
ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service
on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity
impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated
request user.
To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab.
Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired
access.


In my webconfig I have set the following:

<identity impersonate="true" userName="domain\Administrator" password="SomePass"/> (I know this isnt secure, but it is
a test enviroment setup especially for my learning.

So I am lost to why I cant create a new user in the AD Domain.

Does anyone have any ideas? The code I am using is:

string username = "SwedishChef";
string password = "bj#kbj$k";


Membership.CreateUser(
username, password);



And here is my Provider setup from my web.config:

<membership defaultProvider="MyADMembershipProvider">
<providers>
<remove name="AspNetSqlMembershipProvider" />
<add
name="MyAdMembershipProvider"

type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConn"
connectionUsername="domain\Administrator"
connectionPassword="SomePass"
applicationName="/ControlPanel"
enableSearchMethods="true"
/>
</providers>

</membership>


.

Relevant Pages

  • Server Error in /Monitoring Application
    ... new application installed on our 2k3 SBS server; the new app has a web ... website in IIS has been pointed to this new app. ... Exception Details: System.Web.HttpException: Access denied to ... Failed to start monitoring file ...
    (microsoft.public.windows.server.sbs)
  • Failed to start monitoring directory changes
    ... I am trying to deploy a new .NET app and am getting some odd occurrences. ... web server located in a DMZ network, that has not been fully secured. ... start monitoring directory changes. ... An unhandled exception occurred during the execution of the ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: problem connecting to my database behind a firewall
    ... OK, that worked, but I cant see why it wont work in the app. ... on the other server. ... And when I debug from my local machine (and use the ... > Sub Page_Load ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Exception von VB6 abfangen
    ... "SvenC" wrote: ... Public Sub IMyInterface_MyMethod ... Im der C++ App wird der Aufruf wie folgt behandelt: ... wenn ja, welche Exception geworfen wird. ...
    (microsoft.public.de.vc)
  • Re: Problem with Application.ThreadException
    ... I used your code in my app, and yes an error on mouse down really ... > I just threw an exception in MouseDown of my form and my global error ... > Private Sub SubMain() ... > Private Sub OnUnhandledException(ByVal sender As Object, ...
    (microsoft.public.dotnet.languages.vb)