Re: calling ADSI from WebApp

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Willy Denoyette [MVP] (willy.denoyette_at_pandora.be)
Date: 01/29/05 

Date: Sat, 29 Jan 2005 15:05:00 +0100

Please note that you better cross post to microsoft.public.dotnet.framework
and a specialized adsi group (see Marc's reply).

Willy.

"johnny" <johnny@discussions.microsoft.com> wrote in message
news:E5C81271-BFB6-4B6D-9B79-7E6A489CD83B@microsoft.com...
> Hello, I got this weird problem. I have an intranet application that needs
> to
> communicate with Active directory. Authentication to Web application is
> done
> by means of active directory accounts.
>
> Now I have this code:
>
> DirectoryEntry objDomain = new DirectoryEntry("LDAP://rootDse");
> string domain =
> objDomain.Properties["defaultNamingContext"].Value.ToString();
> DirectorySearcher ds = new DirectorySearcher();
> ds.SearchRoot = new DirectoryEntry(string.Format("LDAP://{0}",domain));
> ds.Filter = "(&(objectClass=group)(sAMAccountName=group_name))";
> ds.SearchScope = SearchScope.Subtree;
> SearchResult res = ds.FindOne();
>
> When I run the application from any computer and authenticate as a user
> with
> domain administrator privilige, everything works fine. When I authenticate
> as
> a normal user application fail at line
> SearchResult res = ds.FindOne();
> throwing this exception:
>
> Text: An operations error occurred
> Exception Details: System.Runtime.InteropServices.COMException: An
> operations error occurred
> Stack Trace:
> System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) +513
> System.DirectoryServices.DirectoryEntry.Bind() +10
> System.DirectoryServices.DirectoryEntry.get_AdsObject() +10
> System.DirectoryServices.DirectorySearcher.FindAll(Boolean
> findMoreThanOne) +198
> System.DirectoryServices.DirectorySearcher.FindOne() +31
>
> To remind: This bunch of code is called from a library that is inside GAC
> to
> assert it's not consindered as partially trusted code.
>
> I have no idea, where the problem could be. As a first thing I thought the
> user doesn't have a privilige to communicate to AD, so I took this piece
> of
> code and put it into a Windows application and run as a normal user. It
> worked ok.
>
> Can anybody have any idea what I should do? I'd be very grateful. Thanks
> in
> advance.
>

Relevant Pages

  • Re: calling ADSI objects from WebApplication
    ... then it is definitely an issue with your security context. ... > by means of active directory accounts. ... > When I run the application from any computer and authenticate as a user ... > code and put it into a Windows application and run as a normal user. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • calling ADSI objects from Web Application
    ... communicate with Active directory. ... by means of active directory accounts. ... When I authenticate as ... code and put it into a Windows application and run as a normal user. ...
    (microsoft.public.dotnet.framework.interop)
  • calling ADSI objects from WebApplication
    ... communicate with Active directory. ... by means of active directory accounts. ... When I authenticate as ... code and put it into a Windows application and run as a normal user. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • calling ADSI from WebApp
    ... communicate with Active directory. ... by means of active directory accounts. ... When I authenticate as ... code and put it into a Windows application and run as a normal user. ...
    (microsoft.public.dotnet.framework.clr)
  • Re: calling ADSI from WebApp
    ... > When I run the application from any computer and authenticate as a user ... > code and put it into a Windows application and run as a normal user. ... How do you authenticate and impersonate at the Web server (IIS asp.net I ... What is the anonymous account configured for IIS/ASP.NET? ...
    (microsoft.public.dotnet.framework.clr)