Re: ADSI Problem

---

• From: "Al Mulnick" <amulnick_No_SPAM@xxxxxxxxxxx>
• Date: Mon, 15 Jan 2007 12:26:54 -0500

---

I suggest posting to IIS groups as well because if IIS will cause it to
restart as normal, then I'm guessing there's something there that's not set
quite right.

To make the script authenticate a user, you typically would make it part of
the domain so that it would be able to use a secure channel vs. passing the
credentials in clear text (ldap is NOT an authentication protocol so the
transport needs to be encrypted if you choose to use such a method to mimic
authentication).

The problem here is that I don't have enough information to know what is
causing the script to stop working after it has been working. IIS groups
might have more information related....


"robinwilson16" <robinwilson16@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1DF7F8FF-DCB4-4709-8BC7-01B9EFB7C12F@xxxxxxxxxxxxxxxx

Thanks for the reply

I have tried with LDAP:// instead of WinNT:// and it is still the same and
also with the IP address instead of the domain name
Do you know how I can also the script to make it work all the time.
I only need a simple login script which authenticates users via AD and
sets
up a session.

The script seems to allow so many users to log in and then it breaks.
Restarting IIS usually gets it working again. This seems like very strange
behaviour???

I will try posting at vbscripting too, thanks
Robin

"Al Mulnick" wrote:

Honestly? It surprises me that it works at all. I wouldn't have thought
mixing WINNT provider with adspath would work as you have it.
IADS sometimes surprises me though :)

You may want to post this on the VBScripting news groups and possibly for
IIS. You may also want to check the IIS logs to see what errors you're
throwing. You have no authentication mechanism that I see in there, so
you're relying on anonymous connections (and using WINNT provider)
meaning
that you should be logging some attempts (if not try enabling auditing to
see them better) to the domain.



"robinwilson16" <robinwilson16@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:AA50061B-2F91-41D8-92DC-DC38D21B5460@xxxxxxxxxxxxxxxx

Hello

I have written a script to authenticate Active Directory users via ADSI
within a vb script in IIS.
It works fine on one pc which is a member server.

But on the webserver which is not part of the domain, the script works
ok
for a while then stops working with the following errors when
attempting
to
authenticate the users:

Error: 424
Description: Object Required

Error: -2147023677
Description: Object Required

Restarting IIS normally fixes it until it stops working again.
Please can someone tell me why this might be happening.
The code is below:

Thanks
Robin

'Get the username and password from the form
Dim strUserName
strUserName = Request.Form("username")
Dim strPassword
strPassword = Request.Form("password")

'Get the page action
Dim act
act = Request.Form("act")
Dim iFlags
iFlags = Request.Form("Flags")

'If the action is authenticate
if act = "auth" then

'If the AD path is not empty
if (not strADsPath= "") then

'Bind to the ADSI object and authenticate the user
Dim oADsObject
Dim objUser
Dim objGroup

Dim accountDisabled
Dim accessLevel

Dim isAdmin
Dim isTeacher

Set oADsObject = GetObject(strADsPath)

Dim strADsNamespace
Dim oADsNamespace
strADsNamespace = left(strADsPath, instr(strADsPath, ":"))
set oADsNamespace = GetObject(strADsNamespace)

Set oADsObject = oADsNamespace.OpenDSObject(strADsPath, strUserName,
strPassword, 0)

'Set up a user object to enable information about the user to be
obtained
Set objUser = GetObject("WinNT://school.local/" & strUserName )

'Set up a group object to enable group information to be obtained
Set objAdminGroup = GetObject("WinNT://school.local/" & adminGroup )
Set objTeacherGroup = GetObject("WinNT://school.local/" &
teacherGroup )

'Boolean to say whether a user is a member if the given group
isAdmin = objAdminGroup.IsMember(objUser.ADsPath)
isTeacher = objTeacherGroup.IsMember(objUser.ADsPath)

'If there was an error
if not (Err.number = 0) then
...

.

---

• References:
  • ADSI Problem
    • From: robinwilson16
  • Re: ADSI Problem
    • From: Al Mulnick
  • Re: ADSI Problem
    • From: robinwilson16

• Prev by Date: Re: Group Authentication against ADAM using WSS v3 provider model.
• Next by Date: Re: ADSI Problem
• Previous by thread: Re: ADSI Problem
• Next by thread: Re: ADSI Problem
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: ADSI Problem ... Right I've got the script working now with my ASP applications by passing the ... If you are doing forms authentication using ADSI (which it sounds like you ... Restarting IIS usually gets it working again. ... Dim strUserName ... (microsoft.public.windows.server.active_directory) Re: ADSI Problem ... Do you know how I can also the script to make it work all the time. ... Restarting IIS usually gets it working again. ... I have written a script to authenticate Active Directory users via ADSI ... Dim strUserName ... (microsoft.public.windows.server.active_directory) RE: IIS 5.0 Custom Errors Tab ... Do you see all the custom errors for ... Dim IISSrverObj ... Backup the IIS Metabase before running this script so that if something ... (microsoft.public.inetserver.iis) Re: ADSI Problem ... Why not just let IIS authenticate the users? ... risks by joining the web server to the domain? ... Dim strUserName ... (microsoft.public.windows.server.active_directory) Re: ADSI Problem ... I have made a script which will authenticate a user based on their ... Restarting IIS usually gets it working again. ... Dim strUserName ... (microsoft.public.windows.server.active_directory)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.active_directory  > 2007-01