I have a set of web pages on an AD-authenticated web site that are
supposed to allow users to modify their own AD account attributes,
limited of course to things like their email address, URL, etc. I was
hoping to connect to LDAP using secure authentication as described on
a few tech web pages, and the connection works fine but when it's time
to commit the changes with .SetInfo, the script fails with:
Active Directory error '80070005'
General access denied error
This is a terrible stumbling block for me. Is there a way to get this
working, or is there another way of doing this altogether?
Any help greatly appreciated!!!
Thanks,
Brad
Here's a code snippet...
Const ADS_PROPERTY_CLEAR = 1
Const ADS_PROPERTY_UPDATE = 2
Const ADS_SECURE_AUTHENTICATION = 1
user = Request("user") ' display name from POST data
newemail = Trim(Request("mail")) ' new email address from POST data
strUserDN =
"cn=Administrator,cn=Users,dc=network,dc=rectaltro nics,dc=com"
strPassword = "IdontThinkSo"
Set objRoot = GetObject("LDAP:")
Set objDomain = _
objRoot.OpenDSObject("LDAP://dc=network,dc=rectaltronics,dc=com", _
strUserDN, strPassword, ADS_SECURE_AUTHENTICATION)
' so far, so good.
ADSPath = "LDAP://cn=" & user &
",ou=Family,dc=network,dc=rectaltronics,dc=com "
Set objUser = GetObject(ADSPath)
currentemail = objUser.Get("mail")
' still OK here, but I could do the .Get under user's creds too.
SetAttrib "mail",newemail
objUser.SetInfo
' above line is where it bombs!
1  4393 
Oh, never mind. Just when I was about to give up and wait for help to
come, I finally got it working...
' Path to user object...
ADSPath = "LDAP://cn=" & UserDN & _
",ou=Family,dc=network,dc=rectaltronics,dc=com "
' Path to domain administrator object...
strUserDN = _
"cn=Administrator,cn=Users,dc=network,dc=rectaltro nics,dc=com"
' Password - duh
strPassword = "YouGottaBeKiddin"
' Bind to root
Set objRoot = GetObject("LDAP:")
' Now bind to user...
Set objUser = _
objRoot.OpenDSObject(ADSPath,strUserDN,strPassword ,ADS_SECURE_AUTHENTICATION)
' Now we can do whatever we want to the user object!
That seems to work reliably and is straightforward, code-wise.
Any thoughts? Am I setting myself up for something to blow up in my
face??
Anyway, hope this helps someone...
-Brad
On Tue, 31 Aug 2004 19:16:03 -0400, Joe User <no****@nospam.spam>
wrote: I have a set of web pages on an AD-authenticated web site that are
supposed to allow users to modify their own AD account attributes,
limited of course to things like their email address, URL, etc. I was
hoping to connect to LDAP using secure authentication as described on
a few tech web pages, and the connection works fine but when it's time
to commit the changes with .SetInfo, the script fails with:
Active Directory error '80070005'
General access denied error
This is a terrible stumbling block for me. Is there a way to get this
working, or is there another way of doing this altogether?
Any help greatly appreciated!!!
Thanks,
Brad
Here's a code snippet...
Const ADS_PROPERTY_CLEAR = 1
Const ADS_PROPERTY_UPDATE = 2
Const ADS_SECURE_AUTHENTICATION = 1
user = Request("user") ' display name from POST data
newemail = Trim(Request("mail")) ' new email address from POST data
strUserDN =
"cn=Administrator,cn=Users,dc=network,dc=rectaltr onics,dc=com"
strPassword = "IdontThinkSo"
Set objRoot = GetObject("LDAP:")
Set objDomain = _
objRoot.OpenDSObject("LDAP://dc=network,dc=rectaltronics,dc=com", _
strUserDN, strPassword, ADS_SECURE_AUTHENTICATION)
' so far, so good.
ADSPath = "LDAP://cn=" & user &
",ou=Family,dc=network,dc=rectaltronics,dc=com "
Set objUser = GetObject(ADSPath)
currentemail = objUser.Get("mail")
' still OK here, but I could do the .Get under user's creds too.
SetAttrib "mail",newemail
objUser.SetInfo
' above line is where it bombs! This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Christopher Johannsen |
last post by:
Good Day:
I am working on building a tool Using ASP/COM & IIS5.1 for a
non-administrative technical support team to change domain passwords for
users. I have the basic interface built and...
|
by: Tom Petersen |
last post by:
My users logon to the Patriot domain, my intranet is on sdsddata01 server.
I have a form that people have to click on a dropdown list to pick their
name from the list when submitting a form. Is...
|
by: Arran Pearce |
last post by:
Hi,
I am looking for a way to use System.DirectoryServices to find all users on
a domain whos accounts are either locked out or disabled. I have used
ADSIEdit and the mmc schema add-in to try...
|
by: Corne Grotius |
last post by:
Hiya,
I'm trying to create a new site on IIS 6.0 using ADSI and C# using the
following code:
DirectoryEntry W3SVC = new DirectoryEntry("IIS://" + ServerName +
"/w3svc", Username, Password,...
|
by: YRao |
last post by:
I am going to create intranet application using Windows Authentication
using C# asp.net
I am having following problem:
1 setting windows Authentication, it will validate for all users, user...
|
by: Roy Osherove |
last post by:
Hi folks.
I have an ASP.Net application that runs a .Net dll that uses WMI and
ADSI(both managed) to connect to a given IIS root and search through it.
When not using the ASP.Net client, but...
|
by: msnews.microsoft.com |
last post by:
I have ADSI code that I can make work at the command line. I cannot in
any way get it to work in asp.net. Even using Windows authentication,
impersonation on, and providing the credentials...
|
by: DubSport |
last post by:
I am trying to get my .net page to run a simple batch file on my IIS
server. I want it to run with specified credentials. It appears to
start the program cmd.exe as the correct user (shows up in...
|
by: John |
last post by:
Hi, gurus,
How can I implement the following feature in C#:
Set objGroup = GetObject("WinNT://" & strComputer & "/" & strGroup & ", group")
For Each objMember In objGroup.Members...
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
|
by: ryjfgjl |
last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: aa123db |
last post by:
Variable and constants
Use var or let for variables and const fror constants.
Var foo ='bar';
Let foo ='bar';const baz ='bar';
Functions
function $name$ ($parameters$) {
}
...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
| |
