468,512 Members | 1,485 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,512 developers. It's quick & easy.

Querying AD using vb script from ASP page returns "An operations error occurred"


I am trying to query AD for sAMAccountName attribute for given email.
My code is as follows:
Expand|Select|Wrap|Line Numbers
  2. Dim ldapSearchBaseDn,ldapSearchHost,ldapUser,ldapPwd    
  4. ldapSearchBaseDn = "dc=test,dc=com"  ''"base dn"    
  5. ldapSearchHost = "IP of domain system"    
  6. ldapUser    = "domain\username"
  7. ldapPwd     = "password"
  8. email  = "test@testmail.com"
  9. Set oConn = Server.CreateObject("ADODB.Connection")
  11. oConn.Provider = "ADSDSOObject"
  12. oConn.properties("User ID") = ldapUser
  13. oConn.properties("Password") = ldapPwd
  14. oConn.Properties("Encrypt Password") = true    
  15. oConn.Open "Ads Provider"  
  17. Set rs = oConn.Execute("<LDAP://" & ldapSearchHost & "/" & ldapSearchBaseDn &">;" &_
  18.  "(&(objectClass=user)(mail=" & email & "));" &_
  19.   "sAMAccountName;subtree")    
When I am running the above code as vbs file, my code is running without any issue and returning sAMAccountName for given email.
But when I am running same query from ASP page, then I am getting following Error:
Error# -2147217865
Error Desc= An operations error occurred
Error Source - Active Directory

Please help me in solving the above issue. Its very urgent.

Jul 11 '11 #1
6 10651
3,405 Expert 2GB
The problem is probably that the iusr account doesn't have access to AD. When you run it from a .vbs file you are probably executing it yourself, so it runs under your username. Go into IIS and (if you dare) set the asp process to run under your user account instead of iusr. I bet that will fix the problem.

Jul 11 '11 #2
Thanks for reply.
I am member of "domain Admin" group in AD.
I have to run this query without changing IIS settings.
I have tried the same in 2 different systems
1.Error "Table does not existss" if I run same query from asp page published in windows2003
2. "Operation error occured" if I run from windows2008 system

Does it make any difference? As I am getting different error when running in windows2003 system.
I had run same query successfully a long time back from windows2003 system.

Jul 11 '11 #3
3,405 Expert 2GB
The bottom line is there is nothing wrong with the script, the problem is the account the script uses when it executes. It does not run under your user credentials, it runs as a service account called "iusr_(computername)". That account doesn't usually have very many permissions, and it isn't a member of the AD.

I don't know of any way to do this without changing IIS settings. I guess you could try to add the iusr account to the domain, but I've never tried that, not sure if it can work. You could also try increasing iusr's permissions.

Jul 11 '11 #4
Hi jhardman,

My website is published in IIS7.0 in windows2008 system.
The main IIS settings are:
Authentication - Anonymous
Authorization rules - allow all
.Net trust levels - full
The Application Pool settings are as below:
Managed Pipeline Mode - Integrated
Identity - LocalSystem
Load User Profile - false

Please advise ,What do I need to change in above settings to run my script?

Jul 12 '11 #5
3,405 Expert 2GB

go into IIS (type inetmgr into the run prompt)
select your server
double click on authentication
right click on "anonymous authentication"
select "edit" and you will see the above image
click on "set..." to change user

Let me know if this works.

Jul 14 '11 #6
Hi Jared,

I need not to make any changes in IIS and I get solution with following script:
Expand|Select|Wrap|Line Numbers
  1. ldapSearchBaseDn =  "dc=abc,dc=com"     
  2. ldapSearchHost =  "AD IP"    
  3. ldapUser         = "AD User"
  4. ldapPwd         = "password"   
  5. email              = "abc@xyz.com"
  7. strQuery = "<LDAP://"& ldapSearchHost & "/" & ldapSearchBaseDn &">;" &_
  8. "(&(objectCategory=user)(mail=" & email & "));" &_
  9. "samAccountName;" &_
  10. "subtree"
  14. 'Start the ADO connection
  15. Set oConnection1 = CreateObject("ADODB.Connection")
  16. Set objCommand = CreateObject("ADODB.Command")
  17. oConnection1.Provider = "ADsDSOObject"
  18. oConnection1.Properties("User ID") = user
  19. oConnection1.Properties("Password") = pwd
  20. oConnection1.Properties("Encrypt Password") = True
  21. oConnection1.Open "ADsDSOObject"
  22. objCommand.ActiveConnection = oConnection1objCommand.CommandText = strQuery
  23. objCommand.Properties("Cache Results") = False
  24. objCommand.Properties("Chase Referrals") = ADS_CHASE_REFERRALS_SUBORDINATE
  26. Set rs = objCommand.Execute
  27. Set objCommand = nothing
  29. If Err.Number = 0 then    
  30. if not rs.eof then
  31.     user = trim(rs("sAMAccountName").value)
  32. end if
  33. end if

But now I have one more issue. I have created one file test.txt in c:\windows\temp folder. I am trying to read that file. But when i check for its existence, its returning me false i.e. file does not exists.
My code is as follows:
Expand|Select|Wrap|Line Numbers
  1. Dim fileName,fso
  2. ForReading = 1
  3. fileName="C:\WINDOWS\Temp\MacList.txt"
  5. set fso=Server.createobject("scripting.FileSystemObject")
  7. If fso.FileExists(fileName) then
  8.   //code to handle it
  9. else
  10.  //file not exists
  11. end if
and above code is returning that file does not exists.
Please help.

Jul 19 '11 #7

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

2 posts views Thread by jj555s | last post: by
reply views Thread by =?Utf-8?B?Sm9hY2hpbQ==?= | last post: by
reply views Thread by NPC403 | last post: by
1 post views Thread by fmendoza | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.