Hi :-)
I'm having some trouble with LDAP and Active Directory on Win2k3
I use Windows Authentication and the code
System.Threadin g.Thread.Curren tPrincipal.Iden tity.Name gives me the correct
credentials when logged in.
When I create user in AD i get an error. I have 4 scenarioes - one work and
one don't. I'm very confused:
1) Does not work
- <identity impersonate="tr ue"/in web.config
- No impersonating by code
- No credentials are sent together with LDAP string [new
DirectoryEntry( "mypath")]
Error message: System.Runtime. InteropServices .COMException: An operations
error occurred.
- I can't read from AD
2) Does not work
- <identity impersonate="tr ue"/in web.config
- No impersonating by code
- Credentials are sent together with LDAP string [new
DirectoryEntry( "mypath", "username", "password", AuthenticationT ypes.Secure);]
Error message: An operations error occurred
- I can read from AD
3) Does not work
- <identity impersonate="fa lse"/in web.config
- I "code-imporsonates" with the _same credentials_ I use for login
- No credentials are sent together with LDAP string
Exception Details: The specified directory service attribute or value does
not exist.
- I can't read from AD
4) Works!
- <identity impersonate="fa lse"/in web.config
- I "code-imporsonates" with the _same credentials_ I use for login
Credentials are sent together with LDAP string [new DirectoryEntry( "mypath",
"username", "password", AuthenticationT ypes.Secure);]
What is the difference between <identity impersonate="tr ue"/in web.config
and manual code impersonation?
What is the correct approch for user to manage AD from asp.net loged in with
Windowd credentials ?
--
Jesus Loves You