I'm trying to setup a web site that uses active directory for user
authentication under asp.net 2.0.
For testing, I have separately installed two virtual servers. The first is
a domain controller in a new forest named VSERVER00 running Windows Server
2003 R2 Standard. The second is an application server running IIS in the
same domain, named VSERVER01 also running Windows Server 2003 R2 Standard.
The domain is VDOMAIN.local.
I have created an OU called Test in Active Directory on VSERVER00 and used
the Delegation of Control Wizard to grand all permissions to the
Administrator account. To keep this simple, the administrator is
administrator with the password password. I've created one user in the OU
manually through the GUI.
The IIS server Web.config page is configured as shown below.
----------
<?xml version="1.0" encoding="utf-8"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<connectionStrings>
<add name="vDomainActiveDirectory"
connectionString="LDAP://VSERVER00/OU=Test,DC=VDOMAIN,DC=local" />
</connectionStrings>
<system.web>
<customErrors mode="Off" />
<authentication mode="Forms" />
<authorization>
<allow roles="admin" />
</authorization>
<membership defaultProvider="AspNetActiveDirectoryMembershipPr ovider">
<providers>
<add name="AspNetActiveDirectoryMembershipProvider"
connectionStringName="vDomainActiveDirectory"
applicationName="/"
maxInvalidPasswordAttempts="5"
passwordAttemptWindow="8"
attributeMapUsername="sAMAccountName"
connectionProtection="None"
connectionUsername="vDOMAIN\Administrator"
connectionPassword="password"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0"
enablePasswordReset="false"
enableSearchMethods="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="false"
type="System.Web.Security.ActiveDirectoryMembershi pProvider,
System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
/>
</providers>
</membership>
<roleManager enabled="false" />
</system.web>
</configuration>
----------
Then I created a virtual folder on the application server named
TestCreateUser. On my computer, I created a very simple web application
using Visual Studio 2005 using the CreateUserWizard control and copied it to
the virtual folder.
In the web application, I have not written any custom code, only configured
the control (completely in the ascx file). Below is the ASCX file.
----------
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs"
Inherits="_Default" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>New User Creation - test page</title>
</head>
<body>
<form id="frmNewUser" runat="server">
<div>
<asp:CreateUserWizard ID=wizNewUser runat="server">
<WizardSteps>
<asp:CreateUserWizardStep runat="server">
</asp:CreateUserWizardStep>
<asp:CompleteWizardStep runat="server">
</asp:CompleteWizardStep>
</WizardSteps>
</asp:CreateUserWizard>
</div>
</form>
</body>
</html>
----------
The first time into the page, I can create a new user without any problems.
All subsequent attempts at creating a new user fail with the following error.
----------
Server Error in '/TestCreateUser' Application.
--------------------------------------------------------------------------------
One or more input parameters are invalid
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information about
the error and where it originated in the code.
Exception Details: System.Runtime.InteropServices.COMException: One or more
input parameters are invalid
Source Error:
An unhandled exception was generated during the execution of the current web
request. Information regarding the origin and location of the exception can
be identified using the exception stack trace below.
Stack Trace:
[COMException (0x80005008): One or more input parameters are invalid]
[TargetInvocationException: Exception has been thrown by the target of an
invocation.]
System.DirectoryServices.DirectoryEntry.Invoke(Str ing methodName,
Object[] args) +221
System.Web.Security.ActiveDirectoryMembershipProvi der.CreateUser(String
username, String password, String email, String passwordQuestion, String
passwordAnswer, Boolean isApproved, Object providerUserKey,
MembershipCreateStatus& status) +2461
System.Web.UI.WebControls.CreateUserWizard.Attempt CreateUser() +305
System.Web.UI.WebControls.CreateUserWizard.OnNextB uttonClick(WizardNavigationEventArgs e) +105
System.Web.UI.WebControls.Wizard.OnBubbleEvent(Obj ect source, EventArgs
e) +453
System.Web.UI.WebControls.CreateUserWizard.OnBubbl eEvent(Object source,
EventArgs e) +149
System.Web.UI.WebControls.WizardChildTable.OnBubbl eEvent(Object source,
EventArgs args) +17
System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +35
System.Web.UI.WebControls.Button.OnCommand(Command EventArgs e) +115
System.Web.UI.WebControls.Button.RaisePostBackEven t(String eventArgument)
+163
System.Web.UI.WebControls.Button.System.Web.UI.IPo stBackEventHandler.RaisePostBackEvent(String eventArgument) +7
System.Web.UI.Page.RaisePostBackEvent(IPostBackEve ntHandler
sourceControl, String eventArgument) +11
System.Web.UI.Page.RaisePostBackEvent(NameValueCol lection postData) +33
System.Web.UI.Page.ProcessRequestMain(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +5102
--------------------------------------------------------------------------------
Version Information: Microsoft .NET Framework Version:2.0.50727.42; ASP.NET
Version:2.0.50727.42
----------
If I reset IIS, I am able to create another user, then as before, all
subsequent submissions fail with the same error.
What am I missing? -- Help