473,322 Members | 1,425 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,322 software developers and data experts.

Active Directory authentication

Hello. I am writing an application that uses Active Directory and needs to
grab user information. I pass user email addresses and and get back a
userInfo structure with AD information. My issue is that for some users it
works, and others it doesn't. I saw in my traces that in the failing
instances that the authentication is 'negotiate' although I explicitly set it
to Windows under IIS.

Thanks
javabean260
May 30 '07 #1
3 1479
On May 30, 8:01 pm, BUBBLETALK260
<BUBBLETALK...@discussions.microsoft.comwrote:
Hello. I am writing an application that uses Active Directory and needs to
grab user information. I pass user email addresses and and get back a
userInfo structure with AD information. My issue is that for some users it
works, and others it doesn't. I saw in my traces that in the failing
instances that the authentication is 'negotiate' although I explicitly set it
to Windows under IIS.
If it's working for some users when the problem is probably in
security or in the code. Can you send an example of how you make the
request to AD?

May 30 '07 #2
Here is an example of how I am making a request to AD

HttpContext.Current.Trace.Warn("BEGIN--Utilities: GetCurrentUserInfo()");

SearchResult result = null;
UserInfo userInfo = null;
if (session[Constants.USER_INFO] != null)
{
userInfo = (UserInfo)session[Constants.USER_INFO];
}
else
{
string[] tmpUserName = fullUserName.Split(new char[] { '\\'
});
string userName = tmpUserName[tmpUserName.Length - 1];

DirectoryEntry directoryEntry = new
DirectoryEntry(ConfigurationManager.AppSettings["LDAP_ROOT"]);
HttpContext.Current.Trace.Warn("Ldap Root: " +
ConfigurationManager.AppSettings["LDAP_ROOT"]);
if (directoryEntry == null)
HttpContext.Current.Trace.Warn("directoryEntry is null");
else HttpContext.Current.Trace.Warn("directoryEntry
created.");
DirectorySearcher directorySearcher = new
DirectorySearcher(directoryEntry);
if (directorySearcher == null)
HttpContext.Current.Trace.Warn("directorySearcher is null");
else HttpContext.Current.Trace.Warn("directorySearcher
created.");
directorySearcher.PropertiesToLoad.Add("mail");
directorySearcher.PropertiesToLoad.Add("givenName" );
directorySearcher.PropertiesToLoad.Add("sn");
directorySearcher.PropertiesToLoad.Add("descriptio n");
directorySearcher.PropertiesToLoad.Add("sAMAccount Name");
directorySearcher.Filter = "sAMAccountName=" + userName;
HttpContext.Current.Trace.Warn("properties added.");

try
{
result = directorySearcher.FindOne();
}
catch(Exception exception){
HttpContext.Current.Trace.Warn("FindOne() bombed");
HttpContext.Current.Trace.Warn(exception.StackTrac e);
HttpContext.Current.Trace.Warn("Exception message " +
exception.Message);
}

userInfo = LoadUserInfo(result);
if (userInfo != null)
{
session[Constants.USER_INFO] = userInfo;
}
}
if (userInfo == null) HttpContext.Current.Trace.Warn("userInfo
is null");

HttpContext.Current.Trace.Warn("END--Utilities:
GetCurrentUserInfo()");
return userInfo;
--
javabean260
"Alexey Smirnov" wrote:
On May 30, 8:01 pm, BUBBLETALK260
<BUBBLETALK...@discussions.microsoft.comwrote:
Hello. I am writing an application that uses Active Directory and needs to
grab user information. I pass user email addresses and and get back a
userInfo structure with AD information. My issue is that for some users it
works, and others it doesn't. I saw in my traces that in the failing
instances that the authentication is 'negotiate' although I explicitly set it
to Windows under IIS.

If it's working for some users when the problem is probably in
security or in the code. Can you send an example of how you make the
request to AD?

May 30 '07 #3
On May 30, 9:06 pm, BUBBLETALK260
<BUBBLETALK...@discussions.microsoft.comwrote:
Here is an example of how I am making a request to AD

HttpContext.Current.Trace.Warn("BEGIN--Utilities: GetCurrentUserInfo()");
The code is correct, I think. What error did you get when it's failed?
Maybe the problem is in the binding string, or these users have
different properties, I don't know...

When I have a problem with AD, I use LDAP Browser
(www.ldapbrowser.com). This tool helps to see directory structure
using the same binding string and userid/password

May 31 '07 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
by: Jay Chan | last post by:
We have just installed a SQL Server 2000 (SP 3A) onto a computer that has Windows-2003 Server on it. Now, we cannot get access to that database server from other computers. Seem like this may be an...
10
by: huzz | last post by:
I have web application that quaries the Active Directory to get user details.. everything works fine but someday I'll get System.Runtime.InteropServices.COMExection and if I restart the client...
7
by: - Steve - | last post by:
I have forms based authentication working, using my Active Directory for authentication. I have a web page that creates a user in active directory. When I was using IIS authentication it worked...
1
by: Andrew | last post by:
Hey all, Working on revamping our Intranet here and making use of the LDPA, Active Directory, Directory Services, etc. that .Net provides. I am still fairly new on this subject, so the problem...
9
by: Patrick | last post by:
I have an ASP.NET page that searches for someone in the corporate Active Directory. It had been working fine until recently when I changed from Basic Authentication on IIS6 back to Integrated...
6
by: varkey.mathew | last post by:
Dear all, Bear with me, a poor newbie(atleast in AD).. I have to authenticate a user ID and password for a user as a valid Active Directory user or not. I have created the IsAuthenticated...
4
by: Patrick.O.Ige | last post by:
If i want to generate a menu structure depending on who is logged in in an intranet system(using windows authentication) is it better to use the GROUPS in Active Directory or to move the Active...
4
by: pjdouillard | last post by:
Hello all, Here is the context of my problem: We have an ASP.NET 1.1 application that has its own application pool setup and that runs under the identity of a NT Domain service account (this...
10
by: Hriday | last post by:
Hi there, Please help me..It is urgent This is Hriday, working on windows authentication with Active Directory... My requirment is when a user sends a request to my web Applicatoin I want to...
2
by: P Webster | last post by:
We recently moved a web site that validated user credentials in Active Directory from IIS 5.1 to IIS 6, and the validation code no longer works. The web.config file is set to Windows authentication...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.