By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
428,684 Members | 1,439 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 428,684 IT Pros & Developers. It's quick & easy.

Active Directory authentication

P: n/a
Hello. I am writing an application that uses Active Directory and needs to
grab user information. I pass user email addresses and and get back a
userInfo structure with AD information. My issue is that for some users it
works, and others it doesn't. I saw in my traces that in the failing
instances that the authentication is 'negotiate' although I explicitly set it
to Windows under IIS.

Thanks
javabean260
May 30 '07 #1
Share this Question
Share on Google+
3 Replies


P: n/a
On May 30, 8:01 pm, BUBBLETALK260
<BUBBLETALK...@discussions.microsoft.comwrote:
Hello. I am writing an application that uses Active Directory and needs to
grab user information. I pass user email addresses and and get back a
userInfo structure with AD information. My issue is that for some users it
works, and others it doesn't. I saw in my traces that in the failing
instances that the authentication is 'negotiate' although I explicitly set it
to Windows under IIS.
If it's working for some users when the problem is probably in
security or in the code. Can you send an example of how you make the
request to AD?

May 30 '07 #2

P: n/a
Here is an example of how I am making a request to AD

HttpContext.Current.Trace.Warn("BEGIN--Utilities: GetCurrentUserInfo()");

SearchResult result = null;
UserInfo userInfo = null;
if (session[Constants.USER_INFO] != null)
{
userInfo = (UserInfo)session[Constants.USER_INFO];
}
else
{
string[] tmpUserName = fullUserName.Split(new char[] { '\\'
});
string userName = tmpUserName[tmpUserName.Length - 1];

DirectoryEntry directoryEntry = new
DirectoryEntry(ConfigurationManager.AppSettings["LDAP_ROOT"]);
HttpContext.Current.Trace.Warn("Ldap Root: " +
ConfigurationManager.AppSettings["LDAP_ROOT"]);
if (directoryEntry == null)
HttpContext.Current.Trace.Warn("directoryEntry is null");
else HttpContext.Current.Trace.Warn("directoryEntry
created.");
DirectorySearcher directorySearcher = new
DirectorySearcher(directoryEntry);
if (directorySearcher == null)
HttpContext.Current.Trace.Warn("directorySearcher is null");
else HttpContext.Current.Trace.Warn("directorySearcher
created.");
directorySearcher.PropertiesToLoad.Add("mail");
directorySearcher.PropertiesToLoad.Add("givenName" );
directorySearcher.PropertiesToLoad.Add("sn");
directorySearcher.PropertiesToLoad.Add("descriptio n");
directorySearcher.PropertiesToLoad.Add("sAMAccount Name");
directorySearcher.Filter = "sAMAccountName=" + userName;
HttpContext.Current.Trace.Warn("properties added.");

try
{
result = directorySearcher.FindOne();
}
catch(Exception exception){
HttpContext.Current.Trace.Warn("FindOne() bombed");
HttpContext.Current.Trace.Warn(exception.StackTrac e);
HttpContext.Current.Trace.Warn("Exception message " +
exception.Message);
}

userInfo = LoadUserInfo(result);
if (userInfo != null)
{
session[Constants.USER_INFO] = userInfo;
}
}
if (userInfo == null) HttpContext.Current.Trace.Warn("userInfo
is null");

HttpContext.Current.Trace.Warn("END--Utilities:
GetCurrentUserInfo()");
return userInfo;
--
javabean260
"Alexey Smirnov" wrote:
On May 30, 8:01 pm, BUBBLETALK260
<BUBBLETALK...@discussions.microsoft.comwrote:
Hello. I am writing an application that uses Active Directory and needs to
grab user information. I pass user email addresses and and get back a
userInfo structure with AD information. My issue is that for some users it
works, and others it doesn't. I saw in my traces that in the failing
instances that the authentication is 'negotiate' although I explicitly set it
to Windows under IIS.

If it's working for some users when the problem is probably in
security or in the code. Can you send an example of how you make the
request to AD?

May 30 '07 #3

P: n/a
On May 30, 9:06 pm, BUBBLETALK260
<BUBBLETALK...@discussions.microsoft.comwrote:
Here is an example of how I am making a request to AD

HttpContext.Current.Trace.Warn("BEGIN--Utilities: GetCurrentUserInfo()");
The code is correct, I think. What error did you get when it's failed?
Maybe the problem is in the binding string, or these users have
different properties, I don't know...

When I have a problem with AD, I use LDAP Browser
(www.ldapbrowser.com). This tool helps to see directory structure
using the same binding string and userid/password

May 31 '07 #4

This discussion thread is closed

Replies have been disabled for this discussion.