Hi there.
I have the following environment:
Active Directory running on Windows 2000. There is a root domain called
ad.sys and within this root domain there are the following subdomains:
dom1.ad.sys
dom2.ad.sys
dom3.ad.sys
I need to restrict access to a certain part of a ASP.NET page to some
admin user and check their password agains the windows domain.
IIS Authentication doesnt seem to be an option, I cant seem to supply
several domains.
One possilbe way would probably be:
In the database have a list of names which have access to the admin
part. When the login name matches one of that list make an connection to
the domain and check the passwort. Connection could be ldap.
Is this procedure valid? Any other ideas?
If this is a valid way, how do I connect to another domains? If the
webpage runs in one or none of those domains. I tried
System.Director yServices.Direc toryEntry de = new DirectoryEntry
("ldap://servername/OU=Administrato rs,OU=Site,OU=C ountry,DC=dom1, DC=ad,D
C=sys", "DOM1\ldapuser" , "Idontknow" );
But when I try to access de.Children I get an error saying
System.Runtime. InteropServices .COMExcpetion ocured in
system.director yservices.dll
Additional Information: Unknow error (0x80050000)
When I use a ldap client on my workstation which is in neither of these
domains I can connect and get the data.
Anyone knows whats going on or how I should do this?
--
mfg
Marc Eggenberger
3  3133 
AD question are best answwer in the
microsoft.publi c.active.direct ory.interfaces newsgroup. I am sure the two
Joe's will be able to give you a complete answer.
--
HTH
Ollie Riches http://www.phoneanalyser.net
Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a programmer
helping programmers.
"Marc Eggenberger" <ma************ **@remove.itc.a lstom.com> wrote in message
news:MP******** *************** *@iww.cacti.ch. alstom.com... Hi there.
I have the following environment:
Active Directory running on Windows 2000. There is a root domain called
ad.sys and within this root domain there are the following subdomains:
dom1.ad.sys
dom2.ad.sys
dom3.ad.sys
I need to restrict access to a certain part of a ASP.NET page to some
admin user and check their password agains the windows domain.
IIS Authentication doesnt seem to be an option, I cant seem to supply
several domains.
One possilbe way would probably be:
In the database have a list of names which have access to the admin
part. When the login name matches one of that list make an connection to
the domain and check the passwort. Connection could be ldap.
Is this procedure valid? Any other ideas?
If this is a valid way, how do I connect to another domains? If the
webpage runs in one or none of those domains. I tried
System.Director yServices.Direc toryEntry de = new DirectoryEntry
("ldap://servername/OU=Administrato rs,OU=Site,OU=C ountry,DC=dom1, DC=ad,D
C=sys", "DOM1\ldapuser" , "Idontknow" );
But when I try to access de.Children I get an error saying
System.Runtime. InteropServices .COMExcpetion ocured in
system.director yservices.dll
Additional Information: Unknow error (0x80050000)
When I use a ldap client on my workstation which is in neither of these
domains I can connect and get the data.
Anyone knows whats going on or how I should do this?
--
mfg
Marc Eggenberger
Marc,
I'm not an expert on AD, but I think that the reason your call to get
the DirectoryEntry fails is because by default, the ASP.NET process runs
under the local user ASPNET, which doesn't have network permissions. You
can impersonate another user to run under for this operation. Check out the
documentation for the Impersonate method on the WindowsIdentity class to see
how to do this.
You can also impersonate a user for all the pages in a directory by
setting the <identity> tag in the web.config file for the directory, but
that would mean all pages run as that user, which might not be such a good
idea.
Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
"Marc Eggenberger" <ma************ **@remove.itc.a lstom.com> wrote in message
news:MP******** *************** *@iww.cacti.ch. alstom.com... Hi there.
I have the following environment:
Active Directory running on Windows 2000. There is a root domain called
ad.sys and within this root domain there are the following subdomains:
dom1.ad.sys
dom2.ad.sys
dom3.ad.sys
I need to restrict access to a certain part of a ASP.NET page to some
admin user and check their password agains the windows domain.
IIS Authentication doesnt seem to be an option, I cant seem to supply
several domains.
One possilbe way would probably be:
In the database have a list of names which have access to the admin
part. When the login name matches one of that list make an connection to
the domain and check the passwort. Connection could be ldap.
Is this procedure valid? Any other ideas?
If this is a valid way, how do I connect to another domains? If the
webpage runs in one or none of those domains. I tried
System.Director yServices.Direc toryEntry de = new DirectoryEntry
("ldap://servername/OU=Administrato rs,OU=Site,OU=C ountry,DC=dom1, DC=ad,D
C=sys", "DOM1\ldapuser" , "Idontknow" );
But when I try to access de.Children I get an error saying
System.Runtime. InteropServices .COMExcpetion ocured in
system.director yservices.dll
Additional Information: Unknow error (0x80050000)
When I use a ldap client on my workstation which is in neither of these
domains I can connect and get the data.
Anyone knows whats going on or how I should do this?
--
mfg
Marc Eggenberger
"Marc Eggenberger" <ma************ **@remove.itc.a lstom.com> wrote in message
news:MP******** *************** *@iww.cacti.ch. alstom.com... Hi there.
I have the following environment:
Active Directory running on Windows 2000. There is a root domain called
ad.sys and within this root domain there are the following subdomains:
dom1.ad.sys
dom2.ad.sys
dom3.ad.sys
I need to restrict access to a certain part of a ASP.NET page to some
admin user and check their password agains the windows domain.
IIS Authentication doesnt seem to be an option, I cant seem to supply
several domains.
One possilbe way would probably be:
In the database have a list of names which have access to the admin
part. When the login name matches one of that list make an connection to
the domain and check the passwort. Connection could be ldap.
Is this procedure valid? Any other ideas?
If this is a valid way, how do I connect to another domains? If the
webpage runs in one or none of those domains. I tried
System.Director yServices.Direc toryEntry de = new DirectoryEntry
("ldap://servername/OU=Administrato rs,OU=Site,OU=C ountry,DC=dom1, DC=ad,D
C=sys", "DOM1\ldapuser" , "Idontknow" );
But when I try to access de.Children I get an error saying
System.Runtime. InteropServices .COMExcpetion ocured in
system.director yservices.dll
Additional Information: Unknow error (0x80050000)
When I use a ldap client on my workstation which is in neither of these
domains I can connect and get the data.
Anyone knows whats going on or how I should do this?
--
mfg
Marc Eggenberger
If this works from a console program:
System.Director yServices.Direc toryEntry de = new DirectoryEntry
("ldap://servername/OU=Administrato rs,OU=Site,OU=C ountry,DC=dom1, DC=ad,D
C=sys", "DOM1\ldapuser" , "Idontknow" );
it should also work from asp.net, using the exact same bind string of
course.
Are you sure it fails when calling de.Children?
Willy. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Bud |
last post by:
I would like to be able to pass a request to IIS to have a user name and
password authenticated against my Active Directory Users database. I'm
running Server 2003 however my web pages are build using ASP (not .NET).
What I want to do is to open the standard User Name/Password form (I don't
know how to do that either) and then make my request and get back a
True/False result. There must be a way to do that but I haven't found it
after 3...
|
by: Sync Walantaji |
last post by:
Hi,
I would like to write a asp.net winform program to authenticate users
on Active Directory.
Can I do this with asp.net if the IIS server is not part of the Active
directory domain?
Is there a working example link that you can point me to?
Thanks
|
by: Minal |
last post by:
Hello,
I've a ASP.net Web application running on one machine and I've 2 active
directories which are in 2 different domains. So in all 3 domains. I want my
application to create a new user in the AD. But there is no trust
relationship in these domains. Due to some security reasons its not possible
to create trust relationship. Is there any way by which I will be able to
create a/cs in both of those domains.
Thanks,
|
by: B111Gates |
last post by:
OK I know this is a complex question so I will break it up.
I know that SSPI is the prefered method of authentication, however if I
use the sample provide by MS I cannot authenticate across domains.
Sample Here
http://support.microsoft.com/default.aspx?scid=kb;en-us;279815
Article ID : 279815
|
by: kevin.vaughan |
last post by:
Hello Everyone,
Is it possible to authenticate the windows password through Active
Directory?
If so, how would this be done.
I have a login screen in my application and am trying to set it up with
the same login details as Windows to streamline the experience for
users. It also must allow 1 user to log onto the application while
another user is logged onto windows. I must know who is logged onto the
| | |
by: dorrit.Riemenschneider |
last post by:
I need to validate a user with username and password against our
OpenLDAP active directory. This is my code:
Private bool ValidateUser (string username, string password)
{
DirectoryEntry userEntry = new DirectoryEntry(
ldapPath, username, password,
AuthenticationTypes.Anonymous);
//Bind to the native AdsObject to force authentication.
|
by: Michael Howes |
last post by:
I would think this would be very, very easy but in the 50 searches
I've done I haven't found anything.
If our application requires login and that user/password be a local
windows account or more detailed, a user that has been added to the
Power Users group that is either a local account or a active directory
account how do I authenticate?
I've found code that seems to do this against Active Directory
|
by: JeremyPollack |
last post by:
Here's the situation :
I have the same ASP.NET 2.0 web application running on both Machine A
and Machine B. On both machines, I have Integrated Windows
Authentication turned on, and Anonymous Access turned off for the
folder that contains the webservice .ASMX file. When I hit a certain
page on Machine A, it will call the web service on Machine A, and then
it will call the same web service on Machine B. Likewise, when I hit
the same...
|
by: JustRun |
last post by:
Hi,
I'm developing a windows application using VC#, I need to authenticate user throught their credentials in the Active Dirctory,
I try to let the login form "user name" take automaticaly the username in the active directory, I don't know whether I wrote is right or wrong, but at any rate it doesn't work.
here is my code:
public static string GetProperty(SearchResult searchResult, string PropertyName)
{
...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| | |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
