473,804 Members | 3,757 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Writing to AD using LDAP/C#

Hello,

I am developing an application in C# using VS .NET 2005 that
will be accessing and updating Active Directory via LDAP. So, far I
have written the main portions, but now I am stuck on the code to
CHANGE and ADD/DELETE entries.

I'm pretty sure my problem is security related, but I can't
quite narrow it down. I bind to the root of the AD domain using an
account that is a Domain Admin on the AD server itself, HOWEVER....
the actual application is running on a user's workstation presumably
as the local system account.

Is there a way to "impersonat e" this domain admin user like you
can in ASP.NET applications? I can do everything I want to do with AD
except CHANGE it in any way.

Thanks in advance for your help.....

Mar 30 '07 #1
3 3278
Hello,
The Following link may help
http://msdn2.microsoft.com/en-us/lib...25(VS.71).aspx

Regards,
Husam Al-A'araj

"Robert Iver" wrote:
Hello,

I am developing an application in C# using VS .NET 2005 that
will be accessing and updating Active Directory via LDAP. So, far I
have written the main portions, but now I am stuck on the code to
CHANGE and ADD/DELETE entries.

I'm pretty sure my problem is security related, but I can't
quite narrow it down. I bind to the root of the AD domain using an
account that is a Domain Admin on the AD server itself, HOWEVER....
the actual application is running on a user's workstation presumably
as the local system account.

Is there a way to "impersonat e" this domain admin user like you
can in ASP.NET applications? I can do everything I want to do with AD
except CHANGE it in any way.

Thanks in advance for your help.....

Mar 30 '07 #2
It may not. The OP is asking about LDAP. The link you give uses WinNT:

<quote>
"This walkthrough used the WinNT service provider for Active Directory.
Other services are available, including the Lightweight Directory Access
Protocol (LDAP), the Novell NetWare Directory Service (NDS), and the Novell
Netware 3.x service (NWCOMPAT). Each provider provides a different set of
objects to allow you to examine and manipulate directories."
</quote>

If the OP is binding using a domain admin account, his code should work - at
least as far as security is concerned. What error messages are being
returned? Programming AD is a nightmare. There are so many things that can
go wrong. For a start there are three ways of accessing attributes when
using LDAP:
* Using the managed DirectoryEntry object
* Using the ADSI COM object wrapped by the DirectoryEntry object by calling
Invoke() on the DirectoryEntry object
* Using the wrapped COM object directly by obtaining it from a
DirectoryEntry object

Some attributes require one way: some require another. Or so it seems to
us.

Additionally, it seems that additions/alterations have to be made in some
specific, but unspecified in the documentation, order.

And finally, it seems that these requirements are different depending on
whether or not you are adding or updating an entry.
Peter

"Husam Al-A''araj" <Hu**********@d iscussions.micr osoft.comwrote in message
news:4C******** *************** ***********@mic rosoft.com...
Hello,
The Following link may help
http://msdn2.microsoft.com/en-us/lib...25(VS.71).aspx

Regards,
Husam Al-A'araj

"Robert Iver" wrote:
>Hello,

I am developing an application in C# using VS .NET 2005 that
will be accessing and updating Active Directory via LDAP. So, far I
have written the main portions, but now I am stuck on the code to
CHANGE and ADD/DELETE entries.

I'm pretty sure my problem is security related, but I can't
quite narrow it down. I bind to the root of the AD domain using an
account that is a Domain Admin on the AD server itself, HOWEVER....
the actual application is running on a user's workstation presumably
as the local system account.

Is there a way to "impersonat e" this domain admin user like you
can in ASP.NET applications? I can do everything I want to do with AD
except CHANGE it in any way.

Thanks in advance for your help.....


Mar 30 '07 #3
I am developing an application in C# using VS .NET 2005 that
>will be accessing and updating Active Directory via LDAP. So, far I
have written the main portions, but now I am stuck on the code to
CHANGE and ADD/DELETE entries.
Can you show us some code that attempts to update your AD? Maybe it's
something else entirely... Try to limit your posting to just the
relevant pieces of code (no fluff around it), and please also try to
spell out all LDAP paths etc. that you're using - we can't look into
your variables listed in your code - thanks!

Marc

Apr 2 '07 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
0
1416
Problem with writing information from PHP to LDAP-tree (labeledURI)
by: paul b | last post by:
Hello, I am writing some LDAP-scripts in PHP. One of the scripts has to add new objects(urls) to the tree using the ldap_add command. The problem is that I cannot add objects of the type "labeledURIObjec" to the tree. The part of the script posing problems is the following one: $entry="labeledURIObject"; $entry="http://www.test.com";
PHP
3
5261
Writing an LDAP interface?
by: Frank Drebin | last post by:
I have a need to allow other LDAP-compliant customers that want to integrate thier own single-signon to be able to map to accounts in my SQL2K database. Since they are using LDAP - I'm assuming I'd need to write a listener that responds with what they are looking for. Is there something that already does this? If not, what are the security implications - how can I verify they are who they say they are - and stop random Internet vagrants...
C# / C Sharp
7
5222
Authenticate users using AD and LDAP
by: Sync Walantaji | last post by:
Hi, I would like to write a asp.net winform program to authenticate users on Active Directory. Can I do this with asp.net if the IIS server is not part of the Active directory domain? Is there a working example link that you can point me to? Thanks
ASP.NET
0
7929
Setting folder permissions using VB.Net
by: Johan | last post by:
Hi I'm using WMI to set and remove folderpermissions and it sems to work fine, sometimes. I start by having the folderpermissons manuly set to Everyone and Everone has full rights. When I'm setting and removing permissons on a mapped folder in the network it works fine but when doing the same thing on a folder om my harddrive Everyone does not get removed. Does anyone have any idea how to fix this or how to set and remove...
Visual Basic .NET
2
3419
Error using LDAP - An Operation Error occured
by: Jay | last post by:
Hi, This is Jay Mehta. I have this problem when using LDAP. I extract names and EmailId's of all those present from LDAP and populate in a datagrid. Now when run locally, it is running properly. But when put on Web Server and try to access it from client machines, it is giving the Error as "An Operation Error Occured".
C# / C Sharp
0
2044
Error in binding ADAM using windows account
by: choukse | last post by:
Hi All, I am trying to bind to ADAM instance with a windows user through JNDI and it keeps failing. My ADAM and AD is running on same Windows 2k3 server. But, through LDP I am able to bind with the same windows user successfully and browse through the entire tree successfully. The error is as below
Java
0
3236
Error while trying to add a user in LDAP Directory
by: rbukkara | last post by:
Hi, I have got the following error while trying to add a user in the LDAP Directory. javax.naming.NameNotFoundException: ; remaining name 'uid=vassila,ou=People,dc=cs,dc=uno,dc=edu' I have given all the attributes which are needed, for the user, in the code and also the proper path where the user has to be added. Please have a look at my code CODE] // This is a class file which stores all the info required for the user
Java
1
3161
Using COM & ADSI - Bracket Problem
by: zmunoz | last post by:
I am working on a script using ADSI via COM in PHP. The script works for the most part when I query a user using the following function: function passwordExpires($userDN) { $comLDAP = new COM('LDAP:'); $getUser = $comLDAP->OpenDSObject('LDAP://' . $this->server . '/' . $userDN, $this->domain . "\\" . $this->user, $this->pass, 1); $dateParse = date_parse($getUser->passwordLastChanged); $today = time(); $expDate =...
PHP
0
1866
need ldap windows binary and/or installation help
by: Sells, Fred | last post by:
I'm running python 2.5 (or 2.4) in an XP environment. I downloaded and installed the .dll's from OpenLDAP-2.4.8+OpenSSL-0.9.8g-Win32.zip and copied the .dll's in c:/windows/system32 as instructed now I get this error. Is there anyway to avoid building the python_ldap binaries? Apart from being lazy, I've got a secure system policy issue if I start compiling apps. I could give up and just start running in linux, but myxp environment is...
Python
0
9579
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
Windows Server
0
10571
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
C / C++
0
10326
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
Online Marketing
1
10317
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
Windows Server
0
9143
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
Career Advice
1
7615
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
Microsoft Access / VBA
0
6851
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
C# / C Sharp
0
5651
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
1
4295
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us