473,240 Members | 1,737 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,240 software developers and data experts.

The following code IIS with WinXP SP2 but not on Windows 2003 SP1

<! -- Web.config-->
<authentication mode="Windows" />
<identity impersonate="true" />

<! -- Web.config-->

where Configurations.ADsUsersPath is
LDAP://domain.com/ou=Users,ou=Corporate,dc=domain,dc=com

ds = New DirectoryEntry(Configurations.ADsUsersPath)
'creates searcher object, set filter string ... tells seacher object to look
this object in the active directory
dsSrch = New DirectorySearcher(ds)

' pull this information about the object (user object)
dsSrch.Filter = Configurations.ADsQuery ''
"(&(objectClass=user)(objectCategory=person)(sAMAc countName=*))"
dsSrch.PropertiesToLoad.Add("sAMAccountName")
dsSrch.PropertiesToLoad.Add("mail")
dsSrch.PropertiesToLoad.Add("name")
dsSrch.PropertiesToLoad.Add("sn")
dsSrch.PropertiesToLoad.Add("givenName")
dsSrch.PropertiesToLoad.Add("telephoneNumber")
results = dsSrch.FindAll() ' commence search

on windows 2003 "results = dsSrch.FindAll()" throws an exception "
System.Runtime.InteropServices.COMException (0x8007200A): The specified
directory service attribute or value does not exist "

I know that it is problem with the security because if give user id and
password to the ds object it works fine.

Does anyone know what I can do get the above to work with impersonation?
Jul 22 '05 #1
1 2769
Hi Marlon,

Welcome to MSDN newsgroup.
From your description, you get a security related error when performing
ADSI query (through the System.DirectoryServices components) in ASP.NET
webapplication, yes?

As you mentioned that you've used impersonation in your web.config, I do
think that it's likely due to the asp.net's working process identity which
didn't have the sufficent permission. To confirm this, I suggest that we
try the following things first:

1. Logon as a powerful domain account (which has the sufficient permission
to query AD) and running those ADSI quer code in a desktop/winform or
console app to see whether it works.

2. If #1 works, try using the
<identity impersonate="true" userName="..." password="..." /> to
explicitly specify a powerful user account to impersonate your asp.net app
and to see whether it works.

If the above all works, we can get that it's your web appcliation 's client
user (whom is impersonated in your asp.net app) which dosn't have the
sufficient permission. Anyway, please check the above things first , if
there're any thing unclear, please feel free to post here.

Thanks & Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)


--------------------
| From: "Marlon" <ya********@online.nospam>
| Subject: The following code IIS with WinXP SP2 but not on Windows 2003 SP1
| Date: Tue, 19 Jul 2005 10:58:27 -0400
| Lines: 35
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| X-RFC2646: Format=Flowed; Original
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| Message-ID: <u1**************@TK2MSFTNGP12.phx.gbl>
| Newsgroups: microsoft.public.dotnet.general
| NNTP-Posting-Host: ewimail2.exhibitworks.com 209.131.15.66
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFT NGP12.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.dotnet.general:46345
| X-Tomcat-NG: microsoft.public.dotnet.general
|
| <! -- Web.config-->
| <authentication mode="Windows" />
| <identity impersonate="true" />
|
| <! -- Web.config-->
|
| where Configurations.ADsUsersPath is
| LDAP://domain.com/ou=Users,ou=Corporate,dc=domain,dc=com
|
| ds = New DirectoryEntry(Configurations.ADsUsersPath)
| 'creates searcher object, set filter string ... tells seacher object to
look
| this object in the active directory
| dsSrch = New DirectorySearcher(ds)
|
| ' pull this information about the object (user object)
| dsSrch.Filter = Configurations.ADsQuery ''
| "(&(objectClass=user)(objectCategory=person)(sAMAc countName=*))"
| dsSrch.PropertiesToLoad.Add("sAMAccountName")
| dsSrch.PropertiesToLoad.Add("mail")
| dsSrch.PropertiesToLoad.Add("name")
| dsSrch.PropertiesToLoad.Add("sn")
| dsSrch.PropertiesToLoad.Add("givenName")
| dsSrch.PropertiesToLoad.Add("telephoneNumber")
| results = dsSrch.FindAll() ' commence search
|
| on windows 2003 "results = dsSrch.FindAll()" throws an exception "
| System.Runtime.InteropServices.COMException (0x8007200A): The specified
| directory service attribute or value does not exist "
|
| I know that it is problem with the security because if give user id and
| password to the ds object it works fine.
|
| Does anyone know what I can do get the above to work with impersonation?
|
|
|

Jul 22 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
by: hockeyove | last post by:
Hi! Little help needed... This is my environment: Server: Windows 2003 Client: Windows 2000 and Windows XP
5
by: Jorg Rødsjø | last post by:
Hi I'm trying to use os.path.getmtime to check if a file has been modified. My OS is WinXP. The problem is, that when the os changes from/to daylight savings time, the result is suddenly off by...
2
by: LordBlue | last post by:
Hi, please forgive me if i'm sending this post in the wrong place, and please don't tell me to post it in another group, because if i found a better one i'd have already done it. I'm writing a...
2
by: Grei | last post by:
how can i impersonate from win2000 to WinXP? in MSDN says: (gives example how to implemet it but not with win2000, and it doesn't say what to do on win2000!!!) any ideas? workarounds? Thanx! ...
1
by: Marlon | last post by:
<! -- Web.config--> <authentication mode="Windows" /> <identity impersonate="true" /> <! -- Web.config--> where Configurations.ADsUsersPath is...
33
by: Steve | last post by:
One of our clients recently upgraded their Office version to 2003. When they tried to run our program (written in Access 2000), they ended up with the wrong data. My coworker and I have tested this...
1
by: hazz | last post by:
I tried using the Visual Studio setup and deployment wizard to create an msi to install the .exe, config and .dll resource files from my winxp deve box onto a Windows 2003 server. I don't have...
3
by: Christian Nunciato | last post by:
Hi there: I'm a veteran to ASP.NET 1.1, but new to 2.0, and I'm using VS 2005. When I run the app on my local machine, using the built-in Web server, I have no problems, but deploying the site...
2
by: Jason Huang | last post by:
Hi, I have Visual Studio.Net 2003 on my Windows XP PC. Now I would like to test the Visual Studio .Net 2005 on the same machine. Is it possilbe to have the VS2003 and VS2005 co-exists on the...
0
by: jianzs | last post by:
Introduction Cloud-native applications are conventionally identified as those designed and nurtured on cloud infrastructure. Such applications, rooted in cloud technologies, skillfully benefit from...
0
by: abbasky | last post by:
### Vandf component communication method one: data sharing ​ Vandf components can achieve data exchange through data sharing, state sharing, events, and other methods. Vandf's data exchange method...
2
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 7 Feb 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:30 (7.30PM). In this month's session, the creator of the excellent VBE...
0
by: fareedcanada | last post by:
Hello I am trying to split number on their count. suppose i have 121314151617 (12cnt) then number should be split like 12,13,14,15,16,17 and if 11314151617 (11cnt) then should be split like...
0
Git
by: egorbl4 | last post by:
Скачал я git, хотел начать настройку, а там вылезло вот это Что это? Что мне с этим делать? ...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: Aftab Ahmad | last post by:
Hello Experts! I have written a code in MS Access for a cmd called "WhatsApp Message" to open WhatsApp using that very code but the problem is that it gives a popup message everytime I clicked on...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.