471,344 Members | 1,012 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 471,344 software developers and data experts.

losing connection to Active Directory

I have web application that quaries the Active Directory to get user
details.. everything works fine but someday I'll get
System.Runtime.InteropServices.COMExection and if I restart the client
machine then it works again.

here is one of the method where am calling the AD

public bool UserExist(string UserName)
{

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
DirectorySearcher ds = new DirectorySearcher(de);
ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();
bool UserExist;
if(result != null)
{
UserExist = true;
}
else
{
UserExist = false;
}
return UserExist;
}

Please help
Jul 22 '05 #1
10 5240
COM exception is the type of error, not the error itself. Please post the
error itself...
And put a Try-Catch around your code!

It's probably an error with the parameters.

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"huzz" <hu**@discussions.microsoft.com> wrote in message
news:C9**********************************@microsof t.com...
I have web application that quaries the Active Directory to get user
details.. everything works fine but someday I'll get
System.Runtime.InteropServices.COMExection and if I restart the client
machine then it works again.

here is one of the method where am calling the AD

public bool UserExist(string UserName)
{

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
DirectorySearcher ds = new DirectorySearcher(de);
ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();
bool UserExist;
if(result != null)
{
UserExist = true;
}
else
{
UserExist = false;
}
return UserExist;
}

Please help

Jul 22 '05 #2
Nick thanks for your response.. the error message is shown below. Am trying
to get Email Address, Displayname from the active directory passing username
as the parameter.. do you think my method is wrong?? please help.. many
thanks again

[COMException (0x80072020): An operations error occurred]
System.DirectoryServices.DirectoryEntry.Bind(Boole an throwIfFail) +705
System.DirectoryServices.DirectoryEntry.Bind() +10
System.DirectoryServices.DirectoryEntry.get_AdsObj ect() +10
System.DirectoryServices.DirectorySearcher.FindAll (Boolean
findMoreThanOne) +199
System.DirectoryServices.DirectorySearcher.FindOne () +31
frs.ActiveDirectory.getUserDetails(String UserName) in
c:\inetpub\wwwroot\buildingservices\frs\classes\ac tivedirectory.cs:57
frs.request.Page_Load(Object sender, EventArgs e) in
c:\inetpub\wwwroot\buildingservices\frs\request.as px.cs:50
System.Web.UI.Control.OnLoad(EventArgs e) +67
System.Web.UI.Control.LoadRecursive() +35
System.Web.UI.Page.ProcessRequestMain() +750

"Nick Malik [Microsoft]" wrote:
COM exception is the type of error, not the error itself. Please post the
error itself...
And put a Try-Catch around your code!

It's probably an error with the parameters.

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"huzz" <hu**@discussions.microsoft.com> wrote in message
news:C9**********************************@microsof t.com...
I have web application that quaries the Active Directory to get user
details.. everything works fine but someday I'll get
System.Runtime.InteropServices.COMExection and if I restart the client
machine then it works again.

here is one of the method where am calling the AD

public bool UserExist(string UserName)
{

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
DirectorySearcher ds = new DirectorySearcher(de);
ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();
bool UserExist;
if(result != null)
{
UserExist = true;
}
else
{
UserExist = false;
}
return UserExist;
}

Please help


Jul 22 '05 #3
The active directory is a protected resource. Therefore, the only people
who have the right to see it are people who are in it. This means you won't
get an empty return set from your query... you'll get an error on Bind
(which you did) because an account that doesn't have access has no right to
bind.

What authentication mechanism is your app using? Do you allow anonymous
users?

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"huzz" <hu**@discussions.microsoft.com> wrote in message
news:E3**********************************@microsof t.com...
Nick thanks for your response.. the error message is shown below. Am
trying
to get Email Address, Displayname from the active directory passing
username
as the parameter.. do you think my method is wrong?? please help.. many
thanks again

[COMException (0x80072020): An operations error occurred]
System.DirectoryServices.DirectoryEntry.Bind(Boole an throwIfFail) +705
System.DirectoryServices.DirectoryEntry.Bind() +10
System.DirectoryServices.DirectoryEntry.get_AdsObj ect() +10
System.DirectoryServices.DirectorySearcher.FindAll (Boolean
findMoreThanOne) +199
System.DirectoryServices.DirectorySearcher.FindOne () +31
frs.ActiveDirectory.getUserDetails(String UserName) in
c:\inetpub\wwwroot\buildingservices\frs\classes\ac tivedirectory.cs:57
frs.request.Page_Load(Object sender, EventArgs e) in
c:\inetpub\wwwroot\buildingservices\frs\request.as px.cs:50
System.Web.UI.Control.OnLoad(EventArgs e) +67
System.Web.UI.Control.LoadRecursive() +35
System.Web.UI.Page.ProcessRequestMain() +750

"Nick Malik [Microsoft]" wrote:
COM exception is the type of error, not the error itself. Please post
the
error itself...
And put a Try-Catch around your code!

It's probably an error with the parameters.

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"huzz" <hu**@discussions.microsoft.com> wrote in message
news:C9**********************************@microsof t.com...
>I have web application that quaries the Active Directory to get user
> details.. everything works fine but someday I'll get
> System.Runtime.InteropServices.COMExection and if I restart the client
> machine then it works again.
>
> here is one of the method where am calling the AD
>
> public bool UserExist(string UserName)
> {
>
> DirectoryEntry de = new
> DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
> DirectorySearcher ds = new DirectorySearcher(de);
> ds.Filter = ("ObjectCategory=user");
> ds.Filter = ("samaccountname="+ UserName + "");
> SearchResult result = ds.FindOne();
> bool UserExist;
> if(result != null)
> {
> UserExist = true;
> }
> else
> {
> UserExist = false;
> }
> return UserExist;
> }
>
> Please help


Jul 23 '05 #4
Am using "Integrated Windows Authentication", it works fine but sometime the
user requires to log off and log back in to avoid the error message.

I've few other method that calls the AD, only this one causing problem.

"Nick Malik [Microsoft]" wrote:
The active directory is a protected resource. Therefore, the only people
who have the right to see it are people who are in it. This means you won't
get an empty return set from your query... you'll get an error on Bind
(which you did) because an account that doesn't have access has no right to
bind.

What authentication mechanism is your app using? Do you allow anonymous
users?

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"huzz" <hu**@discussions.microsoft.com> wrote in message
news:E3**********************************@microsof t.com...
Nick thanks for your response.. the error message is shown below. Am
trying
to get Email Address, Displayname from the active directory passing
username
as the parameter.. do you think my method is wrong?? please help.. many
thanks again

[COMException (0x80072020): An operations error occurred]
System.DirectoryServices.DirectoryEntry.Bind(Boole an throwIfFail) +705
System.DirectoryServices.DirectoryEntry.Bind() +10
System.DirectoryServices.DirectoryEntry.get_AdsObj ect() +10
System.DirectoryServices.DirectorySearcher.FindAll (Boolean
findMoreThanOne) +199
System.DirectoryServices.DirectorySearcher.FindOne () +31
frs.ActiveDirectory.getUserDetails(String UserName) in
c:\inetpub\wwwroot\buildingservices\frs\classes\ac tivedirectory.cs:57
frs.request.Page_Load(Object sender, EventArgs e) in
c:\inetpub\wwwroot\buildingservices\frs\request.as px.cs:50
System.Web.UI.Control.OnLoad(EventArgs e) +67
System.Web.UI.Control.LoadRecursive() +35
System.Web.UI.Page.ProcessRequestMain() +750

"Nick Malik [Microsoft]" wrote:
COM exception is the type of error, not the error itself. Please post
the
error itself...
And put a Try-Catch around your code!

It's probably an error with the parameters.

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"huzz" <hu**@discussions.microsoft.com> wrote in message
news:C9**********************************@microsof t.com...
>I have web application that quaries the Active Directory to get user
> details.. everything works fine but someday I'll get
> System.Runtime.InteropServices.COMExection and if I restart the client
> machine then it works again.
>
> here is one of the method where am calling the AD
>
> public bool UserExist(string UserName)
> {
>
> DirectoryEntry de = new
> DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
> DirectorySearcher ds = new DirectorySearcher(de);
> ds.Filter = ("ObjectCategory=user");
> ds.Filter = ("samaccountname="+ UserName + "");
> SearchResult result = ds.FindOne();
> bool UserExist;
> if(result != null)
> {
> UserExist = true;
> }
> else
> {
> UserExist = false;
> }
> return UserExist;
> }
>
> Please help


Jul 25 '05 #5
Is this the only one using DirectorySearcher?

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"huzz" <hu**@discussions.microsoft.com> wrote in message
news:FB**********************************@microsof t.com...
Am using "Integrated Windows Authentication", it works fine but sometime
the
user requires to log off and log back in to avoid the error message.

I've few other method that calls the AD, only this one causing problem.

"Nick Malik [Microsoft]" wrote:
The active directory is a protected resource. Therefore, the only people
who have the right to see it are people who are in it. This means you
won't
get an empty return set from your query... you'll get an error on Bind
(which you did) because an account that doesn't have access has no right
to
bind.

What authentication mechanism is your app using? Do you allow anonymous
users?

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"huzz" <hu**@discussions.microsoft.com> wrote in message
news:E3**********************************@microsof t.com...
> Nick thanks for your response.. the error message is shown below. Am
> trying
> to get Email Address, Displayname from the active directory passing
> username
> as the parameter.. do you think my method is wrong?? please help..
> many
> thanks again
>
> [COMException (0x80072020): An operations error occurred]
> System.DirectoryServices.DirectoryEntry.Bind(Boole an throwIfFail)
> +705
> System.DirectoryServices.DirectoryEntry.Bind() +10
> System.DirectoryServices.DirectoryEntry.get_AdsObj ect() +10
> System.DirectoryServices.DirectorySearcher.FindAll (Boolean
> findMoreThanOne) +199
> System.DirectoryServices.DirectorySearcher.FindOne () +31
> frs.ActiveDirectory.getUserDetails(String UserName) in
> c:\inetpub\wwwroot\buildingservices\frs\classes\ac tivedirectory.cs:57
> frs.request.Page_Load(Object sender, EventArgs e) in
> c:\inetpub\wwwroot\buildingservices\frs\request.as px.cs:50
> System.Web.UI.Control.OnLoad(EventArgs e) +67
> System.Web.UI.Control.LoadRecursive() +35
> System.Web.UI.Page.ProcessRequestMain() +750
>
>
>
> "Nick Malik [Microsoft]" wrote:
>
>> COM exception is the type of error, not the error itself. Please post
>> the
>> error itself...
>> And put a Try-Catch around your code!
>>
>> It's probably an error with the parameters.
>>
>> --
>> --- Nick Malik [Microsoft]
>> MCSD, CFPS, Certified Scrummaster
>> http://blogs.msdn.com/nickmalik
>>
>> Disclaimer: Opinions expressed in this forum are my own, and not
>> representative of my employer.
>> I do not answer questions on behalf of my employer. I'm just a
>> programmer helping programmers.
>> --
>> "huzz" <hu**@discussions.microsoft.com> wrote in message
>> news:C9**********************************@microsof t.com...
>> >I have web application that quaries the Active Directory to get user
>> > details.. everything works fine but someday I'll get
>> > System.Runtime.InteropServices.COMExection and if I restart the
>> > client
>> > machine then it works again.
>> >
>> > here is one of the method where am calling the AD
>> >
>> > public bool UserExist(string UserName)
>> > {
>> >
>> > DirectoryEntry de = new
>> > DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
>> > DirectorySearcher ds = new DirectorySearcher(de);
>> > ds.Filter = ("ObjectCategory=user");
>> > ds.Filter = ("samaccountname="+ UserName + "");
>> > SearchResult result = ds.FindOne();
>> > bool UserExist;
>> > if(result != null)
>> > {
>> > UserExist = true;
>> > }
>> > else
>> > {
>> > UserExist = false;
>> > }
>> > return UserExist;
>> > }
>> >
>> > Please help
>>
>>
>>


Jul 26 '05 #6
I've to more methods using the DirectorySearcher, here is the class

using System;
using System.DirectoryServices;
using System.Configuration;
using System.Collections;
using System.Web.UI;
using System.Drawing;
using System.Data;
using System.IO;
using System.Web;
using intranet.Classes;
namespace intranet
{
/// <summary>
/// Summary description for ldap.
/// </summary>
public class ActiveDirectory
{
public ActiveDirectory()
{
//
// TODO: Add constructor logic here
//

}
/// <summary>
/// This methods checks if a user exist in the Active Directory.
/// </summary>
/// <param name="UserName">Username</param>
/// <returns>bool</returns>
public bool UserExist(string UserName)
{

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
de.AuthenticationType = AuthenticationTypes.Secure;
try
{
DirectorySearcher ds = new DirectorySearcher(de);
//ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");

SearchResult result = ds.FindOne();
if(result == null)
{
return false;
}
}
catch(Exception ex)
{
throw new Exception("Error autenticating user." + ex.Message);
}
return true;
}
/// <summary>
/// Method to validate if a user exists in the AD.
/// </summary>
/// <param name="UserName"></param>
/// <returns></returns>
/*
public bool UserExists(string UserName)
{
DirectoryEntry de = ADHelper.GetDirectoryEntry();
DirectorySearcher deSearch = new DirectorySearcher();
deSearch.SearchRoot =de;
deSearch.Filter = "(&(objectClass=user) (cn=" + UserName +"))";
SearchResultCollection results = deSearch.FindAll();
if(results.Count == 0)
{
return false;
}
else
{
return true;
}
}
*/

/// <summary>
/// Gets User details from AD like user firstname, lastname, email etc.
/// </summary>
/// <param name="UserName">username</param>
/// <returns>array</returns>
public string[] getUserDetails(string UserName)
{

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
de.AuthenticationType = AuthenticationTypes.Secure;
string[] UserInfo = new string[3];

DirectorySearcher ds = new DirectorySearcher(de);
// ds.Filter = ("OU="+ GroupName + "");
ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();

try
{
if(result ==null)
{

UserInfo[0] = "Unknown";
UserInfo[1] = "Unknown";
return UserInfo;
}
}
catch(Exception ex)
{
throw new Exception("Error obtaining your details." + ex.Message);

}
UserInfo[0] =
result.GetDirectoryEntry().Properties["displayname"].Value.ToString();
UserInfo[1] =
result.GetDirectoryEntry().Properties["mail"].Value.ToString();
return UserInfo;

}
/// <summary>
/// This method checks if the logged on user is a member of a given
group in Active Directory.
/// Used to restrict access to certain area of the intranet.
/// </summary>
/// <param name="GroupName">Group name in AD</param>
/// <returns>bool</returns>
public bool IsMemberOf(string GroupName)
{

Security NTSecurity = new Security();
string UserName = NTSecurity.getLogonUser();

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
//DirectoryEntry de = new
DirectoryEntry("LDAP://OU="+GroupName+",DC=amersham,DC=ac,DC=uk",Configur ationSettings.AppSettings["ADUser"],ConfigurationSettings.AppSettings["ADPass"]);
de.AuthenticationType = AuthenticationTypes.Secure;
try
{
DirectorySearcher ds = new
DirectorySearcher(de,"sAMAccountName="+UserName);
//ds.Filter = ("OU="+ GroupName + "");
//ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();
if(result !=null)
{
return true;
}
}
catch(Exception ex)
{
throw new Exception("Access denied." + ex.Message);
}

return false;
}

}

}



"Nick Malik [Microsoft]" wrote:
Is this the only one using DirectorySearcher?

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"huzz" <hu**@discussions.microsoft.com> wrote in message
news:FB**********************************@microsof t.com...
Am using "Integrated Windows Authentication", it works fine but sometime
the
user requires to log off and log back in to avoid the error message.

I've few other method that calls the AD, only this one causing problem.

"Nick Malik [Microsoft]" wrote:
The active directory is a protected resource. Therefore, the only people
who have the right to see it are people who are in it. This means you
won't
get an empty return set from your query... you'll get an error on Bind
(which you did) because an account that doesn't have access has no right
to
bind.

What authentication mechanism is your app using? Do you allow anonymous
users?

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"huzz" <hu**@discussions.microsoft.com> wrote in message
news:E3**********************************@microsof t.com...
> Nick thanks for your response.. the error message is shown below. Am
> trying
> to get Email Address, Displayname from the active directory passing
> username
> as the parameter.. do you think my method is wrong?? please help..
> many
> thanks again
>
> [COMException (0x80072020): An operations error occurred]
> System.DirectoryServices.DirectoryEntry.Bind(Boole an throwIfFail)
> +705
> System.DirectoryServices.DirectoryEntry.Bind() +10
> System.DirectoryServices.DirectoryEntry.get_AdsObj ect() +10
> System.DirectoryServices.DirectorySearcher.FindAll (Boolean
> findMoreThanOne) +199
> System.DirectoryServices.DirectorySearcher.FindOne () +31
> frs.ActiveDirectory.getUserDetails(String UserName) in
> c:\inetpub\wwwroot\buildingservices\frs\classes\ac tivedirectory.cs:57
> frs.request.Page_Load(Object sender, EventArgs e) in
> c:\inetpub\wwwroot\buildingservices\frs\request.as px.cs:50
> System.Web.UI.Control.OnLoad(EventArgs e) +67
> System.Web.UI.Control.LoadRecursive() +35
> System.Web.UI.Page.ProcessRequestMain() +750
>
>
>
> "Nick Malik [Microsoft]" wrote:
>
>> COM exception is the type of error, not the error itself. Please post
>> the
>> error itself...
>> And put a Try-Catch around your code!
>>
>> It's probably an error with the parameters.
>>
>> --
>> --- Nick Malik [Microsoft]
>> MCSD, CFPS, Certified Scrummaster
>> http://blogs.msdn.com/nickmalik
>>
>> Disclaimer: Opinions expressed in this forum are my own, and not
>> representative of my employer.
>> I do not answer questions on behalf of my employer. I'm just a
>> programmer helping programmers.
>> --
>> "huzz" <hu**@discussions.microsoft.com> wrote in message
>> news:C9**********************************@microsof t.com...
>> >I have web application that quaries the Active Directory to get user
>> > details.. everything works fine but someday I'll get
>> > System.Runtime.InteropServices.COMExection and if I restart the
>> > client
>> > machine then it works again.
>> >
>> > here is one of the method where am calling the AD
>> >
>> > public bool UserExist(string UserName)
>> > {
>> >
>> > DirectoryEntry de = new
>> > DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
>> > DirectorySearcher ds = new DirectorySearcher(de);
>> > ds.Filter = ("ObjectCategory=user");
>> > ds.Filter = ("samaccountname="+ UserName + "");
>> > SearchResult result = ds.FindOne();
>> > bool UserExist;
>> > if(result != null)
>> > {
>> > UserExist = true;
>> > }
>> > else
>> > {
>> > UserExist = false;
>> > }
>> > return UserExist;
>> > }
>> >
>> > Please help
>>
>>
>>


Jul 27 '05 #7
Hello Huzz,

I haven't seen this particular problem before. I need to know exactly what
the user has to do to clear it.

You mentioned that you have to restart the client machine and you've
mentioned logging off and logging on. Does restarting the browser (only)
have any effect?

Do your users tend to connect to your site and stay there for a long period
of time with intermittent activity?

Does this happen when the user first connects to the site, or does it happen
when the user has been using the site for a while?

Does it make a difference in the behavior if the browser is left open to a
spot for 20 or more minutes? (e.g. does this only happen, or never happen,
or more frequently happen, when the session expires at some point during the
time when the user is on your site)?

Can you tell me anything about the people who experience this problem? Are
they using laptops or wireless networks? Is there something unique about
their accounts?
--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"huzz" <hu**@discussions.microsoft.com> wrote in message
news:DC**********************************@microsof t.com...
I've to more methods using the DirectorySearcher, here is the class

using System;
using System.DirectoryServices;
using System.Configuration;
using System.Collections;
using System.Web.UI;
using System.Drawing;
using System.Data;
using System.IO;
using System.Web;
using intranet.Classes;
namespace intranet
{
/// <summary>
/// Summary description for ldap.
/// </summary>
public class ActiveDirectory
{
public ActiveDirectory()
{
//
// TODO: Add constructor logic here
//

}
/// <summary>
/// This methods checks if a user exist in the Active Directory.
/// </summary>
/// <param name="UserName">Username</param>
/// <returns>bool</returns>
public bool UserExist(string UserName)
{

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
de.AuthenticationType = AuthenticationTypes.Secure;
try
{
DirectorySearcher ds = new DirectorySearcher(de);
//ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");

SearchResult result = ds.FindOne();
if(result == null)
{
return false;
}
}
catch(Exception ex)
{
throw new Exception("Error autenticating user." + ex.Message);
}
return true;
}
/// <summary>
/// Method to validate if a user exists in the AD.
/// </summary>
/// <param name="UserName"></param>
/// <returns></returns>
/*
public bool UserExists(string UserName)
{
DirectoryEntry de = ADHelper.GetDirectoryEntry();
DirectorySearcher deSearch = new DirectorySearcher();
deSearch.SearchRoot =de;
deSearch.Filter = "(&(objectClass=user) (cn=" + UserName +"))";
SearchResultCollection results = deSearch.FindAll();
if(results.Count == 0)
{
return false;
}
else
{
return true;
}
}
*/

/// <summary>
/// Gets User details from AD like user firstname, lastname, email
etc.
/// </summary>
/// <param name="UserName">username</param>
/// <returns>array</returns>
public string[] getUserDetails(string UserName)
{

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
de.AuthenticationType = AuthenticationTypes.Secure;
string[] UserInfo = new string[3];

DirectorySearcher ds = new DirectorySearcher(de);
// ds.Filter = ("OU="+ GroupName + "");
ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();

try
{
if(result ==null)
{

UserInfo[0] = "Unknown";
UserInfo[1] = "Unknown";
return UserInfo;
}
}
catch(Exception ex)
{
throw new Exception("Error obtaining your details." + ex.Message);

}
UserInfo[0] =
result.GetDirectoryEntry().Properties["displayname"].Value.ToString();
UserInfo[1] =
result.GetDirectoryEntry().Properties["mail"].Value.ToString();
return UserInfo;

}
/// <summary>
/// This method checks if the logged on user is a member of a given
group in Active Directory.
/// Used to restrict access to certain area of the intranet.
/// </summary>
/// <param name="GroupName">Group name in AD</param>
/// <returns>bool</returns>
public bool IsMemberOf(string GroupName)
{

Security NTSecurity = new Security();
string UserName = NTSecurity.getLogonUser();

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
//DirectoryEntry de = new
DirectoryEntry("LDAP://OU="+GroupName+",DC=amersham,DC=ac,DC=uk",Configur ationSettings.AppSettings["ADUser"],ConfigurationSettings.AppSettings["ADPass"]);
de.AuthenticationType = AuthenticationTypes.Secure;
try
{
DirectorySearcher ds = new
DirectorySearcher(de,"sAMAccountName="+UserName);
//ds.Filter = ("OU="+ GroupName + "");
//ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();
if(result !=null)
{
return true;
}
}
catch(Exception ex)
{
throw new Exception("Access denied." + ex.Message);
}

return false;
}

}

}



"Nick Malik [Microsoft]" wrote:
Is this the only one using DirectorySearcher?

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"huzz" <hu**@discussions.microsoft.com> wrote in message
news:FB**********************************@microsof t.com...
> Am using "Integrated Windows Authentication", it works fine but
> sometime
> the
> user requires to log off and log back in to avoid the error message.
>
> I've few other method that calls the AD, only this one causing problem.
>
> "Nick Malik [Microsoft]" wrote:
>
>> The active directory is a protected resource. Therefore, the only
>> people
>> who have the right to see it are people who are in it. This means you
>> won't
>> get an empty return set from your query... you'll get an error on Bind
>> (which you did) because an account that doesn't have access has no
>> right
>> to
>> bind.
>>
>> What authentication mechanism is your app using? Do you allow
>> anonymous
>> users?
>>
>> --
>> --- Nick Malik [Microsoft]
>> MCSD, CFPS, Certified Scrummaster
>> http://blogs.msdn.com/nickmalik
>>
>> Disclaimer: Opinions expressed in this forum are my own, and not
>> representative of my employer.
>> I do not answer questions on behalf of my employer. I'm just a
>> programmer helping programmers.
>> --
>> "huzz" <hu**@discussions.microsoft.com> wrote in message
>> news:E3**********************************@microsof t.com...
>> > Nick thanks for your response.. the error message is shown below. Am
>> > trying
>> > to get Email Address, Displayname from the active directory passing
>> > username
>> > as the parameter.. do you think my method is wrong?? please help..
>> > many
>> > thanks again
>> >
>> > [COMException (0x80072020): An operations error occurred]
>> > System.DirectoryServices.DirectoryEntry.Bind(Boole an throwIfFail)
>> > +705
>> > System.DirectoryServices.DirectoryEntry.Bind() +10
>> > System.DirectoryServices.DirectoryEntry.get_AdsObj ect() +10
>> > System.DirectoryServices.DirectorySearcher.FindAll (Boolean
>> > findMoreThanOne) +199
>> > System.DirectoryServices.DirectorySearcher.FindOne () +31
>> > frs.ActiveDirectory.getUserDetails(String UserName) in
>> > c:\inetpub\wwwroot\buildingservices\frs\classes\ac tivedirectory.cs:57
>> > frs.request.Page_Load(Object sender, EventArgs e) in
>> > c:\inetpub\wwwroot\buildingservices\frs\request.as px.cs:50
>> > System.Web.UI.Control.OnLoad(EventArgs e) +67
>> > System.Web.UI.Control.LoadRecursive() +35
>> > System.Web.UI.Page.ProcessRequestMain() +750
>> >
>> >
>> >
>> > "Nick Malik [Microsoft]" wrote:
>> >
>> >> COM exception is the type of error, not the error itself. Please
>> >> post
>> >> the
>> >> error itself...
>> >> And put a Try-Catch around your code!
>> >>
>> >> It's probably an error with the parameters.
>> >>
>> >> --
>> >> --- Nick Malik [Microsoft]
>> >> MCSD, CFPS, Certified Scrummaster
>> >> http://blogs.msdn.com/nickmalik
>> >>
>> >> Disclaimer: Opinions expressed in this forum are my own, and not
>> >> representative of my employer.
>> >> I do not answer questions on behalf of my employer. I'm just a
>> >> programmer helping programmers.
>> >> --
>> >> "huzz" <hu**@discussions.microsoft.com> wrote in message
>> >> news:C9**********************************@microsof t.com...
>> >> >I have web application that quaries the Active Directory to get
>> >> >user
>> >> > details.. everything works fine but someday I'll get
>> >> > System.Runtime.InteropServices.COMExection and if I restart the
>> >> > client
>> >> > machine then it works again.
>> >> >
>> >> > here is one of the method where am calling the AD
>> >> >
>> >> > public bool UserExist(string UserName)
>> >> > {
>> >> >
>> >> > DirectoryEntry de = new
>> >> > DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
>> >> > DirectorySearcher ds = new DirectorySearcher(de);
>> >> > ds.Filter = ("ObjectCategory=user");
>> >> > ds.Filter = ("samaccountname="+ UserName + "");
>> >> > SearchResult result = ds.FindOne();
>> >> > bool UserExist;
>> >> > if(result != null)
>> >> > {
>> >> > UserExist = true;
>> >> > }
>> >> > else
>> >> > {
>> >> > UserExist = false;
>> >> > }
>> >> > return UserExist;
>> >> > }
>> >> >
>> >> > Please help
>> >>
>> >>
>> >>
>>
>>
>>


Jul 28 '05 #8
Pip
I am also suffering from this problem. There does not appear to be any
pattern. It does not happen after a session timeout any more than
before. It does seem to happen more when the DC is busy, but that may
be becuase more people are using the website at that time as well. We
also sometimes get a different message, the text is 'The server is not
operational', I can't remember the error code, if it will be any help I
can find it. It is not specific to any particular user or users, even
the domain admins get the error sometimes. We do use the same dll in a
WinForms app as well as on the website, the WinForms app does not appear
to suffer from this problem any where near as much, possably not at all,
but again this may be due to the number of lookups the website does
compared to our WinForms app one per application instance.

*** Sent via Developersdex http://www.developersdex.com ***
Aug 2 '05 #9
One of my apps does AD lookups in the web site. However, the AD is an
expensive resource, and slow at times, so we cache the results in a set of
database tables. That way, when one person moves from activity to activity,
we don't have to keep coming back to the AD. We cache AD data for three
days, but provide a mechanism for our operations support team to refresh any
particular user by coming to a page and entering their ID.

I never see this error.

I don't know if this helps.

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"Pip" <Pip@devdex> wrote in message
news:%2****************@TK2MSFTNGP14.phx.gbl...
I am also suffering from this problem. There does not appear to be any
pattern. It does not happen after a session timeout any more than
before. It does seem to happen more when the DC is busy, but that may
be becuase more people are using the website at that time as well. We
also sometimes get a different message, the text is 'The server is not
operational', I can't remember the error code, if it will be any help I
can find it. It is not specific to any particular user or users, even
the domain admins get the error sometimes. We do use the same dll in a
WinForms app as well as on the website, the WinForms app does not appear
to suffer from this problem any where near as much, possably not at all,
but again this may be due to the number of lookups the website does
compared to our WinForms app one per application instance.

*** Sent via Developersdex http://www.developersdex.com ***

Aug 2 '05 #10
Pip
Thanks for your reply. We do now have a database available that is a
'copy' of AD and is updated each night. I have considered changing the
website to query the database instead of AD. In fact the database was
created so that a new system we are writing did not have to burden AD
with more LDAP queries. But the change is quite a big one and I was
trying to exhaust other options first, if the error is only due to
overloading the DC then changing to the database is a good idea, if the
errors are becuase I have done something wrong then I would prefer to
fix it.

*** Sent via Developersdex http://www.developersdex.com ***
Aug 3 '05 #11

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

7 posts views Thread by vivek | last post: by
9 posts views Thread by Mario Rodriguez | last post: by
7 posts views Thread by Mike | last post: by
5 posts views Thread by Terry Holland | last post: by
reply views Thread by =?Utf-8?B?bWNkb25hbXc=?= | last post: by
reply views Thread by Ronak mishra | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.